windowsmark

haha sry

Yannick, ik weet niet of je er iets groots van verwacht had met die geheime vraag maar dat is het dus niet. het enige wat ik bedacht had was: ga hier heen:http://support.live.com klik dan op windows live ID en dan kunnen zij het achterhalen.

aer en bjorntju, naar evaring helpt het om je wachtwoord te updaten. 1. ga hier heen: http://account.live.com. 2. klik op: aanmeleden met ander account/ Sign in with a different account. 3. vul je e-mail adres in en klik dan op: password vergeten/ Forgot your password. 4. volg de stappen en maak een nieuw wachtwoord aan laat even weten of het gelukt is. als je je geheime vraag vergeten bent weet ik er ook nog wel wat voor dus laat maar horen.

je kan gewoon een bookmarks balk maken net zo handig.

oke! wat mij betreft kan deze topic gesloten worden. Ik kom jullie nog wel eens ergens tegen op de site. hoi hoi BEDANKT!

haha ja, maar kan ik msn gewoon weer installeren?

en msn kan ik nu gewoon weer installeren?

Ik heb antivir XP dat is duits volgens mij hoe kan ik die het beste helemaal verwijderen?

haha ik ben ondertussen al member geworden i.p.v. newbie . Top site is dit man! Ik blijf:D

kan ik niet beter eerst die AVG en AntiVir allebei er op zetten en dan pas Norton eraf halen. wat hij verloopt nu weer op 1-2-08

is er geen goed + gratis programma wat een beetje het zelfde is als norton?

Norton was verlopen. en verlengen kost € of niet?

Hijack This Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:23:57, on 25-1-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\ps2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Wyzo\wyzo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\RunOnce: [aero] RunDll32.exe shell32.dll,Control_RunDLL desk.cpl,,2 O4 - HKLM\..\RunOnce: [cleartmp] C:\WINDOWS\System32\cleartmp.bat O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing) O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- End of file - 5203 bytes

in de linker kolom staat bij mij alleen : - Cleaner - Register - Gereedschap - Opties dus geen 'programma's' ?

ComboFix 08-01-23.1C - Compaq_Eigenaar 2008-01-25 18:35:48.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.693 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Compaq_Eigenaar\Bureaublad\ComboFix.exe Command switches used :: C:\Documents and Settings\Compaq_Eigenaar\Bureaublad\CFScript.txt * Nieuw herstelpunt werd aangemaakt FILE C:\asswegsh.exe C:\WINDOWS\system32\ctl3dv.dll C:\WINDOWS\system32\drivers\kpihvhgk.dat C:\WINDOWS\system32\drvnep.dll C:\WINDOWS\system32\RVAXO.bat . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\asswegsh.exe C:\Program Files\e-texaspoker client C:\Program Files\e-texaspoker client\key.txt C:\Program Files\Full Tilt Poker C:\Program Files\Full Tilt Poker\Cache\42D4EB830001.dc C:\Program Files\Full Tilt Poker\Markioso.dat C:\RVAXO C:\RVAXO\qmgr0.dat C:\RVAXO\results.log C:\WINDOWS\system32\ctl3dv.dll C:\WINDOWS\system32\drivers\kpihvhgk.dat C:\WINDOWS\system32\drvnep.dll C:\WINDOWS\system32\RVAXO.bat . (((((((((((((((((((( Bestanden Gemaakt van 2007-12-25 to 2008-01-25 )))))))))))))))))))))))))))))) . 2008-01-25 12:06 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-25 12:06 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-25 12:06 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-25 12:06 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-25 12:06 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-25 12:06 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-25 12:06 . 2008-01-25 12:06 2,300 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-24 23:40 . 2008-01-24 23:40 <DIR> d-------- C:\Program Files\CodeStuff 2008-01-24 23:18 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-24 21:05 . 2008-01-25 14:11 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-01-24 21:05 . 2008-01-24 21:05 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-01-24 19:07 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe 2008-01-24 14:56 . 2008-01-24 14:56 <DIR> d-------- C:\Program Files\iPod 2008-01-24 14:46 . 2008-01-24 20:09 <DIR> d-------- C:\Program Files\Wyzo 2008-01-21 17:00 . 2008-01-24 23:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-21 17:00 . 2008-01-24 14:57 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-21 16:56 . 2008-01-21 16:56 <DIR> d-------- C:\Program Files\DAEMON Tools 2008-01-21 16:54 . 2008-01-21 16:54 <DIR> d-------- C:\Program Files\SymNetDrv 2008-01-21 16:49 . 2008-01-21 16:49 <DIR> d-------- C:\Compaq_Eigenaar 2008-01-18 13:37 . 2008-01-21 16:49 <DIR> d-------- C:\Program Files\Activision(3) 2008-01-16 23:37 . 2008-01-16 23:37 54,608 --a------ C:\WINDOWS\system32\xfcodec.dll 2008-01-15 18:48 . 2008-01-16 18:03 <DIR> d-------- C:\WINDOWS\system32\nl-nl 2008-01-13 18:34 . 2008-01-13 18:34 <DIR> d-------- C:\Program Files\Trend Micro 2008-01-10 20:11 . 2008-01-21 16:53 <DIR> d-------- C:\Program Files\Activision 2008-01-10 14:27 . 2008-01-25 15:01 <DIR> d-------- C:\Program Files\Xfire 2007-12-27 22:46 . 2008-01-18 13:37 <DIR> d-------- C:\Program Files\ES - Eather Server Vista Client V2.0 2007-12-27 19:52 . 2001-09-06 19:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-12-27 19:52 . 2001-09-06 19:04 12,288 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys 2007-12-27 19:51 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-12-27 19:51 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\dllcache\hidusb.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-25 13:11 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-01-24 21:56 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-24 17:59 --------- d-----w C:\Program Files\AVPersonal 2008-01-24 13:34 --------- d-----w C:\Program Files\Java 2008-01-23 15:49 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-21 15:54 --------- d-----w C:\Program Files\Symantec 2008-01-21 15:53 --------- d-----w C:\Program Files\Hitman Pro 2008-01-21 15:48 --------- d-----w C:\Program Files\KalOnlineEng 2008-01-10 18:42 74,240 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys 2008-01-10 18:42 56,832 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys 2007-12-28 09:49 --------- d-----w C:\Program Files\Guild Wars 2007-12-22 11:01 --------- d-----w C:\Program Files\iTunes 2007-12-22 10:59 --------- d-----w C:\Program Files\QuickTime 2007-12-22 10:57 --------- d-----w C:\Program Files\Apple Software Update 2005-07-29 14:24 472 -csha-r C:\WINDOWS\TWFyayBOb3JicnVpcw\nqIVuV1ivaL2wBpDwT.vbs . ((((((((((((((((((((((((((((( snapshot@2008-01-24_23.39.03.59 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-24 22:19:12 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT + 2008-01-25 17:35:09 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT - 2008-01-24 22:19:12 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat + 2008-01-25 17:35:09 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat - 2008-01-24 22:19:12 1,421,312 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT + 2008-01-25 17:35:09 1,421,312 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT - 2008-01-24 22:19:12 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat + 2008-01-25 17:35:09 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat - 2008-01-24 22:19:12 5,689,344 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat + 2008-01-25 17:35:09 5,689,344 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\ntuser.dat - 2008-01-24 22:19:12 192,512 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-25 17:35:09 188,416 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 20:13 98304] "URLLSTCK.exe"="c:\Program Files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 01:29 33936] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 17:22 58984] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2008-01-13 12:51 100056] "RAMDrive"="C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" [ ] "AlcWzrd"="ALCWZRD.EXE" [2005-02-18 21:32 2754560 C:\WINDOWS\ALCWZRD.EXE] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 22:54 253952] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-12 00:34 6729728] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"= 0 (0x0) "NoMovingBands"= 0 (0x0) "NoCloseDragDropBands"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="LogonUI.EXE" R2 AVWUpSrv;AntiVir Update;"C:\Program Files\AVPersonal\AVWUPSRV.EXE" [2005-10-13 16:32] S0 xsqynnyk;xsqynnyk;C:\WINDOWS\system32\drivers\kpihvhgk.dat [] S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 12:02] S3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS [2004-11-30 19:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71bc2f1c-8726-11dc-ade9-0013d42048e4}] \Shell\AutoRun\command - O:\LaunchU3.exe -a . Inhoud van de 'Gedeelde Taken' map "2007-12-22 10:57:27 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-01-25 14:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe "2005-01-02 00:12:46 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-25 18:42:37 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2008-01-25 18:45:57 - machine was rebooted [Compaq_Eigenaar] ComboFix-quarantined-files.txt 2008-01-25 17:45:55 ComboFix2.txt 2008-01-25 11:38:37 ComboFix3.txt 2008-01-24 22:39:21 . 2008-01-22 02:29:34 --- E O F --- M'n PC word sneller en sneller ! top man

Hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:05:29, on 25-1-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ps2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\ALCWZRD.EXE C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7ACED46D-F203-443D-BD06-1622E7FCF7D5} - C:\WINDOWS\system32\ctl3dv.dll O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing) O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- End of file - 5130 bytes Combofix ComboFix 08-01-23.1B - Compaq_Eigenaar 2008-01-25 12:27:38.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.710 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Compaq_Eigenaar\Mijn documenten\PC leeg maken\ComboFix.exe . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\ctl3dv.dll . . . . konden niet verwijderd worden . (((((((((((((((((((( Bestanden Gemaakt van 2007-12-25 to 2008-01-25 )))))))))))))))))))))))))))))) . 2008-01-25 12:06 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-25 12:06 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-25 12:06 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-25 12:06 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-25 12:06 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-25 12:06 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-25 12:06 . 2008-01-25 12:06 2,300 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-24 23:40 . 2008-01-24 23:40 <DIR> d-------- C:\Program Files\CodeStuff 2008-01-24 23:18 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-24 21:05 . 2008-01-24 21:06 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-01-24 21:05 . 2008-01-24 21:05 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-01-24 19:35 . 2008-01-24 19:35 103,936 --a------ C:\WINDOWS\system32\drvnep.dll 2008-01-24 19:35 . 2008-01-24 19:35 3,584 --a------ C:\asswegsh.exe 2008-01-24 19:13 . 2008-01-24 19:36 <DIR> d-------- C:\RVAXO 2008-01-24 19:07 . 2008-01-24 19:12 626,383 --a------ C:\WINDOWS\system32\RVAXO.bat 2008-01-24 19:07 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe 2008-01-24 14:56 . 2008-01-24 14:56 <DIR> d-------- C:\Program Files\iPod 2008-01-24 14:46 . 2008-01-24 20:09 <DIR> d-------- C:\Program Files\Wyzo 2008-01-21 17:00 . 2008-01-24 23:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-21 17:00 . 2008-01-24 14:57 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-21 16:56 . 2008-01-21 16:56 <DIR> d-------- C:\Program Files\DAEMON Tools 2008-01-21 16:54 . 2008-01-21 16:54 <DIR> d-------- C:\Program Files\SymNetDrv 2008-01-21 16:49 . 2008-01-21 16:49 <DIR> d-------- C:\Compaq_Eigenaar 2008-01-18 13:37 . 2008-01-21 16:49 <DIR> d-------- C:\Program Files\Activision(3) 2008-01-16 23:37 . 2008-01-16 23:37 54,608 --a------ C:\WINDOWS\system32\xfcodec.dll 2008-01-15 18:48 . 2008-01-16 18:03 <DIR> d-------- C:\WINDOWS\system32\nl-nl 2008-01-13 18:34 . 2008-01-13 18:34 <DIR> d-------- C:\Program Files\Trend Micro 2008-01-10 20:11 . 2008-01-21 16:53 <DIR> d-------- C:\Program Files\Activision 2008-01-10 14:27 . 2008-01-21 21:27 <DIR> d-------- C:\Program Files\Xfire 2007-12-27 22:46 . 2008-01-18 13:37 <DIR> d-------- C:\Program Files\ES - Eather Server Vista Client V2.0 2007-12-27 19:52 . 2001-09-06 19:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-12-27 19:52 . 2001-09-06 19:04 12,288 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys 2007-12-27 19:51 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-12-27 19:51 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\dllcache\hidusb.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-24 21:56 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-24 20:06 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-01-24 17:59 --------- d-----w C:\Program Files\AVPersonal 2008-01-24 13:34 --------- d-----w C:\Program Files\Java 2008-01-23 15:49 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-23 15:49 --------- d-----w C:\Program Files\Full Tilt Poker 2008-01-21 15:54 --------- d-----w C:\Program Files\Symantec 2008-01-21 15:53 --------- d-----w C:\Program Files\Hitman Pro 2008-01-21 15:48 --------- d-----w C:\Program Files\KalOnlineEng 2008-01-10 18:42 74,240 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys 2008-01-10 18:42 56,832 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys 2007-12-28 09:49 --------- d-----w C:\Program Files\Guild Wars 2007-12-22 11:01 --------- d-----w C:\Program Files\iTunes 2007-12-22 10:59 --------- d-----w C:\Program Files\QuickTime 2007-12-22 10:57 --------- d-----w C:\Program Files\Apple Software Update 2007-12-06 19:06 19,456 ----a-w C:\WINDOWS\system32\drivers\kpihvhgk.dat 2007-11-28 16:26 --------- d-----w C:\Program Files\e-texaspoker client 2005-07-29 14:24 472 -csha-r C:\WINDOWS\TWFyayBOb3JicnVpcw\nqIVuV1ivaL2wBpDwT.vbs . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7ACED46D-F203-443D-BD06-1622E7FCF7D5}] 2004-08-04 13:00 103680 --a------ C:\WINDOWS\system32\ctl3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 20:13 98304] "URLLSTCK.exe"="c:\Program Files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 01:29 33936] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 17:22 58984] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2008-01-13 12:51 100056] "RAMDrive"="C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" [ ] "AlcWzrd"="ALCWZRD.EXE" [2005-02-18 21:32 2754560 C:\WINDOWS\ALCWZRD.EXE] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 22:54 253952] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-12 00:34 6729728] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"= 0 (0x0) "NoMovingBands"= 0 (0x0) "NoCloseDragDropBands"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="LogonUI.EXE" R0 xsqynnyk;xsqynnyk;C:\WINDOWS\system32\drivers\kpihvhgk.dat [] R2 AVWUpSrv;AntiVir Update;"C:\Program Files\AVPersonal\AVWUPSRV.EXE" [2005-10-13 16:32] S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 12:02] S3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS [2004-11-30 19:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71bc2f1c-8726-11dc-ade9-0013d42048e4}] \Shell\AutoRun\command - O:\LaunchU3.exe -a . Inhoud van de 'Gedeelde Taken' map "2007-12-22 10:57:27 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-01-18 14:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe "2005-01-02 00:12:46 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-25 12:35:04 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2008-01-25 12:38:37 - machine was rebooted ComboFix-quarantined-files.txt 2008-01-25 11:38:34 ComboFix2.txt 2008-01-24 22:39:21 . 2008-01-22 02:29:34 --- E O F --- SmitFraud Fix SmitFraudFix v2.274 Scan done at 12:06:37,92, vr 25-01-2008 Run from C:\Documents and Settings\Compaq_Eigenaar\Bureaublad\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [versie 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix.exe by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{4A38127F-D3C2-4DC9-8FCC-B645E11067CA}: DhcpNameServer=195.121.1.34 195.121.1.66 HKLM\SYSTEM\CS1\Services\Tcpip\..\{4A38127F-D3C2-4DC9-8FCC-B645E11067CA}: DhcpNameServer=195.121.1.34 195.121.1.66 HKLM\SYSTEM\CS3\Services\Tcpip\..\{4A38127F-D3C2-4DC9-8FCC-B645E11067CA}: DhcpNameServer=195.121.1.34 195.121.1.66 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=195.121.1.34 195.121.1.66 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=195.121.1.34 195.121.1.66 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=195.121.1.34 195.121.1.66 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End

O2 - BHO: (no name) - {7ACED46D-F203-443D-BD06-1622E7FCF7D5} - C:\WINDOWS\system32\ctl3dv.dll Krijg ik niet verwijderd want elke keer als ik dan op FIX CHECKED druk dan krijg ik deze error: Hijack is about to remove a BHO and the corresponding file from your system. Close all Internet Explorer windows AND all windows explorer windows before........

die opstart punten heb ik er nu idd ook af gehaald. me [cword sneller en sneller

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:44:50, on 24-1-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\ps2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\AGRSMMSG.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\ALCWZRD.EXE C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Xfire\xfire.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Wyzo\wyzo.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Documents and Settings\Compaq_Eigenaar\Mijn documenten\PC leeg maken\ATF-Cleaner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - C:\WINDOWS\system32\bpkwb.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: (no name) - {7ACED46D-F203-443D-BD06-1622E7FCF7D5} - C:\WINDOWS\system32\ctl3dv.dll O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [bpk] C:\WINDOWS\system32\bpk.exe O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe (file missing) O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\swdsvc.exe (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- End of file - 5881 bytes

ComboFix 08-01-23.1B - Compaq_Eigenaar 2008-01-24 23:21:41.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.585 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Compaq_Eigenaar\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\LocalService\Application Data\NetMon C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt C:\Program Files\Common Files\{00000~1 C:\Program Files\Common Files\{00000~1\-0429-050126050000}\Update.exe C:\Program Files\Common Files\{C0790~1 C:\Program Files\Common Files\cloader C:\Program Files\Common Files\cloader\32vegas\logos\32vegas_Logo.ico C:\Program Files\Common Files\cloader\32vegas\logos\cloader_idrpr.exe C:\Program Files\Common Files\cloader\32vegas\logos\Interop.IWshRuntimeLibrary.dll C:\Program Files\Common Files\misc002 C:\Program Files\Common Files\misc002\DXC.exe C:\Program Files\deskbar C:\Program Files\deskbar\about.html C:\Program Files\deskbar\basis.xml C:\Program Files\deskbar\deskbar.crc C:\Program Files\deskbar\deskbar.inf C:\Program Files\deskbar\icons.bmp C:\Program Files\deskbar\inst.bat C:\Program Files\deskbar\mbback.bmp C:\Program Files\deskbar\mbbigopen.bmp C:\Program Files\deskbar\mbclose.bmp C:\Program Files\deskbar\mbfwd.bmp C:\Program Files\deskbar\mblogo.bmp C:\Program Files\deskbar\mbsep.bmp C:\Program Files\deskbar\options.html C:\Program Files\deskbar\softomate.gif C:\Program Files\deskbar\Thumbs.db C:\Program Files\deskbar\version.txt C:\Program Files\newdotnet C:\Program Files\newdotnet\nncore.dll C:\Program Files\newdotnet\nnrun.exe C:\Program Files\newdotnet\readme.html C:\Program Files\newdotnet\uninstall.exe C:\Program Files\newdotnet\uninstall6_38-1.exe C:\Program Files\newdotnet\uninstall7_48.exe C:\Program Files\outerinfo C:\Program Files\outerinfo\OinFP.exe~ C:\Program Files\outerinfo\OiUninstaller.exe C:\Program Files\outerinfo\outerinfo.ico C:\Program Files\spoolsv.exe C:\Program Files\surfsidekick 3 C:\Program Files\surfsidekick 3\Ssk.exe C:\Program Files\surfsidekick 3\SskBho.dll C:\Program Files\surfsidekick 3\SskCore.dll C:\Program Files\thesearchaccelerator C:\Program Files\thesearchaccelerator\INSTALL.LOG C:\Program Files\thesearchaccelerator\IUCmore.dll C:\Program Files\thesearchaccelerator\logo.ico C:\Program Files\thesearchaccelerator\TBlogin.users.ucmore.com.4.5.40.0 C:\Program Files\thesearchaccelerator\Thumbs.db C:\Program Files\thesearchaccelerator\toolbar.cfg C:\Program Files\thesearchaccelerator\UCMTSAIE.dll C:\Program Files\thesearchaccelerator\UNWISE.EXE C:\Program Files\webhancer C:\Program Files\webhancer\Programs\license.txt C:\Program Files\webhancer\Programs\readme.txt C:\Program Files\webhancer\Programs\sporder.dll C:\Program Files\webhancer\Programs\webhdll.dll C:\Program Files\webhancer\Programs\whagent.exe C:\Program Files\webhancer\Programs\whagent.ini C:\Program Files\webhancer\Programs\whinstaller.exe C:\Program Files\webhancer\whAgent_update.exe C:\WINDOWS\avp.exe C:\WINDOWS\Downloaded Program Files\UDC6_0001_D19M1908NetInstaller.exe C:\WINDOWS\keyboard1.dat C:\WINDOWS\mgrs.exe C:\WINDOWS\NDNuninstall6_38-1.exe C:\WINDOWS\NDNuninstall6_38.exe C:\WINDOWS\NDNuninstall7_48.exe C:\WINDOWS\newname.dat C:\WINDOWS\system32\atqwayro.dll C:\WINDOWS\system32\ctl3dv.1 C:\WINDOWS\system32\drvnepr.dll C:\WINDOWS\system32\kvnshanu.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\nqstv.ini C:\WINDOWS\system32\nqstv.ini2 C:\WINDOWS\system32\nssE.dll C:\WINDOWS\system32\rk.bin C:\WINDOWS\system32\rlls.dll C:\WINDOWS\system32\rqronom.dll C:\WINDOWS\system32\unahsnvk.dll C:\WINDOWS\system32\vtsqn(2).dll C:\WINDOWS\system32\vtsqn.dll C:\WINDOWS\system32\winhab32.dll C:\WINDOWS\system32\yayayww.dll C:\WINDOWS\uninstall_nmon.vbs C:\WINDOWS\winlog.exe C:\WINDOWS\system32\ctl3dv.dll . . . . konden niet verwijderd worden . (((((((((((((((((((( Bestanden Gemaakt van 2007-12-24 to 2008-01-24 )))))))))))))))))))))))))))))) . 2008-01-24 23:18 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-24 21:05 . 2008-01-24 21:06 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe 2008-01-24 21:05 . 2008-01-24 21:05 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe 2008-01-24 19:35 . 2008-01-24 19:35 103,936 --a------ C:\WINDOWS\system32\drvnep.dll 2008-01-24 19:35 . 2008-01-24 19:35 3,584 --a------ C:\asswegsh.exe 2008-01-24 19:13 . 2008-01-24 19:36 <DIR> d-------- C:\RVAXO 2008-01-24 19:07 . 2008-01-24 19:12 626,383 --a------ C:\WINDOWS\system32\RVAXO.bat 2008-01-24 19:07 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe 2008-01-24 14:56 . 2008-01-24 14:56 <DIR> d-------- C:\Program Files\iPod 2008-01-24 14:46 . 2008-01-24 20:09 <DIR> d-------- C:\Program Files\Wyzo 2008-01-21 17:00 . 2008-01-24 23:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-21 17:00 . 2008-01-24 14:57 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-21 16:56 . 2008-01-21 16:56 <DIR> d-------- C:\Program Files\DAEMON Tools 2008-01-21 16:54 . 2008-01-21 16:54 <DIR> d-------- C:\Program Files\SymNetDrv 2008-01-21 16:49 . 2008-01-21 16:49 <DIR> d-------- C:\Compaq_Eigenaar 2008-01-18 13:37 . 2008-01-21 16:49 <DIR> d-------- C:\Program Files\Activision(3) 2008-01-16 23:37 . 2008-01-16 23:37 54,608 --a------ C:\WINDOWS\system32\xfcodec.dll 2008-01-15 18:48 . 2008-01-16 18:03 <DIR> d-------- C:\WINDOWS\system32\nl-nl 2008-01-13 18:34 . 2008-01-13 18:34 <DIR> d-------- C:\Program Files\Trend Micro 2008-01-10 20:11 . 2008-01-21 16:53 <DIR> d-------- C:\Program Files\Activision 2008-01-10 14:27 . 2008-01-21 21:27 <DIR> d-------- C:\Program Files\Xfire 2007-12-27 22:46 . 2008-01-18 13:37 <DIR> d-------- C:\Program Files\ES - Eather Server Vista Client V2.0 2007-12-27 19:52 . 2001-09-06 19:04 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-12-27 19:52 . 2001-09-06 19:04 12,288 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys 2007-12-27 19:51 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-12-27 19:51 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\dllcache\hidusb.sys 2007-12-24 15:51 . 2007-12-24 15:51 <DIR> d-------- C:\Programs . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-24 21:56 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-01-24 20:06 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-01-24 17:59 --------- d-----w C:\Program Files\AVPersonal 2008-01-24 13:34 --------- d-----w C:\Program Files\Java 2008-01-23 15:49 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-23 15:49 --------- d-----w C:\Program Files\Full Tilt Poker 2008-01-21 15:56 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-01-21 15:54 --------- d-----w C:\Program Files\Symantec 2008-01-21 15:53 --------- d-----w C:\Program Files\Hitman Pro 2008-01-21 15:50 --------- d-----w C:\Program Files\MSN Messenger 2008-01-21 15:48 --------- d-----w C:\Program Files\KalOnlineEng 2008-01-10 18:42 74,240 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys 2008-01-10 18:42 56,832 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys 2007-12-28 09:49 --------- d-----w C:\Program Files\Guild Wars 2007-12-22 11:01 --------- d-----w C:\Program Files\iTunes 2007-12-22 10:59 --------- d-----w C:\Program Files\QuickTime 2007-12-22 10:57 --------- d-----w C:\Program Files\Apple Software Update 2007-12-06 19:06 19,456 ----a-w C:\WINDOWS\system32\drivers\kpihvhgk.dat 2007-11-28 16:26 --------- d-----w C:\Program Files\e-texaspoker client 2005-07-29 14:24 472 -csha-r C:\WINDOWS\TWFyayBOb3JicnVpcw\nqIVuV1ivaL2wBpDwT.vbs . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}] C:\WINDOWS\system32\bpkwb.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7ACED46D-F203-443D-BD06-1622E7FCF7D5}] 2004-08-04 13:00 103680 --a------ C:\WINDOWS\system32\ctl3dv.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [ ] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-09-18 15:16 171464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-12 00:34 6729728] "PS2"="C:\WINDOWS\system32\ps2.exe" [2003-09-12 20:13 98304] "bpk"="C:\WINDOWS\system32\bpk.exe" [ ] "URLLSTCK.exe"="c:\Program Files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 01:29 33936] "ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 17:22 58984] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 18:06 88363 C:\WINDOWS\AGRSMMSG.exe] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 17:04 52736] "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 23:10 61952 C:\WINDOWS\system32\Hdaudpropshortcut.exe] "SoundMan"="SOUNDMAN.EXE" [2005-02-21 21:49 90112 C:\WINDOWS\SOUNDMAN.EXE] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2008-01-13 12:51 100056] "RAMDrive"="C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" [ ] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-12 00:34 86016] "AlcWzrd"="ALCWZRD.EXE" [2005-02-18 21:32 2754560 C:\WINDOWS\ALCWZRD.EXE] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 21:43 233472] "nwiz"="nwiz.exe" [2005-05-12 00:34 1519616 C:\WINDOWS\system32\nwiz.exe] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 22:54 253952] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048] C:\Documents and Settings\Compaq_Eigenaar\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 18:16:50 113664] Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-01-16 23:37:12 2872144] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 03:44:06 29696] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-10 19:01:25 67128] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoBandCustomize"= 0 (0x0) "NoMovingBands"= 0 (0x0) "NoCloseDragDropBands"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="LogonUI.EXE" R0 xsqynnyk;xsqynnyk;C:\WINDOWS\system32\drivers\kpihvhgk.dat [] R2 AVWUpSrv;AntiVir Update;"C:\Program Files\AVPersonal\AVWUPSRV.EXE" [2005-10-13 16:32] S3 hitmanpro2;Hitman Pro 2 Driver;C:\Program Files\Hitman Pro\hitmanpro2.sys [2006-11-03 12:02] S3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS [2004-11-30 19:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71bc2f1c-8726-11dc-ade9-0013d42048e4}] \Shell\AutoRun\command - O:\LaunchU3.exe -a . Inhoud van de 'Gedeelde Taken' map "2007-12-22 10:57:27 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-01-18 14:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job" - C:\Program Files\Norton Security Scan\Nss.exe "2005-01-02 00:12:46 C:\WINDOWS\Tasks\Symantec NetDetect.job" - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-24 23:35:27 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2008-01-24 23:39:21 - machine was rebooted ComboFix-quarantined-files.txt 2008-01-24 22:39:18 . 2008-01-22 02:29:34 --- E O F ---

---RVAXO.exe Updated: 2008-01-24---first run--- Files found: C:\WINDOWS\system32\adssite_sidebar_uninstall.exe C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\adssite_sidebar.dll C:\WINDOWS\system32\winver.exe C:\WINDOWS\b.exe Uninstallers Rogue scanners: OneStepSearch uninstaller found Folders Found: C:\Documents and Settings\Compaq_Eigenaar\Application Data\ShoppingReport C:\Program Files\OneStepSearch C:\Program Files\Common Files\{C0790CB5-0C81-1043-0429-05012605001f} Hosts-file was reset, If you use a custom hosts file please replace it... --------------RVAXO.exe last run--------------- Files found: C:\WINDOWS\system32\winver.exe Folders Found: --------------RVAXO.exe finished---------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:25:01, on 24-1-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\AGRSMMSG.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Wyzo\wyzo.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\ALCWZRD.EXE C:\HP\KBD\KBD.EXE C:\WINDOWS\system32\rundll32.exe C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Xfire\xfire.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [bpk] C:\WINDOWS\system32\bpk.exe O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [c0790c1a] rundll32.exe "C:\WINDOWS\system32\unahsnvk.dll",b O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 2.3 .lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- End of file - 7162 bytes

Ik ga het nu allemaal doen, betreft de snelheid van mijn PC. het opstarten gaat alleen nog erg traag. Ik heb zo'n FBI bootscreen kan je me vertellen hoe ik die er af kan halen. En ook krijg ik bij het op starten deze error: Runner Error Runner file name (LogitechDesktopMessenger.exe) lacks a '-' (the app id seperator)

oke en hoe ga ik dan terug naar fabriek?

wat is dat ccAPP?

Ik heb alles gedaan. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:36:25, on 24-1-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe c:\Program Files\Common Files\Symantec Shared\ccProxy.exe c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe c:\Program Files\Norton Internet Security\ISSVC.exe c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVWUPSRV.EXE c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\QTTask.exe C:\WINDOWS\AGRSMMSG.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\HP\KBD\KBD.EXE C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Wyzo\wyzo.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Yahoo! Search Marketing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [bpk] C:\WINDOWS\system32\bpk.exe O4 - HKLM\..\Run: [urlLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [Malware Scanner] C:\Program Files\MalwareRemover.com\Malware Scanner\MalScr.exe O4 - HKCU\..\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OpenOffice.org 2.3 .lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll (file missing) O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe