maxmichels

ik heb alles gedaan wat je gezegd hebt. alleen heb ik MBAM een volledige scan laten maken i.p.v. een quick scan. Hij was dan ook meer dan 3 uur bezig. hier de log van de MBAM: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4569 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 8-9-2010 15:10:04 mbam-log-2010-09-08 (15-10-04).txt Scantype: Volledige scan (C:\|X:\|) Objecten gescand: 418412 Verstreken tijd: 3 uur/uren, 22 minuut/minuten, 36 seconde(n) Geheugenprocessen geïnfecteerd: 1 Geheugenmodulen geïnfecteerd: 1 Registersleutels geïnfecteerd: 2 Registerwaarden geïnfecteerd: 5 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 1 Bestanden geïnfecteerd: 113 Geheugenprocessen geïnfecteerd: C:\WINDOWS\cfdrive32.exe (Trojan.Agent) -> Unloaded process successfully. Geheugenmodulen geïnfecteerd: c:\WINDOWS\SYSTEM32\sshnas21.dll (Trojan.FakeAlert) -> Delete on reboot. Registersleutels geïnfecteerd: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winauxp.exe (Rootkit.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg214-k641-12sf-n85p (Worm.Autorun. -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft driver setup (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\microsoft driver setup (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.Palevo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Worm.Palevo) -> Delete on reboot. Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (Worm.Autorun. -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Application Data\ohydy.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Application Data\digttuicl\tpootvfuqiw.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\135.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\2376741.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\cyac.exe (P2P.Worm) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\dcvkbgj.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\e7d1921d.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\eqhff.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\hcnc.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\rbilasr.exe (P2P.Worm) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\tjhgnt.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\01YZWTER\cgbvd[1].htm (Rogue.SecuritySuite) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\K12B4PEZ\evwdlf[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\K12B4PEZ\izqlfr[1].htm (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\K12B4PEZ\lctnltb[1].htm (P2P.Worm) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\STENOTMN\c57[1].exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\STENOTMN\xdhbwu[1].htm (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\W52RGHM7\cywnigxi[1].htm (P2P.Worm) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\W52RGHM7\nezgb[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\W52RGHM7\oytnvg[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\W52RGHM7\qhysq[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\W52RGHM7\vmdkfnhp[2].htm (Rogue.SecuritySuite) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\APTemp\APQ182.tmp (Backdoor.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Application Data\ohydy.exe (Heuristics.Shuriken) -> Delete on reboot. C:\Documents and Settings\Marja\Local Settings\Temp\0020.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\0112.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\0450988.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\056111.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\05865.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\080921.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\23261.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\50397.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\800595.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\81047.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\8315.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\831706.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\860.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\869.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\872.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\874714.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\8750646.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\92955.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\2370086.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\2469.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\24705.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\2888925.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\2890494.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\3141.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\3257.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\339.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\349.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\5776.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\62359.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\1034386.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\15528.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\17135.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\203.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\2260.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\38390.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\3901203.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\41402.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\457735.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\46802.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\659.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\66133.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\6643.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\6857.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\694606.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\711.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\72288.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Marja\Local Settings\Temp\784.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Application Data\ohydy.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhb.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhc.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhd.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhe.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhf.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhg.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhh.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhi.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\Zhj.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\thuurs.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\9109.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temp\A8.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\4GVG3N3L\c57[1].exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\4GVG3N3L\izqlfr[2].htm (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\4GVG3N3L\qhysq[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\4GVG3N3L\qhysq[2].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\4GVG3N3L\nezgb[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\5IRCCZPJ\izqlfr[1].htm (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\7LELNM2G\nezgb[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Mijn documenten\guitar-pro-5-2i.exe (Trojan.StartPage) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP1\A0002003.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP1\A0003030.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP2\A0003067.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP2\A0003068.exe (Backdoor.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP2\A0003070.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP2\A0003071.exe (Trojan.VirTool) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP3\A0003312.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Zzugya.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\DRIVERS\qzvuqfuu.sys (Rootkit.Agent) -> Delete on reboot. C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Bureaublad\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Menu Start\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Menu Start\Programma's\Opstarten\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\sshnas21.dll (Trojan.FakeAlert) -> Delete on reboot. C:\WINDOWS\SYSTEM32\winauxp.exe (Rootkit.Agent) -> Delete on reboot. C:\Documents and Settings\Max\Local Settings\Temp\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\Max\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\cfdrive32.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully. en hier de log van hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:16:20, on 8-9-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Laptops, PCs, Desktop Computers, Monitors, Printers & PC Accessories | Dell UK R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Laptops, PCs, Desktop Computers, Monitors, Printers & PC Accessories | Dell UK R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLime.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242495739796 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242495727515 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?e=1225289290150&h=d2c83b976c12431601eb1364331faf30/&filename=jinstall-6u10-windows-i586-jc.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 11594 bytes

Ik heb hijack this geinstalleerd en een scan gemaakt, vreemd genoeg is het virus vandaag al minder aanwezig als gister, alleen geeft explorer steeds foutmeldingen. Dit terwijl ik nog niks verwijderd heb. hier is de logfile Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:35:15, on 8-9-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\cfdrive32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\explorer.exe C:\DOCUME~1\Marja\LOCALS~1\Temp\50397.exe C:\DOCUME~1\Marja\LOCALS~1\Temp\5272.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\dwwin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Laptops, PCs, Desktop Computers, Monitors, Printers & PC Accessories | Dell UK R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Laptops, PCs, Desktop Computers, Monitors, Printers & PC Accessories | Dell UK R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLime.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLime.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\cfdrive32.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242495739796 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242495727515 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jdk/6u10/jinstall-6u10-windows-i586-jc.cab?e=1225289290150&h=d2c83b976c12431601eb1364331faf30/&filename=jinstall-6u10-windows-i586-jc.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 12260 bytes

hey, ik had last van een virus op mijn pc, antimalware doctor om precies te zijn. omdat ik het niet kon bestrijden heb ik alle belangrijke bestanden van die pc op een externe harde schijf weten te kopieeren. kan ik deze bestanden nu nog gewoon op een andere pc zetten of zijn deze nu geinfecteerd? zo ja, hoe voorkom ik dat de andere pc ook geinfecteerd word? max