tiello
-
Items
8 -
Registratiedatum
-
Laatst bezocht
tiello's prestaties
-
Beste kape, Ik wil je hartelijk bedanken voor de hulp. Het is eindelijk opgelost en als er in de toekomst meerdere problemen zijn weet ik waar ik moet zijn. Nogmaals Bedankt!!!! tiello
-
Hoi kape, ben bezig geweest met afbeeldingen opslaan , in een aantal progamma's krijg ik dat wel voor elkaar maar als ik nog in het mapje '' Mijn afbeeldingen'' wil opslaan slaat het vast, En ook in een aantal andere progamma's. Dus weet eigenlijk niet meer hoe of wat. Groetjes Tiello
-
ok dat heb ik weer gedaan, wat ik niet doorgegeven heb is dat toen ik dit de eerste keer dit moest doen het kladblok met geen mogelijkheid opgeslagen kreeg en toen het script in word opsloeg en toen naar combifix had gesleept , deze gaf toen aan dat het niet kon en hij een kladblok nodig had. Toen na een aantal keer proberen lukte me dat eindelijk. Dus misschien heb ik daar iets verkeerd gedaan de eerste keer. Ik heb nu het kladblok wel in combifix gesleept dus ik hoop dat het nu goed is. In elk geval alvast bedankt voor alle hulp die ik krijg, ben er erg blij mee!! Tiello ComboFix 10-01-15.05 - Gebruiker 16-01-2010 11:12:20.4.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1414 [GMT 1:00] Gestart vanuit: c:\documents and settings\Gebruiker\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Gebruiker\Bureaublad\CFScript.txt..txt AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FILE :: "c:\documents and settings\Gebruiker\Application Data\Simply Super Software\Trojan Remover\dgy111.exe" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Gebruiker\Application Data\Simply Super Software\Trojan Remover\dgy111.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-16 to 2010-01-16 )))))))))))))))))))))))))))))) . 2010-01-13 15:13 . 2010-01-13 15:13 388096 ----a-r- c:\documents and settings\Gebruiker\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-13 15:13 . 2010-01-13 15:13 -------- d-----w- c:\program files\TrendMicro 2010-01-10 18:58 . 2010-01-10 18:58 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Temp 2010-01-10 18:57 . 2010-01-10 18:58 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Deployment 2010-01-10 17:38 . 2010-01-10 17:38 0 ----a-w- c:\windows\nsreg.dat 2010-01-10 17:38 . 2010-01-10 17:38 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Mozilla 2010-01-10 10:05 . 2010-01-10 10:05 -------- d-----w- c:\program files\Photo Story 3 for Windows 2010-01-10 09:55 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2010-01-03 21:16 . 2010-01-09 09:03 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Emerald 2010-01-03 21:14 . 2010-01-03 21:16 -------- d-----w- c:\program files\Emerald Viewer 2009-12-30 18:53 . 2010-01-16 09:45 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\SecondLife 2009-12-30 18:53 . 2010-01-15 10:08 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\SecondLife 2009-12-30 18:44 . 2010-01-10 10:20 -------- d-----w- c:\program files\PhotoFiltre Studio X 2009-12-27 17:35 . 2009-12-30 21:46 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\gtk-2.0 2009-12-27 17:35 . 2009-12-27 17:35 -------- d-----w- c:\documents and settings\Gebruiker\.thumbnails 2009-12-27 17:34 . 2009-12-30 21:57 -------- d-----w- c:\documents and settings\Gebruiker\.gimp-2.6 2009-12-23 21:24 . 2009-12-23 21:24 -------- d-sh--w- c:\documents and settings\Gebruiker\IECompatCache 2009-12-22 21:22 . 2009-12-22 21:22 -------- d-sh--w- c:\documents and settings\Gebruiker\PrivacIE 2009-12-22 21:20 . 2009-12-22 21:20 -------- d-sh--w- c:\documents and settings\Gebruiker\IETldCache 2009-12-22 21:18 . 2009-10-29 07:44 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-12-22 21:18 . 2009-10-29 07:44 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-12-22 21:18 . 2010-01-10 17:43 -------- d-----w- c:\windows\ie8updates 2009-12-22 21:18 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-12-22 21:15 . 2009-10-29 07:46 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-12-22 21:15 . 2009-10-29 07:46 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll 2009-12-21 21:13 . 2010-01-10 18:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-21 21:12 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll 2009-12-21 21:12 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll 2009-12-21 21:12 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll 2009-12-21 21:12 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll 2009-12-21 21:12 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll 2009-12-21 21:12 . 2009-12-21 21:13 -------- d-----w- c:\program files\Trojan Remover 2009-12-21 21:12 . 2009-12-21 21:12 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Simply Super Software 2009-12-21 21:12 . 2009-12-21 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-16 08:44 . 2009-08-18 21:44 13896 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-01-15 10:08 . 2009-10-12 17:01 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Azureus 2010-01-15 09:47 . 2009-10-16 23:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-13 14:14 . 2009-10-12 17:00 -------- d-----w- c:\program files\Vuze 2010-01-07 15:07 . 2009-10-16 23:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-10-16 23:38 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-06 22:53 . 2008-02-08 09:04 -------- d-----w- c:\program files\Java 2010-01-06 19:08 . 2009-12-01 20:37 79488 ----a-w- c:\documents and settings\Gebruiker\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-02 15:15 . 2007-12-17 11:12 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-30 19:31 . 2007-12-17 11:31 45416 -c--a-w- c:\documents and settings\Gebruiker\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-30 18:28 . 2009-02-27 13:00 -------- d-----w- c:\program files\Jasc Software Inc 2009-12-30 17:48 . 2008-02-08 08:34 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-29 22:21 . 2009-11-03 09:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-12-21 21:17 . 2009-05-31 10:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Hema Album Software Advanced 2009-12-16 22:10 . 2008-11-15 00:30 -------- d-----w- c:\program files\CCleaner 2009-12-11 07:23 . 2006-03-02 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat 2009-12-11 07:23 . 2006-03-02 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat 2009-12-02 13:12 . 2009-12-02 13:12 33868 ---ha-w- c:\windows\system32\mlfcache.dat 2009-12-02 13:12 . 2008-04-09 08:55 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Apple Computer 2009-11-24 18:16 . 2009-11-24 17:56 112943 ----a-w- c:\windows\hpoins11.dat 2009-11-24 18:16 . 2009-11-24 18:16 -------- d-----w- c:\program files\Hewlett-Packard 2009-11-24 18:15 . 2009-11-24 18:15 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2009-11-24 17:19 . 2009-11-24 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-23 22:15 . 2009-11-23 22:15 -------- d-----w- c:\program files\QuickTime 2009-11-23 22:11 . 2009-10-29 10:48 -------- d-----w- c:\program files\Safari 2009-11-23 22:08 . 2009-11-23 22:08 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe 2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-19 09:52 . 2009-11-19 09:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems 2009-11-19 09:47 . 2009-11-19 09:47 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared 2009-11-18 09:04 . 2008-04-09 08:43 -------- d-----w- c:\program files\LimeWire 2009-11-18 07:19 . 2008-11-21 10:41 -------- d-----w- c:\program files\Common Files\Ambrasoft 2009-11-17 22:41 . 2008-12-18 16:41 -------- d-----w- c:\program files\Google 2009-11-17 22:19 . 2008-12-22 20:23 -------- d-----w- c:\program files\iTunes 2009-11-17 22:19 . 2008-04-09 08:54 -------- d-----w- c:\program files\Common Files\Apple 2009-11-17 21:59 . 2008-02-08 10:25 -------- d-----w- c:\program files\ACD Systems 2009-11-10 07:50 . 2008-04-09 08:37 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-11-03 09:05 . 2008-04-09 08:37 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-11-03 09:05 . 2008-02-08 08:35 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-11-03 09:05 . 2008-10-02 15:22 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-11-02 23:29 . 2009-11-02 23:29 10686001 ----a-w- c:\documents and settings\Gebruiker\Application Data\Azureus\plugins\azump\mplayer.exe 2009-10-29 07:46 . 2006-03-02 12:00 832512 ------w- c:\windows\system32\wininet.dll 2009-10-29 07:46 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:40 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2006-03-02 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys . ((((((((((((((((((((((((((((( SnapShot@2010-01-15_09.33.36 ))))))))))))))))))))))))))))))))))))))))) . + 2010-01-16 08:43 . 2010-01-16 08:43 16384 c:\windows\Temp\Perflib_Perfdata_f4.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "Google Update"="c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-10 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416] "SkyTel"="SkyTel.EXE" [2007-06-15 1826816] "nwiz"="nwiz.exe" [2006-10-31 1622016] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 77824] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-01-01 2033432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-12-21 1070984] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Snelle start.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Snelle start.lnk backup=c:\windows\pss\Adobe Acrobat Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] 2004-10-08 10:52 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2006-10-31 06:35 7634944 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2006-10-31 06:35 86016 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2006-10-31 06:35 1622016 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-07-05 08:08 16380416 ------r- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2007-06-15 08:45 1826816 ------r- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 (0x3) "gusvc"=3 (0x3) "Bonjour Service"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\SecondLife\\SLVoice.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\SecondLife\\SecondLife.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Emerald Viewer\\SLVoice.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9-4-2008 9:37 333192] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9-4-2008 9:37 360584] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [3-11-2009 10:05 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3-11-2009 10:05 285392] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 17:19 13592] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 MSI43XX;802.11bg Wireless Network Adapter;c:\windows\system32\drivers\ms68bm.SYS [15-8-2008 14:54 265728] . Inhoud van de 'Gedeelde Taken' map 2010-01-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34] 2010-01-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1897051121-839522115-1004Core.job - c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-10 18:58] 2010-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1897051121-839522115-1004UA.job - c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-10 18:58] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uInternet Settings,ProxyOverride = *.local Trusted Zone: xstreetsl.com\www DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab FF - ProfilePath - c:\documents and settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\6kmfn01n.default\ FF - plugin: c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-16 11:17 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Voltooingstijd: 2010-01-16 11:18:59 ComboFix-quarantined-files.txt 2010-01-16 10:18 ComboFix2.txt 2010-01-15 18:19 ComboFix3.txt 2010-01-15 10:02 ComboFix4.txt 2010-01-15 09:35 Pre-Run: 8.263.241.728 bytes beschikbaar Post-Run: 8.224.952.320 bytes beschikbaar - - End Of File - - C2D475053A096C63ED5A873A7B7EA21E
-
Nog even het volgende als ik in een fotobewerkings programma zit en wil een foto openen als nieuw bestand slaat dat programma ook vast en kan ik hem alleen maar aflsluiten door alt-ctrl-del in te drukken Kan dat dus ook nog niet Tiello
-
Ik kan nu wel opslaan in mijn map ontvangen bestanden maar ik kan nog steeds niet opslaan naar de map 'mijn afbeeldingen' Tiello ComboFix 10-01-15.01 - Gebruiker 15-01-2010 19:13:48.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1500 [GMT 1:00] Gestart vanuit: c:\documents and settings\Gebruiker\Mijn documenten\Downloads\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-15 to 2010-01-15 )))))))))))))))))))))))))))))) . 2010-01-13 15:13 . 2010-01-13 15:13 388096 ----a-r- c:\documents and settings\Gebruiker\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-13 15:13 . 2010-01-13 15:13 -------- d-----w- c:\program files\TrendMicro 2010-01-10 18:58 . 2010-01-10 18:58 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Temp 2010-01-10 18:57 . 2010-01-10 18:58 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Deployment 2010-01-10 18:26 . 2009-12-11 17:05 3613560 ----a-w- c:\documents and settings\Gebruiker\Application Data\Simply Super Software\Trojan Remover\dgy111.exe 2010-01-10 17:38 . 2010-01-10 17:38 0 ----a-w- c:\windows\nsreg.dat 2010-01-10 17:38 . 2010-01-10 17:38 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Mozilla 2010-01-10 10:05 . 2010-01-10 10:05 -------- d-----w- c:\program files\Photo Story 3 for Windows 2010-01-10 09:55 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2010-01-03 21:16 . 2010-01-09 09:03 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Emerald 2010-01-03 21:14 . 2010-01-03 21:16 -------- d-----w- c:\program files\Emerald Viewer 2009-12-30 18:53 . 2010-01-15 16:22 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\SecondLife 2009-12-30 18:53 . 2010-01-15 10:08 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\SecondLife 2009-12-30 18:44 . 2010-01-10 10:20 -------- d-----w- c:\program files\PhotoFiltre Studio X 2009-12-27 17:35 . 2009-12-30 21:46 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\gtk-2.0 2009-12-27 17:35 . 2009-12-27 17:35 -------- d-----w- c:\documents and settings\Gebruiker\.thumbnails 2009-12-27 17:34 . 2009-12-30 21:57 -------- d-----w- c:\documents and settings\Gebruiker\.gimp-2.6 2009-12-23 21:24 . 2009-12-23 21:24 -------- d-sh--w- c:\documents and settings\Gebruiker\IECompatCache 2009-12-22 21:22 . 2009-12-22 21:22 -------- d-sh--w- c:\documents and settings\Gebruiker\PrivacIE 2009-12-22 21:20 . 2009-12-22 21:20 -------- d-sh--w- c:\documents and settings\Gebruiker\IETldCache 2009-12-22 21:18 . 2009-10-29 07:44 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-12-22 21:18 . 2009-10-29 07:44 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-12-22 21:18 . 2010-01-10 17:43 -------- d-----w- c:\windows\ie8updates 2009-12-22 21:18 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-12-22 21:15 . 2009-10-29 07:46 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-12-22 21:15 . 2009-10-29 07:46 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll 2009-12-21 21:13 . 2010-01-10 18:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-21 21:12 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll 2009-12-21 21:12 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll 2009-12-21 21:12 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll 2009-12-21 21:12 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll 2009-12-21 21:12 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll 2009-12-21 21:12 . 2009-12-21 21:13 -------- d-----w- c:\program files\Trojan Remover 2009-12-21 21:12 . 2009-12-21 21:12 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Simply Super Software 2009-12-21 21:12 . 2009-12-21 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-15 10:08 . 2009-10-12 17:01 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Azureus 2010-01-15 09:47 . 2009-10-16 23:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-15 07:22 . 2009-08-18 21:44 13896 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-01-13 14:14 . 2009-10-12 17:00 -------- d-----w- c:\program files\Vuze 2010-01-07 15:07 . 2009-10-16 23:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-10-16 23:38 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-06 22:53 . 2008-02-08 09:04 -------- d-----w- c:\program files\Java 2010-01-06 19:08 . 2009-12-01 20:37 79488 ----a-w- c:\documents and settings\Gebruiker\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-02 15:15 . 2007-12-17 11:12 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-30 19:31 . 2007-12-17 11:31 45416 -c--a-w- c:\documents and settings\Gebruiker\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-30 18:28 . 2009-02-27 13:00 -------- d-----w- c:\program files\Jasc Software Inc 2009-12-30 17:48 . 2008-02-08 08:34 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-29 22:21 . 2009-11-03 09:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-12-21 21:17 . 2009-05-31 10:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Hema Album Software Advanced 2009-12-16 22:10 . 2008-11-15 00:30 -------- d-----w- c:\program files\CCleaner 2009-12-11 07:23 . 2006-03-02 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat 2009-12-11 07:23 . 2006-03-02 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat 2009-12-02 13:12 . 2009-12-02 13:12 33868 ---ha-w- c:\windows\system32\mlfcache.dat 2009-12-02 13:12 . 2008-04-09 08:55 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Apple Computer 2009-11-24 18:16 . 2009-11-24 17:56 112943 ----a-w- c:\windows\hpoins11.dat 2009-11-24 18:16 . 2009-11-24 18:16 -------- d-----w- c:\program files\Hewlett-Packard 2009-11-24 18:15 . 2009-11-24 18:15 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2009-11-24 17:19 . 2009-11-24 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-23 22:15 . 2009-11-23 22:15 -------- d-----w- c:\program files\QuickTime 2009-11-23 22:11 . 2009-10-29 10:48 -------- d-----w- c:\program files\Safari 2009-11-23 22:08 . 2009-11-23 22:08 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe 2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-19 09:52 . 2009-11-19 09:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems 2009-11-19 09:47 . 2009-11-19 09:47 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared 2009-11-18 09:04 . 2008-04-09 08:43 -------- d-----w- c:\program files\LimeWire 2009-11-18 07:19 . 2008-11-21 10:41 -------- d-----w- c:\program files\Common Files\Ambrasoft 2009-11-17 22:41 . 2008-12-18 16:41 -------- d-----w- c:\program files\Google 2009-11-17 22:19 . 2008-12-22 20:23 -------- d-----w- c:\program files\iTunes 2009-11-17 22:19 . 2008-04-09 08:54 -------- d-----w- c:\program files\Common Files\Apple 2009-11-17 21:59 . 2008-02-08 10:25 -------- d-----w- c:\program files\ACD Systems 2009-11-10 07:50 . 2008-04-09 08:37 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-11-03 09:05 . 2008-04-09 08:37 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-11-03 09:05 . 2008-02-08 08:35 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-11-03 09:05 . 2008-10-02 15:22 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-11-02 23:29 . 2009-11-02 23:29 10686001 ----a-w- c:\documents and settings\Gebruiker\Application Data\Azureus\plugins\azump\mplayer.exe 2009-10-29 07:46 . 2006-03-02 12:00 832512 ------w- c:\windows\system32\wininet.dll 2009-10-29 07:46 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:40 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2006-03-02 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "Google Update"="c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-10 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416] "SkyTel"="SkyTel.EXE" [2007-06-15 1826816] "nwiz"="nwiz.exe" [2006-10-31 1622016] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 77824] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-01-01 2033432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-12-21 1070984] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Snelle start.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Snelle start.lnk backup=c:\windows\pss\Adobe Acrobat Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] 2004-10-08 10:52 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2006-10-31 06:35 7634944 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2006-10-31 06:35 86016 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2006-10-31 06:35 1622016 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-07-05 08:08 16380416 ------r- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2007-06-15 08:45 1826816 ------r- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 (0x3) "gusvc"=3 (0x3) "Bonjour Service"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\SecondLife\\SLVoice.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\SecondLife\\SecondLife.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Emerald Viewer\\SLVoice.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9-4-2008 9:37 333192] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9-4-2008 9:37 360584] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [3-11-2009 10:05 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3-11-2009 10:05 285392] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 17:19 13592] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 MSI43XX;802.11bg Wireless Network Adapter;c:\windows\system32\drivers\ms68bm.SYS [15-8-2008 14:54 265728] . Inhoud van de 'Gedeelde Taken' map 2010-01-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34] 2010-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1897051121-839522115-1004Core.job - c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-10 18:58] 2010-01-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1897051121-839522115-1004UA.job - c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-10 18:58] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uInternet Settings,ProxyOverride = *.local Trusted Zone: xstreetsl.com\www DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab FF - ProfilePath - c:\documents and settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\6kmfn01n.default\ FF - plugin: c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-15 19:18 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2220) c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-01-15 19:19:51 ComboFix-quarantined-files.txt 2010-01-15 18:19 ComboFix2.txt 2010-01-15 10:02 ComboFix3.txt 2010-01-15 09:35 Pre-Run: 8.573.034.496 bytes beschikbaar Post-Run: 8.709.480.448 bytes beschikbaar - - End Of File - - 47C02B2215A17BDD048B38635F55B8FD
-
even een vraag als combifix heeft gedraait komt er ook een uitdraai in kladblok , moet ik deze ook kopieren naar bericht hier? tiello ---------- Post toegevoegd om 10:56 ---------- Vorige post was om 10:51 ---------- Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 10:55:13, on 15-1-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AVG\AVG9\avgnsx.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\explorer.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35[1].exe" /scan:boot O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202462155296 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 7415 bytes ---------- Post toegevoegd om 11:04 ---------- Vorige post was om 10:56 ---------- Ik heb nu van beide progamma's alles gekopieert en hierin geplakt ! Tiello ComboFix 10-01-14.02 - Gebruiker 15-01-2010 10:58:29.2.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2047.1474 [GMT 1:00] Gestart vanuit: c:\documents and settings\Gebruiker\Mijn documenten\Downloads\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . (((((((((((((((((((( Bestanden Gemaakt van 2009-12-15 to 2010-01-15 )))))))))))))))))))))))))))))) . 2010-01-13 15:13 . 2010-01-13 15:13 388096 ----a-r- c:\documents and settings\Gebruiker\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-01-13 15:13 . 2010-01-13 15:13 -------- d-----w- c:\program files\TrendMicro 2010-01-10 18:58 . 2010-01-10 18:58 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Temp 2010-01-10 18:57 . 2010-01-10 18:58 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Deployment 2010-01-10 18:26 . 2009-12-11 17:05 3613560 ----a-w- c:\documents and settings\Gebruiker\Application Data\Simply Super Software\Trojan Remover\dgy111.exe 2010-01-10 17:38 . 2010-01-10 17:38 0 ----a-w- c:\windows\nsreg.dat 2010-01-10 17:38 . 2010-01-10 17:38 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Mozilla 2010-01-10 10:05 . 2010-01-10 10:05 -------- d-----w- c:\program files\Photo Story 3 for Windows 2010-01-10 09:55 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2010-01-03 21:16 . 2010-01-09 09:03 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\Emerald 2010-01-03 21:14 . 2010-01-03 21:16 -------- d-----w- c:\program files\Emerald Viewer 2009-12-30 18:53 . 2010-01-15 09:04 -------- d-----w- c:\documents and settings\Gebruiker\Local Settings\Application Data\SecondLife 2009-12-30 18:53 . 2010-01-14 13:59 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\SecondLife 2009-12-30 18:44 . 2010-01-10 10:20 -------- d-----w- c:\program files\PhotoFiltre Studio X 2009-12-27 17:35 . 2009-12-30 21:46 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\gtk-2.0 2009-12-27 17:35 . 2009-12-27 17:35 -------- d-----w- c:\documents and settings\Gebruiker\.thumbnails 2009-12-27 17:34 . 2009-12-30 21:57 -------- d-----w- c:\documents and settings\Gebruiker\.gimp-2.6 2009-12-23 21:24 . 2009-12-23 21:24 -------- d-sh--w- c:\documents and settings\Gebruiker\IECompatCache 2009-12-22 21:22 . 2009-12-22 21:22 -------- d-sh--w- c:\documents and settings\Gebruiker\PrivacIE 2009-12-22 21:20 . 2009-12-22 21:20 -------- d-sh--w- c:\documents and settings\Gebruiker\IETldCache 2009-12-22 21:18 . 2009-10-29 07:44 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-12-22 21:18 . 2009-10-29 07:44 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-12-22 21:18 . 2010-01-10 17:43 -------- d-----w- c:\windows\ie8updates 2009-12-22 21:18 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-12-22 21:15 . 2009-10-29 07:46 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-12-22 21:15 . 2009-10-29 07:46 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll 2009-12-21 21:13 . 2010-01-10 18:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-21 21:12 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll 2009-12-21 21:12 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll 2009-12-21 21:12 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll 2009-12-21 21:12 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll 2009-12-21 21:12 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll 2009-12-21 21:12 . 2009-12-21 21:13 -------- d-----w- c:\program files\Trojan Remover 2009-12-21 21:12 . 2009-12-21 21:12 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Simply Super Software 2009-12-21 21:12 . 2009-12-21 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-15 09:47 . 2009-10-16 23:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-15 07:22 . 2009-08-18 21:44 13896 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-01-13 22:53 . 2009-10-12 17:01 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Azureus 2010-01-13 14:14 . 2009-10-12 17:00 -------- d-----w- c:\program files\Vuze 2010-01-07 15:07 . 2009-10-16 23:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-10-16 23:38 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-06 22:53 . 2008-02-08 09:04 -------- d-----w- c:\program files\Java 2010-01-06 19:08 . 2009-12-01 20:37 79488 ----a-w- c:\documents and settings\Gebruiker\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-02 15:15 . 2007-12-17 11:12 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-30 19:31 . 2007-12-17 11:31 45416 -c--a-w- c:\documents and settings\Gebruiker\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-30 18:28 . 2009-02-27 13:00 -------- d-----w- c:\program files\Jasc Software Inc 2009-12-30 17:48 . 2008-02-08 08:34 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-29 22:21 . 2009-11-03 09:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-12-21 21:17 . 2009-05-31 10:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Hema Album Software Advanced 2009-12-16 22:10 . 2008-11-15 00:30 -------- d-----w- c:\program files\CCleaner 2009-12-11 07:23 . 2006-03-02 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat 2009-12-11 07:23 . 2006-03-02 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat 2009-12-02 13:12 . 2009-12-02 13:12 33868 ---ha-w- c:\windows\system32\mlfcache.dat 2009-12-02 13:12 . 2008-04-09 08:55 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Apple Computer 2009-11-24 18:16 . 2009-11-24 17:56 112943 ----a-w- c:\windows\hpoins11.dat 2009-11-24 18:16 . 2009-11-24 18:16 -------- d-----w- c:\program files\Hewlett-Packard 2009-11-24 18:15 . 2009-11-24 18:15 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2009-11-24 17:19 . 2009-11-24 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-11-23 22:15 . 2009-11-23 22:15 -------- d-----w- c:\program files\QuickTime 2009-11-23 22:11 . 2009-10-29 10:48 -------- d-----w- c:\program files\Safari 2009-11-23 22:08 . 2009-11-23 22:08 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe 2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-11-19 09:52 . 2009-11-19 09:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems 2009-11-19 09:47 . 2009-11-19 09:47 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared 2009-11-18 09:04 . 2008-04-09 08:43 -------- d-----w- c:\program files\LimeWire 2009-11-18 07:19 . 2008-11-21 10:41 -------- d-----w- c:\program files\Common Files\Ambrasoft 2009-11-17 22:41 . 2008-12-18 16:41 -------- d-----w- c:\program files\Google 2009-11-17 22:19 . 2008-12-22 20:23 -------- d-----w- c:\program files\iTunes 2009-11-17 22:19 . 2008-04-09 08:54 -------- d-----w- c:\program files\Common Files\Apple 2009-11-17 21:59 . 2008-02-08 10:25 -------- d-----w- c:\program files\ACD Systems 2009-11-10 07:50 . 2008-04-09 08:37 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-11-03 09:05 . 2008-04-09 08:37 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-11-03 09:05 . 2008-02-08 08:35 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-11-03 09:05 . 2008-10-02 15:22 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2009-11-02 23:29 . 2009-11-02 23:29 10686001 ----a-w- c:\documents and settings\Gebruiker\Application Data\Azureus\plugins\azump\mplayer.exe 2009-10-29 07:46 . 2006-03-02 12:00 832512 ------w- c:\windows\system32\wininet.dll 2009-10-29 07:46 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:40 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:40 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2006-03-02 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "Google Update"="c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-10 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416] "SkyTel"="SkyTel.EXE" [2007-06-15 1826816] "nwiz"="nwiz.exe" [2006-10-31 1622016] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "SoundMan"="SOUNDMAN.EXE" [2005-01-20 77824] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-01-01 2033432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-31 86016] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2009-12-21 1070984] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Snelle start.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Snelle start.lnk backup=c:\windows\pss\Adobe Acrobat Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] 2004-10-08 10:52 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2006-10-31 06:35 7634944 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2006-10-31 06:35 86016 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2006-10-31 06:35 1622016 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-07-05 08:08 16380416 ------r- c:\windows\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] 2007-06-15 08:45 1826816 ------r- c:\windows\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 (0x3) "gusvc"=3 (0x3) "Bonjour Service"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\SecondLife\\SLVoice.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\SecondLife\\SecondLife.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\AVG\\AVG9\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Emerald Viewer\\SLVoice.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9-4-2008 9:37 333192] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9-4-2008 9:37 360584] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [3-11-2009 10:05 906520] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3-11-2009 10:05 285392] S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 17:19 13592] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 MSI43XX;802.11bg Wireless Network Adapter;c:\windows\system32\drivers\ms68bm.SYS [15-8-2008 14:54 265728] . Inhoud van de 'Gedeelde Taken' map 2010-01-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34] 2010-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1897051121-839522115-1004Core.job - c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-10 18:58] 2010-01-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1897051121-839522115-1004UA.job - c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-10 18:58] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uInternet Settings,ProxyOverride = *.local Trusted Zone: xstreetsl.com\www DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab FF - ProfilePath - c:\documents and settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\6kmfn01n.default\ FF - plugin: c:\documents and settings\Gebruiker\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-01-15 11:01 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2032) c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2010-01-15 11:02:42 ComboFix-quarantined-files.txt 2010-01-15 10:02 ComboFix2.txt 2010-01-15 09:35 Pre-Run: 9.002.987.520 bytes beschikbaar Post-Run: 8.999.690.240 bytes beschikbaar - - End Of File - - BED60B4DEA53F9DEDB710ADE5043EC21
-
Hoi Kweezie, Ik heb gedaan wat je doorgaf , hieronder heb ik het gekopieert Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 16:14:01, on 13-1-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe C:\Program Files\Vuze\Azureus.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35[1].exe" /scan:boot O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1202462155296 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8139 bytes Tiello
-
Wie kan mij helpen bij het volgende probleem. Sinds ik ( denk zelf dat het daar door komt ) Internet Explorer 8 heb gedownload kan ik geen afbeeldingen meer opslaan of als ik in photoshop zit kan ik geen foto meer ophalen. Dan slaat het hele progamma of internet vast. Ik moet dan ctrl-alt-del indrukken om de progamma's af te sluiten. Wie kan mij hier alsjeblieft in helpen, ben zelf een leek in zulke dingen. Dus alles is welkom Tiello
