Problemen bij uploaden foto's

**200016v** · 31 January 2009, 17:56

Hoi,

Ik heb sinds een week problemen als ik foto's wil uploaden van mijn PC.
Vanaf het moment dat ik via een site (Kapaza/2dehands...) naar mijn documenten wil gaan, dan sluit men internet volledig af.
Dit gebeurd in explorer en ook via Firefox.

Weet iemand raad?

Hier een logje van Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54:48, on 31/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CardDetector\ICON225\CardDetector.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Belkin\Nostromo\nost_LM.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Snelle start.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Loadout Manager.lnk = C:\Program Files\Belkin\Nostromo\nost_LM.exe
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Koppelingdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Koppelingdoel converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Selectie converteren naar bestaand PDF-bestand - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1228734900000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1229813863203
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
--
End of file - 9354 bytes

Alvast bedankt.

**Juisterr** · 31 January 2009, 18:56

Download http://download.bleepingcomputer.com/sUBs/ComboFix.exeCombofixnaar je Bureaublad en gebruik het volgens http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden deze handleiding
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Klik op OK in het "NirCmd" venstertje.
Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster.
Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

**200016v** · 5 February 2009, 18:21

Hier dan het logje van Combofix....

ComboFix 09-02-04.04 - Joeri 2009-02-05 16:47:54.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3327.2665 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Joeri\Mijn documenten\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-01-05 to 2009-02-05 ))))))))))))))))))))))))))))))
.
2009-02-05 16:12 . 2009-02-05 16:12 <DIR> d-------- c:\windows\LastGood
2009-02-04 18:07 . 2009-02-04 18:07 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-04 16:59 . 2009-02-05 16:10 <DIR> dr-h----- c:\documents and settings\Joeri\Onlangs geopend
2009-01-31 17:38 . 2009-02-04 13:43 <DIR> d--h----- C:\$AVG8.VAULT$
2009-01-31 16:51 . 2009-01-31 16:51 <DIR> d-------- c:\program files\Trend Micro
2009-01-31 16:35 . 2009-01-31 16:35 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-31 16:35 . 2009-01-31 16:35 <DIR> d-------- c:\documents and settings\Joeri\Application Data\Malwarebytes
2009-01-31 16:35 . 2009-01-31 16:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-31 16:35 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-31 16:35 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-31 16:27 . 2009-02-05 15:33 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-01-31 16:27 . 2009-02-04 18:07 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-01-31 16:26 . 2009-01-31 16:26 <DIR> d-------- c:\program files\AVG
2009-01-31 16:26 . 2009-02-04 18:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-01-28 21:45 . 2009-01-28 21:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-01-28 21:30 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-01-28 21:23 . 2009-01-28 21:30 <DIR> d-------- c:\windows\system32\XPSViewer
2009-01-28 21:23 . 2009-01-28 21:23 <DIR> d-------- c:\program files\Reference Assemblies
2009-01-28 21:22 . 2008-07-06 13:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2009-01-28 21:22 . 2008-07-06 13:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll
2009-01-28 21:22 . 2008-07-06 11:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesv c.exe
2009-01-28 21:22 . 2008-07-06 13:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2009-01-28 21:22 . 2008-07-06 13:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-28 21:22 . 2008-07-06 13:06 117,760 --------- c:\windows\system32\prntvpt.dll
2009-01-28 21:22 . 2008-07-06 13:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintpr oc.dll
2009-01-28 21:21 . 2009-01-28 21:44 <DIR> d-------- c:\windows\SxsCaPendDel
2009-01-28 21:21 . 2009-01-28 21:23 <DIR> d-------- C:\7d1091c0cbf801e0260360ca0bc6
2009-01-28 21:17 . 2009-01-28 21:17 0 --a------ c:\windows\nsreg.dat
2009-01-19 19:59 . 2009-01-19 19:59 <DIR> d-------- c:\windows\system32\LogFiles
2009-01-19 19:59 . 2009-01-19 19:59 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-01-19 19:59 . 2009-01-19 19:59 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-01-19 17:51 . 2009-01-19 17:51 <DIR> d-------- c:\documents and settings\Joeri\Application Data\Sony Corporation
2009-01-19 17:34 . 2009-01-19 17:34 <DIR> d-------- c:\program files\Sony
2009-01-19 17:33 . 2009-01-19 17:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Corporation
2009-01-17 21:11 . 2009-01-17 21:11 <DIR> d-------- c:\program files\Valve
2009-01-15 06:42 . 2009-01-15 06:42 <DIR> d-------- c:\program files\MSN Messenger
2009-01-15 06:42 . 2009-01-15 06:42 <DIR> d-------- c:\documents and settings\Joeri\Contacts
2009-01-09 14:06 . 2009-01-09 14:06 <DIR> d-------- c:\windows\system32\URTTEMP
2009-01-09 10:32 . 2009-01-09 10:32 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-01-06 21:26 . 2009-02-05 16:12 <DIR> d-------- c:\program files\Windows Live Safety Center
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-02-01 23:40 --------- d-----w c:\program files\World of Warcraft
2009-01-19 23:37 --------- d-----w c:\program files\CCleaner
2009-01-19 16:36 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-15 05:39 --------- d-----w c:\program files\Windows Live
2009-01-14 18:10 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-03 12:40 --------- d-----w c:\documents and settings\Joeri\Application Data\Bioshock
2008-12-31 16:04 691,560 ----a-w c:\windows\system32\OGACheckControl.dll
2008-12-31 16:04 528,744 ----a-w c:\windows\system32\OGAVerify.exe
2008-12-31 16:04 502,120 ----a-w c:\windows\system32\OGAAddin.dll
2008-12-31 07:45 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-12-29 08:19 --------- d-----w c:\program files\Mobistar
2008-12-29 08:19 --------- d-----w c:\program files\Common Files\France Telecom
2008-12-28 14:17 --------- d-----w c:\program files\CardDetector
2008-12-27 18:59 --------- d-----w c:\program files\Ahead
2008-12-27 18:52 --------- d-----w c:\program files\Common Files\Ahead
2008-12-20 22:58 --------- d-----w c:\program files\K-Lite Codec Pack
2008-12-19 15:09 --------- d-----w c:\program files\Elaborate Bytes
2008-12-19 14:05 --------- d-----w c:\program files\Canon
2008-12-19 14:03 --------- d-----w c:\documents and settings\All Users\Application Data\PhotoStitch
2008-12-19 14:02 --------- d-----w c:\documents and settings\Joeri\Application Data\Canon
2008-12-19 13:49 --------- d-----w c:\documents and settings\Joeri\Application Data\ZoomBrowser EX
2008-12-19 13:40 --------- d-----w c:\program files\Common Files\CANON
2008-12-18 21:56 --------- d-----w c:\documents and settings\Joeri\Application Data\Vso
2008-12-18 21:50 --------- d-----w c:\program files\DVD Shrink
2008-12-18 20:38 87,608 ----a-w c:\documents and settings\Joeri\Application Data\ezpinst.exe
2008-12-18 20:38 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-12-18 20:38 47,360 ----a-w c:\documents and settings\Joeri\Application Data\pcouffin.sys
2008-12-18 20:38 --------- d-----w c:\program files\DVDFab Platinum 3
2008-12-18 19:53 --------- d-----w c:\program files\DVD Decrypter
2008-12-17 18:22 --------- d-----w c:\program files\Lavalys
2008-12-16 16:49 --------- d--h--w c:\documents and settings\All Users\Application Data\CanonBJ
2008-12-16 16:48 --------- d--h--w c:\program files\CanonBJ
2008-12-13 17:59 --------- d-----w c:\documents and settings\Joeri\Application Data\Hewlett-Packard
2008-12-13 17:56 --------- d-----w c:\program files\Common Files\Hewlett-Packard
2008-12-13 17:55 --------- d-----w c:\program files\Hewlett-Packard
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 20:25 --------- d-----w c:\documents and settings\All Users\Application Data\Blizzard
2008-12-10 11:00 --------- d-----w c:\program files\Lavasoft
2008-12-10 11:00 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-10 10:59 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-09 21:13 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2008-12-09 20:58 --------- d--h--r c:\documents and settings\Joeri\Application Data\SecuROM
2008-12-09 20:54 108,144 ----a-w c:\windows\system32\CmdLineExt.dll
2008-12-09 20:49 --------- d-----w c:\program files\Common Files\InstallShield
2008-12-09 20:49 --------- d-----w c:\program files\Belkin
2008-12-09 20:48 --------- d-----w c:\program files\2K Games
2008-12-09 20:47 --------- d-----w c:\documents and settings\Joeri\Application Data\InstallShield
2008-12-09 10:54 --------- d-----w c:\documents and settings\Joeri\Application Data\Media Player Classic
2008-12-09 10:20 --------- d-----w c:\documents and settings\Joeri\Application Data\AdobeUM
2008-12-08 19:33 --------- d-----w c:\program files\MSBuild
2008-12-08 19:33 --------- d-----w c:\program files\Microsoft Works
2008-12-08 19:26 --------- d-----w c:\program files\Common Files\Adobe
2008-12-08 19:24 --------- d-----w c:\program files\Common Files\Adobe Systems Shared
2008-12-08 17:14 --------- d-----w c:\program files\Common Files\Windows Live
2008-12-08 11:08 20,747 ----a-w c:\windows\system32\drivers\AegisP.sys
2008-12-08 11:08 --------- d-----w c:\program files\Linksys Wireless-G PCI Wireless Network Monitor
2008-12-07 22:36 --------- d-----w c:\program files\Attansic
2008-12-07 22:30 315,392 ----a-w c:\windows\HideWin.exe
2008-12-07 22:30 --------- d-----w c:\program files\Realtek
2008-12-07 22:18 --------- d-----w c:\program files\Intel
2008-12-07 22:12 558,142 ----a-w c:\windows\java\Packages\6KV9F93V.ZIP
2008-12-07 22:12 155,995 ----a-w c:\windows\java\Packages\Q0RN1J3J.ZIP
2008-12-07 22:12 --------- d-----w c:\program files\microsoft frontpage
2006-06-23 22:48 32,768 ----a-r c:\windows\inf\UpdateUSB.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Steam"="c:\program files\Valve\Steam\\Steam.exe" [2009-01-17 1410296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\System32\xRaidSetup.exe" [2007-03-21 1953792]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-06-28 8466432]
"WinSys2"="c:\windows\System32\winsys2.exe" [2006-04-29 208896]
"NvMediaCenter"="c:\windows\System32\NvMcTray. dll" [2007-06-28 81920]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-16 398944]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2001-07-09 155648]
"CardDetectorICON225"="c:\program files\CardDetector\ICON225\CardDetector.exe" [2008-04-21 270336]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-04 1601304]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Adobe Acrobat Snelle start.lnk - c:\windows\Installer\{AC76BA86-1030-D700-7760-100000000002}\SC_Acrobat.exe [2008-12-08 25214]
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-09 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-09 28672]
Loadout Manager.lnk - c:\program files\Belkin\Nostromo\nost_LM.exe [2002-06-14 397312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-04 18:07 10520 c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0-enGB-downloader.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\joe_opel\\zombie panic! source\\hl2.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-31 325128]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sy s [2008-12-07 38656]
R3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\BCGAME.sys [2002-04-12 9349]
R3 bcgbus;Nostromo USB Device Driver;c:\windows\system32\drivers\BCGBUS.sys [2002-04-12 29112]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-12-28 95744]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-12-28 51968]
S3 GTPTSER;GT PT SER;c:\windows\system32\drivers\gtptser.sys [2008-12-28 8064]
.
Inhoud van de 'Gedeelde Taken' map
2009-01-13 c:\windows\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1229191147.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 17:56]
2009-02-01 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]
2009-02-05 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.hln.be/
IE: Converteren naar Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Geselecteerde koppelingen converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Koppelingdoel converteren naar Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Koppelingdoel converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Selectie converteren naar Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Selectie converteren naar bestaand PDF-bestand - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.extrafilm.be/ImageUploader5.cab
FF - ProfilePath - c:\documents and settings\Joeri\Application Data\Mozilla\Firefox\Profiles\ci65s8u6.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\browser\nppdf32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.
************************************************** ************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-05 16:48:35
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
************************************************** ************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-329068152-1425521274-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c7,df,68,e5,86,3e,f4,6a,2d,80,24,2f,6c,09 ,91,79,01,73,a5,13,b7,6e,1c,
ee,3c,b7,9e,76,95,45,d2,b3,d7,e1,92,03,4e,ad,eb,c5 ,3d,3c,fd,d1,01,a0,a4,bc,\
"??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52 ,fe,22
.
Voltooingstijd: 2009-02-05 16:49:24
ComboFix-quarantined-files.txt 2009-02-05 15:49:22
ComboFix2.txt 2009-02-05 15:44:41
Pre-Run: 283.003.777.024 bytes beschikbaar
Post-Run: 282,994,810,880 bytes beschikbaar
221 --- E O F --- 2009-01-20 11:06:41