Archief - video's lopen vast

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
d

de_rutger

Legacy Member
Video's lopen elke keer vast, stream of gedownload. Het lijkt of net of de video aan het bufferen is (maar dat is niet zo).

Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:57:12, on 31/08/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\EXPLORER.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\WallpaperToy\Wallpapertoy.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Combined Community Codec Pack\MPC\mpc-hc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Rudy Rutger\Mijn documenten\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Wallpaper Changer.lnk = C:\Program Files\WallpaperToy\Wallpapertoy.Exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Rudy Rutger\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Rudy Rutger\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1266488581248
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1266521931656
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

--
End of file - 7713 bytes
J

Juisterr

Legacy Member
Start Hijackthis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

F2 - REGystem.ini: UserInit=userinit.exe,EXPLORER.EXE
O4 - HKCU\..\Run: [EXPLORER.EXE] EXPLORER.EXE

Klik op 'Fix checked' om de items te verwijderen.


Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.
4de6eab6867f3-Combofix.JPG


1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier staat een handleiding over hoe je deze kan uitschakelen:)

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
d

de_rutger

Legacy Member
ComboFix 11-09-01.03 - Rudy Rutger 01/09/2011 21:29:48.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2559.1860 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Rudy Rutger\Bureaublad\ComboFix.exe
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\burnlib.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\dsp_sps.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\enc_aacplus.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\enc_flac.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\enc_flake.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\enc_lame.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\enc_vorbis.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\enc_wav.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\enc_wma.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_crasher.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_dropbox.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_ff.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_hotkeys.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_jumpex.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_ml.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_orgler.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_tray.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\gen_undo.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_avi.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_cdda.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_dshow.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_flac.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_flv.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_linein.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_midi.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_mkv.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_mod.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_mp3.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_mp4.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_nsv.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_swf.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_vorbis.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_wav.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_wave.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_wm.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\in_wv.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_addons.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_autotag.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_bookmarks.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_dash.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_disc.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_history.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_impex.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_local.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_nowplaying.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_online.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_orb.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_playlists.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_plg.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_pmp.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_rg.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_transcode.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ml_wire.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\ombrowser.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\out_disk.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\out_ds.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\out_wave.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\playlist.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\pmp_activesync.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\pmp_ipod.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\pmp_njb.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\pmp_p4s.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\pmp_usb.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\tagz.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\vis_avs.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\vis_milk2.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\vis_nsfs.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\winamp.lng
c:\docume~1\RUDYRU~1\LOCALS~1\Temp\WLZF814.tmp\winampa.lng
c:\documents and settings\Rudy Rutger\Application Data\PriceGong
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Rudy Rutger\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\burnlib.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\dsp_sps.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\enc_aacplus.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\enc_flac.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\enc_flake.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\enc_lame.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\enc_vorbis.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\enc_wav.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\enc_wma.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_crasher.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_dropbox.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_ff.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_hotkeys.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_jumpex.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_ml.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_orgler.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_tray.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\gen_undo.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_avi.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_cdda.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_dshow.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_flac.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_flv.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_linein.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_midi.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_mkv.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_mod.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_mp3.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_mp4.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_nsv.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_swf.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_vorbis.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_wav.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_wave.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_wm.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\in_wv.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_addons.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_autotag.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_bookmarks.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_dash.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_disc.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_history.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_impex.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_local.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_nowplaying.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_online.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_orb.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_playlists.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_plg.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_pmp.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_rg.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_transcode.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ml_wire.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\ombrowser.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\out_disk.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\out_ds.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\out_wave.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\playlist.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\pmp_activesync.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\pmp_ipod.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\pmp_njb.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\pmp_p4s.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\pmp_usb.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\tagz.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\vis_avs.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\vis_milk2.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\vis_nsfs.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\winamp.lng
c:\documents and settings\Rudy Rutger\Local Settings\Temp\WLZF814.tmp\winampa.lng
c:\program files\messenger\msmsgsin.exe
c:\windows\ehome\snchk.exe
J:\EXPLORER.EXE
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-08-01 to 2011-09-01 ))))))))))))))))))))))))))))))
.
.
2011-08-10 15:25 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 15:25 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-05 18:06 . 2011-08-05 18:06 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-11 07:58 . 2011-05-15 23:24 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29 . 2001-09-07 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2001-09-07 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2010-02-16 21:41 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:37 . 2006-06-23 12:29 832512 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:37 . 2010-02-18 15:36 78336 ------w- c:\windows\system32\ieencode.dll
2011-06-21 18:37 . 2010-02-18 10:53 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-06-21 18:37 . 2001-09-07 12:00 17408 ------w- c:\windows\system32\corpol.dll
2011-06-21 11:47 . 2010-02-18 15:36 389120 ------w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2001-09-07 12:00 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2001-09-07 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 21:28 . 2011-05-08 23:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2002-08-02 46592]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Rudy Rutger\Menu Start\Programma's\Opstarten\
Wallpaper Changer.lnk - c:\program files\WallpaperToy\Wallpapertoy.Exe [2010-9-14 110592]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-06-07 15:51 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\eMule0.50a\\emule.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"f:\\eMule\\emule.exe"=
"c:\\Program Files\\Age of Empires\\Empires.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [5/08/2011 20:06 232512]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [16/09/2010 15:06 80896]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [24/03/2011 18:11 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22/06/2010 19:01 21248]
.
Inhoud van de 'Gedeelde Taken' map
.
2011-08-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
.
------- Bijkomende Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Rudy Rutger\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\documents and settings\Rudy Rutger\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Rudy Rutger\Application Data\Mozilla\Firefox\Profiles\g7ptt0gq.default\
FF - prefs.js: browser.startup.homepage - iBOOD.com - Internet's Best Online Offer Daily!
.
- - - - ORPHANS VERWIJDERD - - - -
.
MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-09-01 21:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\SetID\Internal]
@Denied: (A 2) (LocalSystem)
"DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />"
"Device"="yM29zbvPzMnLvrm+x8fPzce+zro="
DUMPHIVE0.003 (REGF)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(572)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2372)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\SOUNDMAN.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Voltooingstijd: 2011-09-01 21:43:14 - machine werd herstart
ComboFix-quarantined-files.txt 2011-09-01 19:43
.
Pre-Run: 65.604.935.680 bytes beschikbaar
Post-Run: 67.297.796.096 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 9AE615B241CACBBD7F85F0FEEAE2188C
d

de_rutger

Legacy Member
heb nog steeds problemen jammer genoeg, mijn internet loopt ook vaak vast (was ik vergeten te vermelden).. bedankt voor de hulp trouwens!
J

Juisterr

Legacy Member
Verwijder handmatig de combofix van je pc en download en installeer deze opnieuw.

Run het en plaats de uitslag aub.
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan