Samurai_Mo

Laat maar pc is geformatteerd en de folders kan ik weer openen dank zij iemand van bleepingcomputers.com > chat c:\windows\vtany.sys ---> Van hotspotshield of zoiets c:\windows\system32\GameMon.des --> Gamegaurd anti-hack programme for games c:\windows\xhunter1.sys ---> Van de spel thehunter denk ik XDva276.sys geen idea volgens mij een hbo worm of zoiets Maar ok die dingen zijn nu toch allemaal weg since de formateren

Hmmm ik kreeg BSOD Komt denk ik door de Combofix En moest als opnieuw installeren dus heb mijn windows opnieuw ingestallered dus ja Die map is er nog steets weet je en nog steets kan ik hem niet opennen Wie een oplossing heeft die krijgt Echt echt echt echt ik betaal iemand 10 Euro via paypal of contant als je in Etten-leur woont dan Iemand aaaa please sinse de installtie ben ik als kwijt en ik weet zeker dat er in die map oude bestanden zitten die ik nu echt goed kan gebruiken

Start > Uitvoeren > type in: control userpasswords2 > zoek je account > Klik op eigenschappen > Verander Gebruikersnaam en volledige naam naar jou keuzen > Klik Ok Als is puur visual(Buitenkant) dus de mappen in document en eigenschappen die blijven op je oude naam staan Als je echt als wilt veranderen dan moet je de accounts verwijderen maak eerst een nieuwe account en verwijder de oude account EN VERGEET NIET DE NIEUWE ACCOUNT ALS ADMINISTRATOR TE MAKEN

Een thema Gewoon een thema dat als verandert zoals de pictogrammen kleuren de tabs eigelijk gewoon van als het geeft een hele nieuw kijk Voorbeelden: Vista Themes - Free Windows Vista Themes Thema's dat zijn gewoon nieuwe huiden(Skins) zou je kunnen zeggen

Trouwens in the log zie je norton internet work protection maar die heb ik niet geinstalleerd O.o? Bij programme's toespassen of verwijderen staat ook niet hoor dus wel raar O.o Hier is de log: ComboFix 09-11-20.02 - Mounaim Hadouch 20-11-2009 22:32.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.766.280 [GMT 1:00] Gestart vanuit: d:\documents and settings\Mounaim Hadouch\Bureaublad\ComboFix.exe AV: avast! antivirus 4.8.1356 [VPS 091120-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-0647851183-6461898221-364053783-9305 c:\recycler\S-1-5-21-0688454336-5488299904-857417277-8285 c:\recycler\S-1-5-21-1089713207-2740617116-464765090-1003 c:\recycler\S-1-5-21-1253861381-1470231402-942912699-3942 c:\recycler\S-1-5-21-9693790662-5347654524-348331687-4148 c:\windows\system32\_000071_.tmp.dll c:\windows\system32\_000098_.tmp.dll c:\windows\system32\_000109_.tmp.dll c:\windows\system32\_002787_.tmp.dll c:\windows\system32\_002788_.tmp.dll c:\windows\system32\_002789_.tmp.dll c:\windows\system32\_002790_.tmp.dll c:\windows\system32\_002797_.tmp.dll c:\windows\system32\_002798_.tmp.dll c:\windows\system32\_002799_.tmp.dll c:\windows\system32\_002800_.tmp.dll c:\windows\system32\_002802_.tmp.dll c:\windows\system32\_002803_.tmp.dll c:\windows\system32\_002806_.tmp.dll c:\windows\system32\_002807_.tmp.dll c:\windows\system32\_002809_.tmp.dll c:\windows\system32\_002810_.tmp.dll c:\windows\system32\_002811_.tmp.dll c:\windows\system32\_002813_.tmp.dll c:\windows\system32\_002816_.tmp.dll c:\windows\system32\_002817_.tmp.dll c:\windows\system32\_002821_.tmp.dll c:\windows\system32\_002822_.tmp.dll c:\windows\system32\_002824_.tmp.dll c:\windows\system32\_002827_.tmp.dll c:\windows\system32\_002829_.tmp.dll c:\windows\system32\_002830_.tmp.dll c:\windows\system32\_002831_.tmp.dll c:\windows\system32\_002832_.tmp.dll c:\windows\system32\_002833_.tmp.dll c:\windows\system32\_002836_.tmp.dll c:\windows\system32\_002837_.tmp.dll c:\windows\system32\_002838_.tmp.dll c:\windows\system32\_002839_.tmp.dll c:\windows\system32\_002840_.tmp.dll c:\windows\system32\_002845_.tmp.dll c:\windows\system32\_002847_.tmp.dll c:\windows\system32\drivers\pciide.sys d:\documents and settings\Mounaim Hadouch\Application Data\.# . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_OREANS32 -------\Service_oreans32 (((((((((((((((((((( Bestanden Gemaakt van 2009-10-20 to 2009-11-20 )))))))))))))))))))))))))))))) . 2009-11-19 23:29 . 2009-11-19 23:34 -------- d-----w- d:\documents and settings\Mounaim Hadouch\keel 2009-11-19 16:48 . 2009-11-19 16:48 -------- d-----w- d:\documents and settings\Mounaim Hadouch\oni 2009-11-19 16:45 . 2009-11-19 16:47 -------- d-----w- C:\CyberStep 2009-11-18 01:13 . 2009-11-18 01:13 -------- d-----w- c:\program files\Veoh Networks 2009-11-15 17:24 . 2009-11-15 17:24 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\JGsoft 2009-11-15 17:24 . 2009-11-15 17:24 -------- d-----w- c:\program files\JGsoft 2009-11-15 17:24 . 2006-06-06 01:08 67472 ----a-w- c:\windows\UnDeploy.exe 2009-11-14 23:07 . 2009-11-14 23:07 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-11-14 23:07 . 2009-11-14 23:26 214520 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-11-14 23:07 . 2009-11-14 23:07 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-11-14 23:07 . 2009-11-14 23:07 794408 ----a-w- c:\windows\system32\pbsvc_3.exe 2009-11-12 22:02 . 2009-11-12 22:02 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Local Settings\Application Data\Thinstall 2009-11-12 22:02 . 2009-11-12 22:02 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\Thinstall 2009-11-10 18:09 . 2009-11-10 18:10 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\TeamViewer 2009-11-10 18:08 . 2009-11-10 18:08 -------- d-----w- d:\documents and settings\Mounaim Hadouch\temp 2009-11-09 18:19 . 2009-11-09 18:19 66680 ----a-w- c:\windows\system32\rakion.sys 2009-11-07 23:13 . 2009-11-10 03:20 768768 ----a-w- d:\documents and settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-977517824-3551615838-909691738-1006-0.dat 2009-11-07 23:08 . 2009-11-07 23:08 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Local Settings\Application Data\Microsoft Help 2009-11-07 22:33 . 2009-11-07 22:33 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Local Settings\Application Data\PreEmptive Solutions 2009-11-07 21:52 . 2009-11-10 03:20 402162 ----a-w- d:\documents and settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2009-11-07 21:20 . 2009-07-23 03:08 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2009-11-07 21:19 . 2009-07-23 03:08 79896 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll 2009-11-07 21:18 . 2009-11-07 21:18 -------- d-----w- c:\windows\system32\RsFx 2009-11-07 21:09 . 2009-11-07 21:18 -------- d-----w- c:\program files\Microsoft SQL Server 2009-11-07 21:08 . 2009-11-07 21:08 -------- d-----w- c:\program files\Microsoft Sync Framework 2009-11-07 21:08 . 2009-11-07 21:08 -------- d-----w- c:\program files\Microsoft Synchronization Services 2009-11-07 21:06 . 2009-11-07 21:06 -------- d-----w- d:\documents and settings\All Users\Application Data\PreEmptive Solutions 2009-11-07 21:02 . 2009-11-07 21:02 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-07 20:58 . 2009-11-07 20:58 -------- d-----w- c:\program files\Microsoft ASP.NET 2009-11-07 20:58 . 2009-11-07 20:58 -------- d-----w- c:\program files\IIS 2009-11-07 20:49 . 2009-11-07 20:49 -------- d-----w- c:\windows\symbols 2009-11-07 20:45 . 2009-11-07 20:51 -------- d-----w- c:\program files\Microsoft F# 2009-11-07 20:45 . 2009-11-07 20:49 -------- d-----w- c:\program files\HTML Help Workshop 2009-11-07 20:45 . 2009-11-07 23:06 -------- d-----w- c:\program files\Common Files\Merge Modules 2009-11-07 20:45 . 2009-11-07 21:09 -------- d-----w- c:\program files\Microsoft SDKs 2009-11-07 20:45 . 2009-11-07 20:45 -------- d-----w- c:\program files\Microsoft Help 2009-11-07 20:42 . 2009-11-07 20:42 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2009-11-03 18:41 . 2009-11-03 18:41 -------- d-----w- c:\program files\iPod 2009-11-03 18:41 . 2009-11-03 18:42 -------- d-----w- d:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-11-03 18:41 . 2009-11-03 18:42 -------- d-----w- c:\program files\iTunes 2009-11-01 16:55 . 2009-11-01 17:02 -------- d-----w- d:\documents and settings\All Users\Application Data\NOS 2009-10-31 15:59 . 2009-10-31 15:59 -------- d-----w- d:\documents and settings\All Users\Application Data\ATI 2009-10-31 15:54 . 2009-07-21 09:40 593920 ------w- c:\windows\system32\ati2sgag.exe 2009-10-26 12:53 . 2009-10-26 12:53 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-20 21:00 . 2009-08-21 15:10 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\DMCache 2009-11-20 20:07 . 2009-08-21 18:04 -------- d-----w- d:\documents and settings\All Users\Application Data\SmartSound Software Inc 2009-11-19 23:28 . 2009-08-19 00:09 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\uTorrent 2009-11-19 17:55 . 2009-08-18 11:57 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-18 18:37 . 2009-08-25 22:09 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\DivX 2009-11-16 20:59 . 2009-10-17 13:40 -------- d-----w- d:\documents and settings\All Users\Application Data\TmForever 2009-11-15 16:42 . 2007-01-16 19:51 -------- d---a-w- d:\documents and settings\All Users\Application Data\TEMP 2009-11-14 23:07 . 2009-11-12 21:00 139152 ----a-w- d:\documents and settings\Mounaim Hadouch\Application Data\PnkBstrK.sys 2009-11-12 21:49 . 2009-08-21 15:10 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\IDM 2009-11-10 22:20 . 2009-08-21 19:09 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\Apple Computer 2009-11-10 19:29 . 2007-11-22 21:11 -------- d-----w- d:\documents and settings\All Users\Application Data\FLEXnet 2009-11-08 22:15 . 2009-08-21 15:10 -------- d-----w- c:\program files\Internet Download Manager 2009-11-07 23:09 . 2007-11-14 20:44 -------- d-----w- d:\documents and settings\All Users\Application Data\Microsoft Help 2009-11-07 21:20 . 2004-09-10 15:24 638674 ----a-w- c:\windows\system32\perfh013.dat 2009-11-07 21:20 . 2004-09-10 15:24 133558 ----a-w- c:\windows\system32\perfc013.dat 2009-11-07 21:15 . 2009-10-07 17:30 -------- d-----w- c:\program files\Microsoft.NET 2009-11-07 21:08 . 2009-08-19 19:42 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-07 21:03 . 2009-08-18 22:40 -------- d-----w- c:\program files\MSBuild 2009-11-04 00:08 . 2009-08-18 11:57 -------- d-----w- c:\program files\Java 2009-11-03 18:41 . 2009-08-21 19:07 -------- d-----w- c:\program files\Common Files\Apple 2009-11-01 16:59 . 2009-08-18 11:57 -------- d-----w- c:\program files\Common Files\Adobe 2009-10-31 15:56 . 2009-08-18 11:57 -------- d-----w- c:\program files\ATI Technologies 2009-10-30 16:01 . 2009-08-21 15:34 -------- d-----w- c:\program files\Softnyx 2009-10-26 12:43 . 2009-10-07 20:05 -------- d-----w- d:\documents and settings\All Users\Application Data\VMware 2009-10-25 18:32 . 2009-08-23 21:24 -------- d--h--w- d:\documents and settings\Mounaim Hadouch\Application Data\ijjigame 2009-10-25 00:12 . 2009-08-19 19:41 -------- d-----w- c:\program files\Microsoft 2009-10-21 17:30 . 2009-10-21 17:30 -------- d-----w- c:\program files\Hotspot Shield 2009-10-18 14:09 . 2009-08-25 18:26 -------- d-----w- c:\program files\Cheat Engine 2009-10-15 19:56 . 2009-10-15 19:56 -------- d-----w- c:\program files\SodaBush 2009-10-11 03:17 . 2009-08-18 03:55 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-10 16:22 . 2009-10-07 20:12 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\VMware 2009-10-10 16:20 . 2009-10-07 20:09 -------- d-----w- d:\documents and settings\LocalService\Application Data\VMware 2009-10-09 20:18 . 2009-10-09 20:16 -------- d-----w- c:\program files\BumpTop 2009-10-09 20:17 . 2009-10-09 20:17 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\Bump Technologies, Inc 2009-10-08 21:32 . 2009-08-18 03:44 110680 ----a-w- d:\documents and settings\Mounaim Hadouch\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-08 13:57 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll 2009-10-08 13:57 . 2004-09-10 15:23 23040 ----a-w- c:\windows\system32\oleaccrc.dll 2009-10-08 13:57 . 2004-09-10 15:23 220160 ----a-w- c:\windows\system32\oleacc.dll 2009-10-08 02:59 . 2009-10-08 02:59 843848 ----a-w- c:\windows\system32\hha.dll 2009-10-07 17:53 . 2009-10-07 17:31 -------- d-----w- c:\program files\Microsoft Works 2009-10-07 13:52 . 2009-10-07 13:52 235848 ----a-w- c:\windows\system32\vsjitdebugger.exe 2009-10-07 04:31 . 2009-10-07 04:31 17744 ----a-w- c:\windows\system32\aspnet_counters.dll 2009-10-07 01:44 . 2009-10-07 01:44 767312 ----a-w- c:\windows\system32\msvcr100_clr0400.dll 2009-10-07 01:44 . 2009-10-07 01:44 70456 ----a-w- c:\windows\system32\dxva2.dll 2009-10-07 01:44 . 2009-10-07 01:44 486200 ----a-w- c:\windows\system32\evr.dll 2009-10-07 01:17 . 2009-10-07 01:17 99160 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2009-10-07 01:17 . 2009-10-07 01:17 48960 ----a-w- c:\windows\system32\netfxperf.dll 2009-10-07 01:17 . 2009-10-07 01:17 297792 ----a-w- c:\windows\system32\mscoree.dll 2009-10-07 01:17 . 2009-10-07 01:17 295248 ----a-w- c:\windows\system32\PresentationHost.exe 2009-10-07 01:17 . 2009-10-07 01:17 1130816 ----a-w- c:\windows\system32\dfshim.dll 2009-10-06 19:01 . 2009-10-06 19:01 -------- d-----w- c:\program files\Adobe Media Player 2009-10-06 18:57 . 2009-10-06 18:57 -------- d-----w- c:\program files\Common Files\Adobe AIR 2009-10-06 18:46 . 2009-10-06 18:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2009-10-06 18:37 . 2009-10-06 18:37 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\Sonic 2009-10-06 18:36 . 2009-10-06 18:36 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\Leadertech 2009-10-04 14:33 . 2009-10-04 14:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-01 21:32 . 2009-08-22 02:41 -------- d-----w- c:\program files\Sony Ericsson 2009-09-30 16:13 . 2009-09-30 16:13 -------- d-----w- c:\program files\Uninstall Password Protect USB 2009-09-28 20:05 . 2009-09-28 20:05 2272 ----a-w- d:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-09-27 22:47 . 2009-09-16 15:58 -------- d-----w- d:\documents and settings\Mounaim Hadouch\Application Data\DNA 2009-09-27 08:55 . 2009-09-16 15:58 -------- d-----w- c:\program files\DNA 2009-09-25 15:52 . 2009-09-25 15:52 -------- d-----w- c:\program files\Microsoft Virtual PC 2009-09-23 18:28 . 2006-06-28 00:25 -------- d-----w- d:\documents and settings\All Users\Application Data\CyberLink 2009-09-15 20:35 . 2009-09-15 20:35 156488 ----a-w- c:\windows\system32\mscorier.dll 2009-09-15 20:04 . 2009-09-15 20:04 37376 ----a-w- c:\windows\system32\drivers\HssDrv.sys 2009-09-15 20:04 . 2009-09-15 20:04 32768 ----a-w- c:\windows\system32\drivers\taphss.sys 2009-09-15 10:59 . 2009-08-18 17:17 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-08-18 17:17 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-08-18 17:17 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-08-18 17:17 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-08-18 17:17 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-08-18 17:17 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-08-18 17:17 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-08-18 17:17 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-08-18 17:17 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-11 14:20 . 2009-08-18 04:37 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 12:54 . 2009-10-04 14:33 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 12:53 . 2009-10-04 14:33 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-09 10:43 . 2009-10-15 06:09 210352 ----a-w- c:\windows\system32\idmmbc.dll 2009-09-04 21:05 . 2004-09-10 15:23 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-09-04 15:44 . 2009-09-15 22:19 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2009-09-04 15:44 . 2009-09-15 22:19 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2009-09-04 15:44 . 2009-08-19 00:38 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2009-09-04 15:29 . 2009-09-15 22:19 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2009-09-04 15:29 . 2009-09-15 22:19 235344 ----a-w- c:\windows\system32\d3dx11_42.dll 2009-09-04 15:29 . 2009-09-15 22:19 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll 2009-09-04 15:29 . 2009-09-15 22:19 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2009-09-04 15:29 . 2009-09-15 22:19 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2009-08-30 04:57 . 2009-08-30 04:57 234328 ----a-w- c:\windows\system32\SqlServerSpatial.dll 2009-08-29 08:00 . 2004-09-10 15:23 916480 ----a-w- c:\windows\system32\wininet.dll 2009-08-26 08:02 . 2004-09-10 15:24 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-25 15:04 . 2009-08-26 16:20 75264 ----a-w- c:\windows\system32\uc_holybeast_launching.dll 2009-08-21 16:51 . 2009-08-21 16:51 1656288 ----a-w- c:\program files\Fraps v2.9.8-FOSI.exe 2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2005-08-24 21:10 . 2009-09-30 16:13 174592 --sha-w- c:\windows\system32\ncfpsys.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] 2009-10-10 16:26 218160 ----a-w- d:\program files\Hotspot Shield\hssie\HssIE.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-18 39408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "UpdatePDRShortCut"="d:\program files\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440] "QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2009-09-05 417792] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2005-12-09 15691264] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2001-12-20 21:34 24576 ----a-w- c:\program files\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\D:^Documents and Settings^Mounaim Hadouch^Menu Start^Programma's^Opstarten^BumpTop.lnk] path=d:\documents and settings\Mounaim Hadouch\Menu Start\Programma's\Opstarten\BumpTop.lnk backup=c:\windows\pss\BumpTop.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTIVBOARD HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmailChecker HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "UleadBurningHelper"=2 (0x2) "gusvc"=3 (0x3) "CyberLink Media Library Service"=2 (0x2) "CLSched"=2 (0x2) "CLCapSvc"=2 (0x2) "MBAMService"=2 (0x2) "RichVideo"=2 (0x2) "iPod Service"=3 (0x3) "ASKUpgrade"=2 (0x2) "Apple Mobile Device"=2 (0x2) "idsvc"=3 (0x3) "WMPNetworkSvc"=3 (0x3) "VMware NAT Service"=2 (0x2) "vmount2"=2 (0x2) "VMnetDHCP"=2 (0x2) "VMAuthdService"=2 (0x2) "ufad-ws60"=3 (0x3) "MDM"=2 (0x2) "FLEXnet Licensing Service"=3 (0x3) "wlidsvc"=2 (0x2) "npggsvc"=3 (0x3) "SQLWriter"=2 (0x2) "MSSQL$SQLEXPRESS"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"= "c:\\WINDOWS\\Downloaded Program Files\\PurpleBean.exe"= "c:\\ijji\\ENGLISH\\Gunz\\Gunz.exe"= "d:\\Program Files\\Emote\\launcher\\launcher.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "d:\\Documents and Settings\\Mounaim Hadouch\\Local Settings\\Application Data\\Kamuse\\KCSTrayDownloader\\KCSTrayDownloaderEngine.exe"= "c:\\Program Files\\ijji\\ijji REACTOR\\REACTOR.exe"= "c:\\ijji\\ENGLISH\\AVA\\binaries\\AVA.exe"= "d:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "d:\\Program Files\\TmNationsForever\\TmForever.exe"= "d:\\Program Files\\GameTribe\\Infinity\\xclient.exe"= "c:\\Program Files\\Softnyx\\RakionIS\\Bin\\rakion.bin"= "c:\\Program Files\\iTunes\\iTunes.exe"= "d:\\Documents and Settings\\Mounaim Hadouch\\Bureaublad\\UnrealTournament\\System\\UnrealTournament.exe"= "d:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"= "d:\\Documents and Settings\\Mounaim Hadouch\\Bureaublad\\COD2-WBB\\InstallShield_{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}\\40000015af00002i\\cod2mp_s.exe"= "d:\\Documents and Settings\\Mounaim Hadouch\\Bureaublad\\COD2-WBB\\Call of Duty® 2 Multiplayer.exe"= "c:\\WINDOWS\\Downloaded Program Files\\ijjiOptimizer.exe"= "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"= "c:\\CyberStep\\SplashFightersIjji\\amped_directx.exe"= "c:\\CyberStep\\SplashFightersIjji\\amped.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R0 bhound6;bhound6;c:\windows\system32\drivers\bhound6.sys [21-1-2007 7:14 61032] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [18-8-2009 18:17 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18-8-2009 18:17 20560] S2 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [7-10-2009 2:44 129856] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [22-8-2009 3:44 13224] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4-10-2009 15:33 19160] S3 rak;rak;c:\windows\system32\rakion.sys [9-11-2009 19:19 66680] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25-1-2008 10:12 25088] S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [7-10-2009 2:44 752984] S3 XDva276;XDva276;\??\c:\windows\system32\XDva276.sys --> c:\windows\system32\XDva276.sys [?] S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?] S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4-10-2009 15:33 269648] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [23-7-2009 4:08 47128] S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30-3-2009 3:09 239336] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [30-3-2009 3:23 366936] S4 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [30-3-2009 15:28 1533808] . Inhoud van de 'Gedeelde Taken' map 2009-08-21 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2009-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-977517824-3551615838-909691738-1006Core.job - d:\documents and settings\Mounaim Hadouch\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-16 12:20] 2009-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-977517824-3551615838-909691738-1006UA.job - d:\documents and settings\Mounaim Hadouch\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-16 12:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.nl/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xporteren naar Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 Trusted Zone: fiaa.eu\operation7 DPF: {91F52A42-C10D-49A7-B941-882C657C604F} - hxxp://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} - hxxp://www.fiaa.eu/OPLauncher.cab FF - ProfilePath - d:\documents and settings\Mounaim Hadouch\Application Data\Mozilla\Firefox\Profiles\ygkm77ly.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.gamerzneeds.net/forums/ FF - component: d:\documents and settings\Mounaim Hadouch\Application Data\IDM\idmmzcc3\components\idmmzcc.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMFireLauncher.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: d:\documents and settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll FF - plugin: d:\documents and settings\Mounaim Hadouch\Application Data\Mozilla\Firefox\Profiles\ygkm77ly.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - plugin: d:\documents and settings\Mounaim Hadouch\Application Data\Mozilla\Firefox\Profiles\ygkm77ly.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll FF - plugin: d:\documents and settings\Mounaim Hadouch\Application Data\Mozilla\Firefox\Profiles\ygkm77ly.default\extensions\iaplayer@instantaction.com\plugins\npiaplayer.dll FF - plugin: d:\documents and settings\Mounaim Hadouch\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: d:\program files\DivX\DivX Player\npDivxPlayerPlugin.dll FF - plugin: d:\program files\DivX\DivX Web Player\npdivx32.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin2.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin3.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin4.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin5.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin6.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin7.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); . - - - - ORPHANS VERWIJDERD - - - - AddRemove-Ad-Aware SE Plus - c:\progra~1\Norman\NORMAN~1\UNWISE.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-11-20 22:46 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-977517824-3551615838-909691738-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID] @Denied: (Full) (LocalSystem) @SACL= [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4148023b-9713-49ab-b870-0cf76637e77c}] @Denied: (Full) (Everyone) "Model"=dword:00000114 "Therad"=dword:00000002 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d, df,1c,2f,3b,8a,0a,32,11,89,01,b5,53,2e,ec,f2,1e,60,7c,46,ef,91,3a,11,35,f1,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):91,44,57,ef,3d,88,46,59,00,d9,eb,56,57,58,15,e2,f7,5a,34,3a,f8, b1,6b,60,d1,2d,10,96,6a,d2,ea,e6,c2,5b,f4,e3,68,ee,74,7d,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(896) c:\windows\system32\Ati2evxx.dll c:\program files\AlienGUIse\fastload.dll - - - - - - - > 'explorer.exe'(2452) c:\windows\system32\webcheck.dll c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL c:\windows\system32\Msi.dll c:\program files\Common Files\Microsoft Shared\Web Components\10\1043\OWCI10.DLL c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL c:\program files\Common Files\Microsoft Shared\Web Components\11\1043\OWCI11.DLL c:\progra~1\WINDOW~2\wmpband.dll c:\windows\system32\msls31.dll c:\windows\system32\ImgUtil.dll c:\windows\system32\pngfilt.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Microsoft Virtual PC\VPCShExH.DLL c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Hotspot Shield\bin\openvpnas.exe d:\program files\Hotspot Shield\HssWPR\hsssrv.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\system32\wscntfy.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Voltooingstijd: 2009-11-20 22:51 - machine werd herstart ComboFix-quarantined-files.txt 2009-11-20 21:51 Pre-Run: 8.079.376.384 bytes beschikbaar Post-Run: 7.869.214.720 bytes beschikbaar - - End Of File - - 7D97078BF4873565185CE44AACF4A980

Heb all combofix en SDfix gebruikt vorige week en de map kan ik nog steeds niet openen zoals je ziet Maar je wilt zeker de log? die heb ik verwijdert ik doe wel een weer een nieuwe scan maar volgens mij zat er niet echt iets special maar ok even scannen

secpol.msc heeft vista niet Maar heb je misschien een theme geïnstalleerd? Probeer die theme verwijderen en dan naam veranderen opnieuwe starten en de theme weer installeren

Uhhh ik kan gewoon als openen behalve die map en ik weet zeker dat ik geen virussen op mijn computer heb ik heb als gescanned met malwarebytes en avast en die zijn een van de beste anti-virus programma's die up to date zijn tegenwoordige Ik ben de beheerder van de pc ik heb alle rechten om als te openen,aan te passen en verwijderen

Paar maanden geleden volgens mij in juli had ik als herinstalleert ik probeerde eerst gewoon naar een oude herstel point te gaan maar dat ging niet dus ik deed een nieuwe clean installatie maar er is een map overgebleven dat is de map waar informatie staat van een oude backup van die herstel point die niet wilde lukken die had die map gemaakt maar ok ik kan die map niet opennen ik krijg steets een error hier is een screenshot Aan die screenshot heb je volgens niets veel maar ok EDIT : afbeelding verwijderd wegen opblazen forum Info: Nee de pc heeft geen virussen of zoiets de pc is CLEAN Heb all proberen met winrar en andere programmes to openen maar geen geluk Bij opties staat er Alleen lezen aangevinkt ik verwijder die vink maar hij blijft steeds aangevinkt maar dat is niet de reden waarom ik de folder niet kan openen dus ja Anybody a IDEA? (Jullie moeten iets aan de bijlagen opties voor afbeeldingen doen verkleint de afbeelding te veel)