Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Hijack this logje

None
16 antwoorden
  • Me pc is weer in flipmode
    Ik heb hier een logje gemaakt
    ik hoop dat jullie wat vinden



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:23:30, on 27-12-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\NVIDIA Corporation
    Tune
    TuneService.exe
    D:\steam\steam.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    F3 - REG:win.ini: run=
    O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation
    Tune
    TuneCmd.exe" clear
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
    O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sadik\Menu Start\Programma's\IMVU\Run IMVU.lnk
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195901566359
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation
    Tune
    TuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe


    End of file - 8294 bytes


    ben blij als jullie me zo snel mogelijk helpen

    alvast erg bedankt

    ennnn prettige vuurwerkdagen verder.. :D







  • nog iemand???

  • Geef eens een wat duidelijkere omschrijving van de problemen die er zijn.
  • hij doet weer traag enzo
    start moeilijk op
  • Fix deze met hijackthis:
    F3 - REG:win.ini: run=

    Voer de instructies uit die op deze site beschreven worden.
    Help! Mijn computer is traag!
  • bedankt maar die dingen doe ik al elke dag/week
  • Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Plaats het op je bureaublad.
    Dubbelklik er op om het programma te starten.
    In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
  • ComboFix 07-12-21.4 - Sadik 2007-12-30 22:10:22.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.1463 [GMT 1:00]
    Gestart vanuit: C:\Documents and Settings\Sadik\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Sadik\Application Data\inst.exe

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2007-11-28 to 2007-12-30 ))))))))))))))))))))))))))))))
    .

    2007-12-30 21:19 . 2007-12-30 21:19 <DIR> dr-h—– C:\Documents and Settings\Sadik\Onlangs geopend
    2007-12-29 13:49 . 2007-12-29 13:52 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Nokia
    2007-12-29 13:49 . 2007-12-29 13:49 <DIR> d——– C:\Documents and Settings\All Users\Application Data\PC Suite
    2007-12-29 13:46 . 2007-12-29 13:51 <DIR> d——– C:\Program Files\Nokia
    2007-12-29 13:46 . 2007-12-29 13:46 <DIR> d——– C:\Program Files\DIFX
    2007-12-29 13:46 . 2007-12-29 13:46 <DIR> d——– C:\Program Files\Common Files\PCSuite
    2007-12-29 13:46 . 2007-12-29 13:46 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PC Suite
    2007-12-29 13:45 . 2007-12-29 13:45 <DIR> d——– C:\Program Files\PC Connectivity Solution
    2007-12-28 01:49 . 2007-12-28 01:49 <DIR> d——– C:\Program Files\MSBuild
    2007-12-28 01:46 . 2007-12-28 17:40 <DIR> d——– C:\WINDOWS\system32\XPSViewer
    2007-12-28 01:45 . 2007-12-28 01:45 <DIR> d——– C:\Program Files\Reference Assemblies
    2007-12-28 01:44 . 2006-06-29 13:07 14,048 ——— C:\WINDOWS\system32\spmsg2.dll
    2007-12-27 19:45 . 2007-12-27 19:45 <DIR> d——– C:\Documents and Settings\All Users\Application Data\LogiShrd
    2007-12-27 19:41 . 2007-12-27 19:41 <DIR> d——– C:\Program Files\Common Files\Logishrd
    2007-12-27 19:41 . 2007-11-15 10:06 301,656 –a—— C:\WINDOWS\system32\BtCoreIf.dll
    2007-12-27 19:32 . 2007-12-27 19:32 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Logitech
    2007-12-27 19:31 . 2007-12-27 19:31 127,034 -r——- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
    2007-12-27 19:30 . 2007-11-15 10:07 170,512 –a—— C:\WINDOWS\system32\kemutb.dll
    2007-12-27 19:30 . 2007-11-15 10:07 141,840 –a—— C:\WINDOWS\system32\KemUtil.dll
    2007-12-27 19:30 . 2007-11-15 10:07 117,264 –a—— C:\WINDOWS\system32\KemWnd.dll
    2007-12-27 19:30 . 2007-09-21 03:10 78,992 –a—— C:\WINDOWS\system32\drivers\LMouKE.Sys
    2007-12-27 19:30 . 2007-11-15 10:07 76,304 –a—— C:\WINDOWS\system32\KemXML.dll
    2007-12-27 19:30 . 2007-09-21 03:10 63,120 –a—— C:\WINDOWS\system32\drivers\L8042mou.Sys
    2007-12-27 19:30 . 2007-09-21 03:10 55,824 –a—— C:\WINDOWS\KHALMNPR.Exe
    2007-12-27 19:30 . 2007-09-21 03:10 20,240 –a—— C:\WINDOWS\system32\drivers\L8042Kbd.sys
    2007-12-27 19:29 . 2007-12-27 19:31 <DIR> d——– C:\Program Files\Logitech
    2007-12-27 19:29 . 2007-12-27 19:41 <DIR> d——– C:\Program Files\Common Files\Logitech
    2007-12-27 19:29 . 2007-12-27 19:29 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Logitech
    2007-12-27 11:21 . 2007-12-30 01:37 54,156 –ah—– C:\WINDOWS\QTFont.qfn
    2007-12-27 11:21 . 2007-12-27 11:21 1,409 –a—— C:\WINDOWS\QTFont.for
    2007-12-27 00:55 . 2007-12-28 14:25 <DIR> d-a—— C:\Documents and Settings\All Users\Application Data\TEMP
    2007-12-27 00:47 . 2007-12-27 00:56 <DIR> d——– C:\Program Files\Spyware Doctor
    2007-12-27 00:47 . 2007-12-27 00:47 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PC Tools
    2007-12-27 00:47 . 2005-09-23 08:29 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
    2007-12-27 00:47 . 2007-12-27 00:47 74,240 –a—— C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-12-27 00:47 . 2007-12-27 00:47 56,832 –a—— C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-12-27 00:47 . 2007-10-18 00:14 41,288 –a—— C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-12-27 00:47 . 2007-10-18 00:16 29,000 –a—— C:\WINDOWS\system32\drivers\kcom.sys
    2007-12-26 13:19 . 2007-12-26 13:20 <DIR> d——– C:\Program Files\QuickTime
    2007-12-25 01:31 . 2007-12-25 01:31 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\ESET
    2007-12-25 01:30 . 2007-12-25 01:30 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ESET
    2007-12-24 02:45 . 2007-12-24 02:45 <DIR> d——– C:\Program Files\America's Army Server Manager
    2007-12-23 18:04 . 2001-11-23 12:08 712,704 –a—— C:\WINDOWS\system32\Audio3D.dll
    2007-12-22 12:48 . 2006-07-22 07:40 143,360 –a—— C:\WINDOWS\system32\RtlCPAPI.dll
    2007-12-22 12:48 . 2006-08-01 15:02 49,152 –a—— C:\WINDOWS\system32\ChCfg.exe
    2007-12-22 12:47 . 2007-12-22 12:47 <DIR> d——– C:\Program Files\Realtek
    2007-12-21 20:45 . 2004-08-04 09:03 299,008 –a—— C:\WINDOWS\system\MSH263.DRV
    2007-12-21 20:45 . 2004-08-04 09:03 54,272 –a—— C:\WINDOWS\system32\vfwwdm32.dll
    2007-12-21 20:45 . 2004-08-04 09:03 54,272 –a–c— C:\WINDOWS\system32\dllcache\vfwwdm32.dll
    2007-12-21 20:45 . 2004-08-04 09:03 47,616 –a—— C:\WINDOWS\system\IYUV_32.DLL
    2007-12-21 20:44 . 2007-12-21 20:44 <DIR> d——– C:\Program Files\MD40323
    2007-12-21 16:01 . 2007-12-21 16:01 <DIR> d——– C:\Program Files\Riva
    2007-12-21 16:01 . 2007-12-21 16:01 <DIR> d——– C:\Program Files\Common Files\SWF Studio
    2007-12-21 15:58 . 2007-12-21 16:04 <DIR> d——– C:\Temp
    2007-12-21 15:52 . 2007-12-21 15:52 <DIR> d——– C:\Program Files\Xilisoft
    2007-12-21 15:46 . 2007-12-21 15:46 <DIR> d——– C:\Program Files\Common Files\Download Manager
    2007-12-21 14:53 . 2007-12-21 14:53 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2007-12-21 00:14 . 2007-12-21 15:45 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Vso
    2007-12-21 00:14 . 2007-12-21 00:14 47,360 –a—— C:\WINDOWS\system32\drivers\pcouffin.sys
    2007-12-21 00:14 . 2007-12-21 15:45 47,360 –a—— C:\Documents and Settings\Sadik\Application Data\pcouffin.sys
    2007-12-20 23:15 . 2007-12-20 23:19 <DIR> d——– C:\Program Files\IMVU
    2007-12-20 23:15 . 2007-12-20 23:16 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\IMVU
    2007-12-20 16:12 . 2007-12-20 16:12 <DIR> d——– C:\Program Files\Messenger Plus! Live
    2007-12-20 13:37 . 2007-12-25 14:19 <DIR> d——– C:\Documents and Settings\Sadik\G-Force
    2007-12-17 23:25 . 2007-12-17 23:25 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\SoundSpectrum
    2007-12-17 23:24 . 2007-12-20 13:36 <DIR> d——– C:\Program Files\SoundSpectrum
    2007-12-17 20:02 . 2007-12-18 16:59 <DIR> d——– C:\Program Files\Windows Live Safety Center
    2007-12-16 21:11 . 2007-12-16 21:11 <DIR> d——– C:\Program Files\C-Media
    2007-12-16 21:11 . 2006-06-14 11:05 1,855,488 ——— C:\WINDOWS\mixer.exe
    2007-12-16 21:11 . 2000-10-20 18:28 765,952 –a—— C:\WINDOWS\system\crlds3d.dll
    2007-12-16 21:11 . 2002-11-18 15:51 377,358 –a—— C:\WINDOWS\system32\drivers\cmaudio.sys
    2007-12-16 21:11 . 2002-07-11 11:24 139,264 –a—— C:\WINDOWS\cmuninst.exe
    2007-12-16 21:11 . 2002-07-11 12:13 135,168 –a—— C:\WINDOWS\cmuninst.dat
    2007-12-16 21:11 . 2002-11-19 15:46 39,104 –a—— C:\WINDOWS\cmijack.dat
    2007-12-16 21:11 . 2006-06-14 11:05 32,768 –a—— C:\WINDOWS\system32\cmnprop.dll
    2007-12-16 21:11 . 2002-11-19 15:43 22,178 –a—— C:\WINDOWS\cmaudio.dat
    2007-12-16 21:00 . 2007-12-16 21:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Comodo
    2007-12-16 21:00 . 2007-12-16 21:00 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Comodo
    2007-12-16 19:52 . 2007-12-16 19:52 <DIR> d–h—– C:\WINDOWS\PIF
    2007-12-16 17:38 . 2007-12-17 17:13 <DIR> d——– C:\Program Files\Comodo
    2007-12-16 17:38 . 2007-12-08 02:29 211 –a—— C:\boot.ini.comodofirewall
    2007-12-15 10:52 . 2007-12-15 10:58 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\NewsBin
    2007-12-15 10:52 . 2007-12-15 10:52 <DIR> d——– C:\Documents and Settings\All Users\Application Data\NewsBin
    2007-12-14 23:55 . 2007-12-14 23:55 <DIR> d——– C:\Program Files\SystemRequirementsLab
    2007-12-13 18:26 . 2007-12-13 18:26 <DIR> d——– C:\Program Files\directx
    2007-12-12 23:19 . 2007-12-12 23:19 <DIR> d——– C:\Program Files\Common Files\Adobe
    2007-12-11 20:41 . 2007-12-11 20:41 <DIR> d——– C:\WINDOWS\ASTULogTemp
    2007-12-11 20:41 . 2007-12-11 20:41 <DIR> d——– C:\Program Files\Microsoft.NET
    2007-12-11 20:41 . 2007-12-28 02:19 6,094 –a—— C:\WINDOWS\system32\ASTULog.cab
    2007-12-11 20:41 . 2007-12-28 02:19 1,043 –a—— C:\WINDOWS\system32\setup.inf
    2007-12-11 20:41 . 2007-12-28 02:19 283 –a—— C:\WINDOWS\system32\setup.rpt
    2007-12-11 19:32 . 2007-12-11 19:32 <DIR> d——– C:\Program Files\MSXML 6.0
    2007-12-11 10:57 . 2007-12-11 10:57 65,536 –a—— C:\WINDOWS\system32\QuickTimeVR.qtx
    2007-12-11 10:57 . 2007-12-11 10:57 49,152 –a—— C:\WINDOWS\system32\QuickTime.qts
    2007-12-10 23:38 . 2007-12-16 02:59 <DIR> d——– C:\Program Files\Microsoft ActiveSync
    2007-12-09 20:52 . 2007-12-09 20:52 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\vlc
    2007-12-09 20:48 . 2007-12-09 20:48 <DIR> d——– C:\Program Files\VideoLAN
    2007-12-09 20:38 . 2007-12-09 20:44 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\DivX
    2007-12-09 11:42 . 2007-12-09 11:42 <DIR> d——– C:\Program Files\IE7Pro
    2007-12-09 11:42 . 2007-12-09 11:42 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\IE7Pro

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-30 20:15 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2007-12-26 12:19 ——— d—–w C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-12-10 22:36 ——— d—–w C:\Program Files\Common Files\Teleca Shared
    2007-12-08 11:17 ——— d—–w C:\Program Files\ASUS
    2007-12-08 01:43 382 —-a-w C:\Program Files\Snelkoppeling naar Program Files.lnk
    2007-11-24 01:01 9,344 —-a-w C:\WINDOWS\system32\drivers\NSDriver.sys
    2007-11-24 01:01 8,320 —-a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
    2007-11-23 18:20 ——— d—–w C:\Program Files\MP3 Player Utilities 3.13
    2007-11-23 18:17 ——— d—–w C:\Program Files\NVIDIA Corporation
    2007-11-23 18:13 ——— d—–w C:\Documents and Settings\Sadik\Application Data\Teleca
    2007-11-23 18:11 ——— d—–w C:\Program Files\Disc2Phone
    2007-11-23 18:00 6,176 —-a-w C:\WINDOWS\system32\drivers\w810cm.sys
    2007-11-23 18:00 5,808 —-a-w C:\WINDOWS\system32\drivers\w810wh.sys
    2007-11-23 17:57 ——— d—–w C:\Program Files\LRC Editor 4
    2007-11-23 17:51 ——— d—–w C:\Program Files\Common Files\InstallShield
    2007-11-23 17:48 ——— d—–w C:\Program Files\Marvell
    2007-11-23 17:43 ——— d—–w C:\Program Files\Intel
    2007-11-23 17:38 ——— d—–w C:\Program Files\microsoft frontpage
    2007-11-13 10:25 20,480 —-a-w C:\WINDOWS\system32\drivers\secdrv.sys
    2007-10-29 22:45 1,291,776 —-a-w C:\WINDOWS\system32\quartz.dll
    2007-10-25 08:28 222,720 —-a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-24 00:47 96,760 —-a-w C:\WINDOWS\system32\dfshim.dll
    2007-10-24 00:47 84,480 —-a-w C:\WINDOWS\system32\mscories.dll
    2007-10-24 00:47 282,112 —-a-w C:\WINDOWS\system32\mscoree.dll
    2007-10-24 00:47 158,720 —-a-w C:\WINDOWS\system32\mscorier.dll
    2007-10-23 16:49 586,752 —-a-w C:\WINDOWS\WLXPGSS.SCR
    2007-10-22 07:51 972,072 —-a-w C:\WINDOWS\UNRecode.exe
    2007-10-20 00:56 129,784 ——w C:\WINDOWS\system32\pxafs.dll
    2007-10-20 00:56 120,056 ——w C:\WINDOWS\system32\pxcpyi64.exe
    2007-10-20 00:56 118,520 ——w C:\WINDOWS\system32\pxinsi64.exe
    2007-10-18 10:31 51,224 —-a-w C:\WINDOWS\system32\sirenacm.dll
    2007-10-11 08:55 88,576 —-a-w C:\WINDOWS\system32\infocardapi.dll
    2007-10-11 08:55 579,584 —-a-w C:\WINDOWS\system32\icardagt.exe
    2007-10-11 08:55 11,776 —-a-w C:\WINDOWS\system32\icardres.dll
    2007-10-09 12:03 779,800 —-a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
    2007-10-09 12:03 73,752 —-a-w C:\WINDOWS\system32\dxva2.dll
    2007-10-09 12:03 493,080 —-a-w C:\WINDOWS\system32\evr.dll
    2007-10-09 12:03 350,744 —-a-w C:\WINDOWS\system32\PresentationHost.exe
    2007-10-09 12:03 33,304 —-a-w C:\WINDOWS\system32\PresentationHostProxy.dll
    2007-10-09 12:03 161,304 —-a-w C:\WINDOWS\system32\UIAutomationCore.dll
    2007-10-09 12:03 106,520 —-a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2007-10-09 12:03 1,986,072 —-a-w C:\WINDOWS\system32\milcore.dll
    2007-10-09 11:58 16,896 —-a-w C:\WINDOWS\system32\tswpfwrp.exe
    2007-10-04 17:16 356,352 —-a-w C:\WINDOWS\system32\NVUNINST.EXE
    2007-10-04 16:14 81,920 —-a-w C:\WINDOWS\system32
    vwddi.dll
    2007-10-04 16:14 81,920 —-a-w C:\WINDOWS\system32
    vmctray.dll
    2007-10-04 16:14 8,491,008 —-a-w C:\WINDOWS\system32
    vcpl.dll
    2007-10-04 16:14 753,664 —-a-w C:\WINDOWS\system32
    vcplui.exe
    2007-10-04 16:14 6,750,208 —-a-w C:\WINDOWS\system32
    voglnt.dll
    2007-10-04 16:14 6,344,704 —-a-w C:\WINDOWS\system32
    vdisps.dll
    2007-10-04 16:14 5,783,424 —-a-w C:\WINDOWS\system32
    v4_disp.dll
    2007-10-04 16:14 466,944 —-a-w C:\WINDOWS\system32
    vshell.dll
    2007-10-04 16:14 45,056 —-a-w C:\WINDOWS\system32
    vmccsrs.dll
    2007-10-04 16:14 442,368 —-a-w C:\WINDOWS\system32
    vappbar.exe
    2007-10-04 16:14 425,984 —-a-w C:\WINDOWS\system32\keystone.exe
    2007-10-04 16:14 364,544 —-a-w C:\WINDOWS\system32
    vapi.dll
    2007-10-04 16:14 36,864 —-a-w C:\WINDOWS\system32
    vcodins.dll
    2007-10-04 16:14 36,864 —-a-w C:\WINDOWS\system32
    vcod.dll
    2007-10-04 16:14 356,352 —-a-w C:\WINDOWS\system32
    vudisp.exe
    2007-10-04 16:14 307,200 —-a-w C:\WINDOWS\system32
    vexpbar.dll
    2007-10-04 16:14 3,551,232 —-a-w C:\WINDOWS\system32
    vvitvs.dll
    2007-10-04 16:14 3,334,144 —-a-w C:\WINDOWS\system32
    vgames.dll
    2007-10-04 16:14 286,720 —-a-w C:\WINDOWS\system32
    vnt4cpl.dll
    2007-10-04 16:14 229,376 —-a-w C:\WINDOWS\system32
    vmccs.dll
    2007-10-04 16:14 2,371,584 —-a-w C:\WINDOWS\system32
    vwss.dll
    2007-10-04 16:14 188,416 —-a-w C:\WINDOWS\system32
    vmccss.dll
    2007-10-04 16:14 155,716 —-a-w C:\WINDOWS\system32
    vsvc32.exe
    2007-10-04 16:14 147,456 —-a-w C:\WINDOWS\system32
    vcolor.exe
    2007-10-04 16:14 1,703,936 —-a-w C:\WINDOWS\system32
    vwdmcpl.dll
    2007-10-04 16:14 1,626,112 —-a-w C:\WINDOWS\system32
    wiz.exe
    2007-10-04 16:14 1,478,656 —-a-w C:\WINDOWS\system32
    view.dll
    2007-10-04 16:14 1,339,392 —-a-w C:\WINDOWS\system32
    vdspsch.exe
    2007-10-04 16:14 1,150,976 —-a-w C:\WINDOWS\system32
    vmobls.dll
    2007-10-04 16:14 1,019,904 —-a-w C:\WINDOWS\system32
    vwimg.dll
    2006-06-14 10:05 712,704 —-a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03]
    "NVIDIA nTune"="C:\Program Files\NVIDIA Corporation
    Tune
    TuneCmd.exe" [2007-07-03 12:32]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
    "Steam"="d:\steam\steam.exe" [2007-11-30 14:33]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 18:34]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
    "nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32
    wiz.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
    "SkyTel"="SkyTel.EXE" [2006-05-16 18:04 C:\WINDOWS\SkyTel.exe]
    "C-Media Mixer"="Mixer.exe" [2006-06-14 11:05 C:\WINDOWS\mixer.exe]
    "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-11-14 15:05]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56]
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 C:\WINDOWS\KHALMNPR.Exe]
    "NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 14:44]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-12-27 19:31:43]
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-12-27 19:41:39]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\LBTWlgn]
    c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 2007-11-15 10:10 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
    @=""

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^2Mega Camera Manager Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\2Mega Camera Manager Monitor.lnk
    backup=C:\WINDOWS\pss\2Mega Camera Manager Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusStartupHelp]
    2006-11-14 07:25 363008 -ra—— C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    2007-10-23 14:18 202024 –a—— C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
    SkyTel.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizzl]
    2007-11-28 15:45 6119424 –a—— C:\Program Files\Wizzl\Wizzl.exe

    R1 easdrv;easdrv;C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-11-14 15:04]
    R1 epfwtdi;epfwtdi;C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-11-14 15:06]
    R2 eamon;EAMON;C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-11-14 15:03]
    R2 ekrn;Eset Service;"C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [2007-11-14 15:05]
    R2 epfw;epfw;C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-11-14 15:06]
    R3 Epfwndis;Eset Personal Firewall;C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-11-14 15:06]
    S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca100v.sys [2002-09-01 06:35]
    S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe" [2007-11-14 15:07]
    S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM);C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-05-03 10:28]
    S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\Drivers\Bulk100.sys [2002-07-28 02:19]

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-12-26 12:14:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    .
    **************************************************************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-30 22:11:23
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-12-30 22:11:42
    .
    2007-12-28 10:30:43 — E O F —
































  • Ik zie niet direct sporen van malware in je logjes.
  • oops
    vergete
    hijackthislogie

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:21:17, on 31-12-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\Mixer.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    D:\steam\steam.exe
    C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Program Files\NVIDIA Corporation
    Tune
    TuneService.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    c:\program files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation
    Tune
    TuneCmd.exe" clear
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
    O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sadik\Menu Start\Programma's\IMVU\Run IMVU.lnk
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195901566359
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation
    Tune
    TuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


    End of file - 9312 bytes



    en verder prettige jaarwisseling voor iedereen!!!!
    en kijk uit met vuurwerk ;)







  • Ik zie geen sporen van malware in je logjes.
  • nuu?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:37:34, on 2-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\WINDOWS\Mixer.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\NVIDIA Corporation
    Tune
    TuneService.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation
    Tune
    TuneCmd.exe" clear
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
    O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sadik\Menu Start\Programma's\IMVU\Run IMVU.lnk
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195901566359
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation
    Tune
    TuneService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


    End of file - 9581 bytes







  • Zoals ik al 2x eerder zei, je logjes vertonen geen sporen van malware.
  • jkkkkee

    wat kan het probleem zijn?


    en soms sluit me pc af in een blue screen
    het is steeds 2 zelfde
    1 na 1

    als ik zeg maar cs source speel
    of met msn iemands webcam laat openen
    :

    Driver_irql_not_less_or_equal


    *stop: 0x000000D1 (0x000006C5, 0x00000002, 0x00000000, 0xB970D342

    base at B96e50000, Datestamp 3dd89c06

    En die andere


    Driver_irql'''''''''''

    *Stop: 0x000000D1 (0x00000001, 0x00000002, 0x00000000, 0x0000001\

    alvast erg bedankt
    want het is erg iritant
    vb als ik zeg maar met me familie enzo ga prate uit turkijke zeg maar
    willen we onze cameras en mics openen
    valt ie gewoon uit :S
    en bij cs source
    bij andere spellen zoals cod4 heb k niet
    ik heb ook geprobeerd om de game cache files te herstellen enzo
    "verify integrity game cache files" ofsoww :S

    Steam>Games>CS;Source>Properties>LocalFiles>verify integrity game cache files.

    ik had verder gekeke op google enzo
    op een forum zeiden ze dat je memory ook kapot was ofsow
    dat was het geval niet :D
    had namelijk voor een andere geruild, voor een Geil :D(alternate)
    maar wat kan het oorzaak ervan zijn??


    alvast erg bedankt
    prettige dag verder
  • Wordt er geen bestandsnaam genoemd wanneer je het BSOD krijgt?
    Defect geheugen is een mogelijkheid.
  • had me geheugen omgeruild voor een ander
    toen ik dat blue screens kreeg
    en het zelfde probleem

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.