Vraag & Antwoord

Beveiliging & privacy

Hijack log, Kan hier even naar gekeken worden.

8 antwoorden
  • Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:16:52, on 26-4-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: G:\WINDOWS\System32\smss.exe G:\WINDOWS\system32\winlogon.exe G:\WINDOWS\system32\services.exe G:\WINDOWS\system32\lsass.exe G:\WINDOWS\system32\Ati2evxx.exe G:\WINDOWS\system32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\system32\Ati2evxx.exe G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe G:\Program Files\Alwil Software\Avast4\ashServ.exe G:\WINDOWS\Explorer.EXE G:\WINDOWS\system32\spoolsv.exe G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe G:\WINDOWS\CTHELPER.EXE G:\WINDOWS\system32\CTXFIHLP.EXE G:\Program Files\Java\jre1.6.0_03\bin\jusched.exe G:\WINDOWS\SYSTEM32\CTXFISPI.EXE G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe G:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe G:\Program Files\SPAMfighter\SFAgent.exe G:\Program Files\iTunes\iTunesHelper.exe G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe G:\WINDOWS\System32\Rundll32.exe G:\WINDOWS\system32\ctfmon.exe G:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe G:\Program Files\Messenger\MSMSGS.EXE G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe G:\Program Files\Internet Explorer\iexplore.exe G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe G:\FRAPS\FRAPS.EXE G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe G:\WINDOWS\System32\CTsvcCDA.EXE G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe G:\WINDOWS\system32\PnkBstrA.exe G:\Program Files\Logitech\SetPoint\SetPoint.exe G:\WINDOWS\system32\PnkBstrB.exe G:\Program Files\SPAMfighter\sfus.exe G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe G:\Program Files\Alwil Software\Avast4\ashWebSv.exe G:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE G:\WINDOWS\System32\svchost.exe G:\Program Files\Common Files\Teleca Shared\Generic.exe G:\Program Files\iPod\bin\iPodService.exe G:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe G:\WINDOWS\system32\wuauclt.exe G:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe G:\Program Files\Mozilla Firefox\firefox.exe G:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - G:\Program Files\LimewirePlus\tbLim1.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - G:\Program Files\LimewirePlus\tbLim1.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {6156A32A-C512-4e23-AA9A-2315F4265681} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: adzgalore - {994B5FB4-0103-44A6-B6B3-C73572B362BC} - G:\WINDOWS\system32\nsz30.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: cpmsky browser optimizer - {bc0947d8-56db-daba-c600-5ed1af9595c5} - G:\WINDOWS\system32\{f738a0af-3e02-26aa-e78e-a972a7641b95}.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar3.dll O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - G:\Program Files\LimewirePlus\tbLim1.dll O4 - HKLM\..\Run: [CTDVDDET] "G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "G:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [PostSetupCheck] G:\WINDOWS\System32\Rundll32.exe "G:\WINDOWS\system32\cpmsky.dll" DllStart O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [Creative Detector] "G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [Fraps] G:\FRAPS\FRAPS.EXE O4 - HKCU\..\Run: [SpybotSD TeaTimer] G:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [KCeasy] G:\Program Files\KCeasy\KCeasy.exe /hide O4 - HKCU\..\Run: [poll manager] G:\DOCUME~1\RALPHM~1\APPLIC~1\SAVEBL~1\01 CREATIVE.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe O23 - Service: PnkBstrA - Unknown owner - G:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - G:\WINDOWS\system32\PnkBstrB.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - G:\Program Files\SPAMfighter\sfus.exe -- End of file - 10297 bytes Heeft last van malware,
  • Goede middag, Schakel [b:f3f1a1add9]Spybot's TeaTimer[/b:f3f1a1add9] even uit, omdat deze de fix in de weg kan zitten: - Start Spybot - Ga naar Mode > selecteer Advanced Mode - Ga naar Tools en klik op het Resident-icoon in de lijst - Haal het vinkje weg bij Resident [b:f3f1a1add9]TeaTimer[/b:f3f1a1add9] en klik OK - Herstart de computer Download vervolgens [url=http://downloads.subratam.org/ResetTeaTimer.bat] ResetTeaTimer.bat[/url] naar je Bureaublad. Dubbelklik op [b:f3f1a1add9]ResetTeaTimer.bat[/b:f3f1a1add9] om alle entries in [b:f3f1a1add9] TeaTimer[/b:f3f1a1add9] te verwijderen. [i:f3f1a1add9]Als de computer schoon is, kun je [b:f3f1a1add9]TeaTimer[/b:f3f1a1add9] weer aan zetten [/i:f3f1a1add9] Start Hijackthis op en kies voor 'Do a system scan only' Selecteer alleen de items die hieronder zijn genoemd: [b:f3f1a1add9] O2 - BHO: (no name) - {6156A32A-C512-4e23-AA9A-2315F4265681} - (no file) O2 - BHO: adzgalore - {994B5FB4-0103-44A6-B6B3-C73572B362BC} - G:\WINDOWS\system32\nsz30.dll O2 - BHO: cpmsky browser optimizer - {bc0947d8-56db-daba-c600-5ed1af9595c5} - G:\WINDOWS\system32\{f738a0af-3e02-26aa-e78e-a972a7641b95}.dll O4 - HKLM\..\Run: [PostSetupCheck] G:\WINDOWS\System32\Rundll32.exe "G:\WINDOWS\system32\cpmsky.dll" DllStart O4 - HKCU\..\Run: [poll manager] G:\DOCUME~1\RALPHM~1\APPLIC~1\SAVEBL~1\01 CREATIVE.exe [/b:f3f1a1add9] Sluit alle vensters behalve Hijackthis Klik op 'Fix checked' om de items te verwijderen. Open de verkenner ("Deze Computer") en kies [b:f3f1a1add9]Extra[/b:f3f1a1add9] -> [b:f3f1a1add9]Mapopties...[/b:f3f1a1add9] Controleer onder [b:f3f1a1add9]Weergave[/b:f3f1a1add9] de volgende instellingen: Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen) Uitzetten: Extensies voor bekende bestandstypen verbergen Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP) Selecteer: Verborgen bestanden en mappen weergeven Druk daarna op [b:f3f1a1add9]Toepassen[/b:f3f1a1add9] gevolgd door [b:f3f1a1add9]Ok[/b:f3f1a1add9]. Verwijder de volgende directories: G:\Documents and Settings\RALPHM~1\Application Data\[b:f3f1a1add9]SAVEBL~1[/b:f3f1a1add9]\ Download [url=http://java.sun.com/javase/downloads/index.jsp][b:f3f1a1add9][color=blue:f3f1a1add9]Java Runtime Environment (JRE) 6u6[/color:f3f1a1add9][/b:f3f1a1add9][/url]. [list:f3f1a1add9][*:f3f1a1add9]Scroll omlaag naar : "[i:f3f1a1add9]Java Runtime Environment (JRE) 6 Update 6[/i:f3f1a1add9]". [*:f3f1a1add9]Klik op de "[b:f3f1a1add9]Download[/b:f3f1a1add9]" knop aan de rechterkant. [*:f3f1a1add9]Vink aan: "[b:f3f1a1add9]Accept License Agreement[/b:f3f1a1add9]", en klik op [b:f3f1a1add9]Continue[/b:f3f1a1add9]. [*:f3f1a1add9]De pagina zal herladen. [*:f3f1a1add9]Klik op de [b:f3f1a1add9]Windows Offline Installation, Multi-language[/b:f3f1a1add9] link ONDER [b:f3f1a1add9]Windows Platform - Java SE Runtime Environment 6 Update 6[/b:f3f1a1add9] en bewaar het op je Bureaublad. [*:f3f1a1add9]Sluit alle programma's die eventueel open zijn - Zeker je web browser! [*:f3f1a1add9]Ga dan naar [b:f3f1a1add9]Start[/b:f3f1a1add9] > [b:f3f1a1add9]Configuratiescherm[/b:f3f1a1add9] > [b:f3f1a1add9]Software[/b:f3f1a1add9] en verwijder alle oudere versies van Java uit de Softwarelijst. (met Java Runtime Environment (JRE of J2SE) in de naam. [*:f3f1a1add9]Herhaal dit tot alle oudere versies verdwenen zijn. [*:f3f1a1add9]Na het verwijderen van alle oudere versies, [b:f3f1a1add9]herstart[/b:f3f1a1add9] je pc. [*:f3f1a1add9]Dubbelklik vervolgens op [b:f3f1a1add9]jre-6u6-windows-i586-p.exe[/b:f3f1a1add9] op je Bureaublad om de nieuwste versie van Java te installeren.[/list:u:f3f1a1add9] Download dit bestand: [url=http://home.hetnet.nl/~stefsmeenk/tools/deljob.exe][b:f3f1a1add9]Deljob.exe[/b:f3f1a1add9][/url]([url=http://members.lycos.nl/deljob][color=red:f3f1a1add9]mirror[/color:f3f1a1add9][/url]) Plaats het op je bureaublad. Dubbelklik [b:f3f1a1add9]Deljob.exe[/b:f3f1a1add9]. Een logje(logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad. Post de inhoud van [b:f3f1a1add9]logit.txt[/b:f3f1a1add9] in je volgende bericht.
  • Hoe verwijder ik deze: Verwijder de volgende directories: G:\Documents and Settings\RALPHM~1\Application Data\SAVEBL~1\ Kan naar G en Documents and Settings gaan maar dan kom ik bij mijn eigen map. Ralph Marijnissen en die is niet te verwijderen+ neem aan dat dat niet moet.
  • Het is de bedoeling dat je alleen het dikgedrukte deel verwijderd . G:\Documents and Settings\RALPHM~1\Application Data\[b:ac84877cf7]SAVEBL~1\ [/b:ac84877cf7] ~ dit tekenje wil zeggen dat jij op jouw pc de hele naam ziet staan. Run anders als het niet lukken wil alleen de deljob aub.
  • Als ik: Application Data Heb geopend dan staat er geen map die lijkt op: SAVEBL~1\ ?
  • -------------------------------------------------------- No LOP job-files found -------------------------------------------------------- Files in Windows Tasks folder AppleSoftwareUpdate.job -------------------------------------------------------- Export App Data folders -------------------------------------------------------- De volumenaam van station G is 320gb MASTER Het volumenummer is 20BD-D026 Map van G:\Documents and Settings\ralph marijnissen\Application Data 26-04-2008 00:22 <DIR> . 26-04-2008 00:22 <DIR> .. 20-03-2007 17:43 <DIR> Adobe 20-03-2007 17:41 <DIR> AdobeAUM 01-07-2007 22:56 <DIR> AdobeUM 14-09-2007 22:38 <DIR> Ahead 29-01-2007 23:27 <DIR> APPLEC~1 Apple Computer 04-05-2007 22:46 <DIR> ATI 10-03-2007 01:34 <DIR> COMMAN~1 Command & Conquer 3 Tiberium Wars Demo 08-12-2007 23:57 <DIR> Comodo 24-02-2007 18:15 <DIR> Creative 27-02-2007 23:28 <DIR> DEEPBU~1 DeepBurner 08-11-2007 19:31 <DIR> GEARBO~1 Gearbox Software 04-02-2007 04:00 <DIR> Google 13-01-2007 13:58 <DIR> IDENTI~1 Identities 22-05-2007 16:46 <DIR> INSTAL~1 InstallShield 29-03-2008 23:48 <DIR> KAZAAL~1 Kazaa Lite 11-03-2007 18:00 <DIR> Lavasoft 14-09-2007 20:50 <DIR> LEADER~1 Leadertech 25-04-2008 23:25 <DIR> LIMEWI~1 LimeWirePlus 08-11-2007 19:24 <DIR> Logitech 13-01-2007 14:08 <DIR> MACROM~1 Macromedia 01-02-2008 22:12 <DIR> MICROS~1 Microsoft 13-01-2007 14:22 <DIR> Mozilla 24-04-2007 11:16 <DIR> SECOND~1 SecondLife 22-05-2007 17:16 <DIR> SecuROM 29-01-2007 23:24 <DIR> SONYER~1 Sony Ericsson 01-07-2007 20:22 <DIR> SPAMFI~1 SPAMfighter 07-02-2007 12:33 <DIR> Sun 19-09-2007 11:37 <DIR> SYSTEM~1 SystemRequirementsLab 29-01-2007 23:25 <DIR> Teleca 0 bestand(en) 0 bytes 31 map(pen) 115.697.639.424 bytes beschikbaar De volumenaam van station G is 320gb MASTER Het volumenummer is 20BD-D026 Map van G:\Documents and Settings\All Users\Application Data 25-04-2008 23:28 <DIR> . 25-04-2008 23:28 <DIR> .. 17-09-2007 11:13 <DIR> Adobe 28-08-2007 18:18 <DIR> Apple 28-08-2007 18:20 <DIR> APPLEC~1 Apple Computer 08-12-2007 23:57 <DIR> Comodo 13-01-2007 14:45 <DIR> Creative 01-07-2007 22:55 <DIR> DVDSHR~1 DVD Shrink 18-01-2007 10:58 <DIR> Google 17-12-2007 13:48 <DIR> HEMAAL~1 Hema Album Software Advanced 24-04-2008 23:26 <DIR> Kazaa 08-11-2007 19:22 <DIR> LogiShrd 08-11-2007 19:22 <DIR> Logitech 02-10-2007 14:38 <DIR> MICROS~1 Microsoft 18-11-2007 13:26 <DIR> NexonUS 14-01-2007 03:41 <DIR> NVIDIA 26-04-2008 00:21 <DIR> PEAKOO~1 Peak ooze date army 24-04-2008 23:01 <DIR> REFLEX 29-01-2007 23:23 <DIR> SONYER~1 Sony Ericsson 24-03-2008 00:28 <DIR> SPYBOT~1 Spybot - Search & Destroy 29-01-2007 23:23 <DIR> Teleca 27-04-2008 22:52 <DIR> TEMP 13-01-2007 16:04 <DIR> WINDOW~1 Windows Genuine Advantage 0 bestand(en) 0 bytes 23 map(pen) 115.697.639.424 bytes beschikbaar -------------------------------------------------------- All User Accounts -------------------------------------------------------- All Users ralph marijnissen -------------------------------------------------------- Ook nog een nieuwe: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:59:45, on 27-4-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: G:\WINDOWS\System32\smss.exe G:\WINDOWS\system32\winlogon.exe G:\WINDOWS\system32\services.exe G:\WINDOWS\system32\lsass.exe G:\WINDOWS\system32\Ati2evxx.exe G:\WINDOWS\system32\svchost.exe G:\WINDOWS\System32\svchost.exe G:\WINDOWS\system32\Ati2evxx.exe G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe G:\Program Files\Alwil Software\Avast4\ashServ.exe G:\WINDOWS\Explorer.EXE G:\WINDOWS\system32\spoolsv.exe G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe G:\WINDOWS\CTHELPER.EXE G:\WINDOWS\system32\CTXFIHLP.EXE G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe G:\WINDOWS\SYSTEM32\CTXFISPI.EXE G:\Program Files\SPAMfighter\SFAgent.exe G:\Program Files\iTunes\iTunesHelper.exe G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe G:\Program Files\Java\jre1.6.0_03\bin\jusched.exe G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe G:\WINDOWS\system32\ctfmon.exe G:\Program Files\Messenger\MSMSGS.EXE G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe G:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe G:\WINDOWS\System32\CTsvcCDA.EXE G:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe G:\FRAPS\FRAPS.EXE G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE G:\WINDOWS\system32\PnkBstrA.exe G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe G:\WINDOWS\system32\PnkBstrB.exe G:\Program Files\Logitech\SetPoint\SetPoint.exe G:\Program Files\SPAMfighter\sfus.exe G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe G:\Program Files\Alwil Software\Avast4\ashWebSv.exe G:\WINDOWS\System32\msiexec.exe G:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE G:\WINDOWS\System32\svchost.exe G:\Program Files\iPod\bin\iPodService.exe G:\Program Files\Common Files\Teleca Shared\Generic.exe G:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe G:\WINDOWS\system32\wuauclt.exe G:\Program Files\Mozilla Firefox\firefox.exe G:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.home.nl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - G:\Program Files\LimewirePlus\tbLim1.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - G:\Program Files\LimewirePlus\tbLim1.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar3.dll O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - G:\Program Files\LimewirePlus\tbLim1.dll O4 - HKLM\..\Run: [CTDVDDET] "G:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "G:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "G:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "G:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [UpdReg] G:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "G:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SPAMfighter Agent] "G:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "G:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [avast!] G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [Creative Detector] "G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [swg] G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [Fraps] G:\FRAPS\FRAPS.EXE O4 - HKCU\..\Run: [KCeasy] G:\Program Files\KCeasy\KCeasy.exe /hide O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://G:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Apple Mobile Device - Apple, Inc. - G:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - G:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - G:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - G:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - G:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - G:\Program Files\iPod\bin\iPodService.exe O23 - Service: PnkBstrA - Unknown owner - G:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - G:\WINDOWS\system32\PnkBstrB.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - G:\Program Files\SPAMfighter\sfus.exe -- End of file - 9467 bytes Maar SAVEBL~1\ kan ik niet vinden in: Application Data In mijn map?
  • Staat ook niet meer in je logje dus weg, hoe staat het met je problemen nu >?
  • Hartstikke bedankt. Nergens last meer van. Alleen dat hij steeds trager opstart etc. Maar komt door dat deze xp er al lang opstaat en de 320Gb schijf aardig volloopt.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.