Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Systeem Beheerder Error - Hijack Log

Anoniem
M@rc
4 antwoorden
  • Ik krijg bij ongeveer alles wat ik doe op mijn PC om iets te doen in mijn PC zelf (configuratie scherm, taakbeheer dat soort dingen) een error: De bewerking is geannuleerd vanwege o puw systeem geldende beperkingen. Neem contact met de systeembheerder op.
    Het maffe is dat ik de systeembeheerder / administrator ben..

    Kan iemand me aub helpen?

    Bedankt.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 17:20:38, on 15-9-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.exe
    C:\WINDOWS\System32\printer.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\System32\HPAware.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Jesse)\Bureaublad\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
    O4 - HKLM\..\Run: [HP Update Assistant] C:\WINDOWS\System32\HPAware.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: system.exe
    O4 - Global Startup: autorun.exe
    O4 - Global Startup: BlueSoleil.lnk = D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32
    wprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\WINDOWS\System32\systems.txt
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe


    End of file - 5374 bytes


  • Volg de aanwijzingen van M@rc je bent in goede handen
  • Gebruik deze versie van hijackthis: http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe


    Sluit alle open vensters.
    Start HijackThis nog een keer en plaats een vinkje bij de volgende items:

    [b:d4f0df2189]F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
    O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
    O4 - HKLM\..\Run: [HP Update Assistant] C:\WINDOWS\System32\HPAware.exe
    O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
    O4 - Startup: system.exe
    O4 - Global Startup: autorun.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O20 - AppInit_DLLs: C:\WINDOWS\System32\systems.txt[/b:d4f0df2189]

    Klik daarna op "Fix checked" en sluit HijackThis af.

    Herstart de computer.


    Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Plaats het op je bureaublad.
    Dubbelklik er op om het programma te starten.
    In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
    Volg de instructies op het scherm.
    Als het tooltje klaar is, opent er een logfile (combofix.txt).
    Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
  • Alvast bedankt voor het helpen.
    Hier het logje van Combofix:

    ComboFix 07-09-14.2 - "Jesse)" 2007-09-16 14:45:03.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.1.1252.31.1043.18.1582 [GMT 2:00]
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp24.tmp.exe
    C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp25.tmp.exe
    C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp26.tmp.exe
    C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp4.tmp.exe
    C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp5.tmp.exe
    C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp7.tmp.exe
    C:\WINDOWS\system32\0_exception.nls
    C:\WINDOWS\system32\drivers\runtime2.sys
    C:\WINDOWS\system32\drivers\secdrv.sys
    C:\WINDOWS\system32\drivers\smtpdrv.sys
    C:\WINDOWS\system32\printer.exe
    C:\WINDOWS\system32\WinAvXX.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    ——-\LEGACY_RUNTIME
    ——-\LEGACY_RUNTIME2
    ——-\LEGACY_SMTPDRV
    ——-
    m
    ——-\runtime
    ——-\smtpdrv


    ((((((((((((((((((((((((( Files Created from 2007-08-16 to 2007-09-16 )))))))))))))))))))))))))))))))
    .

    2007-09-16 14:44 51,200 –a—— C:\WINDOWS\NirCmd.exe
    2007-09-15 17:32 53,248 –a—— C:\WINDOWS\system32\Process.exe
    2007-09-15 17:32 51,200 –a—— C:\WINDOWS\system32\dumphive.exe
    2007-09-15 17:32 289,144 –a—— C:\WINDOWS\system32\VCCLSID.exe
    2007-09-15 17:32 288,417 –a—— C:\WINDOWS\system32\SrchSTS.exe
    2007-09-15 17:32 1,696 –a—— C:\WINDOWS\system32\tmp.reg
    2007-09-15 16:53 <DIR> dr-h—– C:\DOCUME~1\Jesse)\Onlangs geopend
    2007-09-14 15:53 39,424 –a—— C:\WINDOWS\system32\vtr.dll
    2007-09-12 08:23 187,412 –a—— C:\WINDOWS\system32\HPAware.exe
    2007-09-08 23:14 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\Apple Computer
    2007-09-07 17:34 543,232 –a—— C:\WINDOWS\system32\GE.dll
    2007-09-02 00:29 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\Ventrilo
    2007-09-01 13:47 <DIR> d——– C:\Program Files\Ventrilo
    2007-08-29 14:40 <DIR> d——– C:\WINDOWS\system32\SolidStateNetworks
    2007-08-29 13:28 10,872 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-08-29 11:34 <DIR> d——– C:\Program Files\uTorrent
    2007-08-29 11:34 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\uTorrent
    2007-08-29 11:32 <DIR> d——– C:\Program Files\BitComet
    2007-08-29 11:13 <DIR> d——– C:\MySQL
    2007-08-27 07:58 4,682 –a—— C:\WINDOWS\system32
    pptNT2.sys
    2007-08-26 12:04 <DIR> d——– C:\Program Files\Apple Software Update
    2007-08-26 12:04 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
    2007-08-26 12:04 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
    2007-08-24 15:15 1,554 –a—— C:\WINDOWS\mozver.dat
    2007-08-23 21:48 492,544 –a—— C:\WINDOWS\system32\HtBt.dll
    2007-08-23 15:30 <DIR> d——– C:\DOCUME~1\Jesse)\Incomplete
    2007-08-23 15:30 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\LimeWire
    2007-08-23 15:11 8,192 –a–c— C:\WINDOWS\system32\dllcache\tsbyuv.dll
    2007-08-23 15:11 8,192 –a—— C:\WINDOWS\system32\tsbyuv.dll
    2007-08-23 15:11 57,856 –a–c— C:\WINDOWS\system32\dllcache\drmk.sys
    2007-08-23 15:11 57,856 –a—— C:\WINDOWS\system32\drivers\drmk.sys
    2007-08-23 15:11 50,176 –a—— C:\WINDOWS\system32\drivers\vfwwdm32.dll
    2007-08-23 15:11 45,568 –a–c— C:\WINDOWS\system32\dllcache\iyuv_32.dll
    2007-08-23 15:11 45,568 –a—— C:\WINDOWS\system32\iyuv_32.dll
    2007-08-23 15:05 <DIR> d——– C:\WINDOWS\Profiles
    2007-08-23 15:05 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\InterTrust
    2007-08-23 15:04 306,688 –a—— C:\WINDOWS\IsUninst.exe
    2007-08-22 08:32 20,992 –a—— C:\WINDOWS\libasco.exe
    2007-08-20 21:32 <DIR> d——– C:\DOCUME~1\LOCALS~1.000\APPLIC~1\Xfire
    2007-08-20 21:17 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\teamspeak2
    2007-08-20 21:08 <DIR> d——– C:\Program Files\Xfire
    2007-08-20 21:08 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\Xfire
    2007-08-20 10:23 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bluetooth
    2007-08-18 12:03 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
    2007-08-17 23:48 <DIR> d——– C:\Program Files\CCleaner
    2007-08-17 23:47 <DIR> d——– C:\Program Files\SoftPortal
    2007-08-17 23:28 348,845 –a—— C:\WINDOWS\system32\head.exe
    2007-08-17 23:28 33,070 –a—— C:\WINDOWS\system32\XPEntertainmentsUninstall.exe
    2007-08-16 14:53 8 –a—— C:\WINDOWS\system32
    vModes.dat
    2007-08-16 13:59 0 –a—— C:\WINDOWS
    sreg.dat

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-09-05 21:55 ——— d——– C:\DOCUME~1\Jesse)\APPLIC~1\Skype
    2007-09-01 13:47 ——— d——– C:\Program Files\Common Files\Wise Installation Wizard
    2007-08-29 13:02 ——— d——– C:\Program Files\Common Files\Blizzard Entertainment
    2007-08-26 12:05 ——— d——– C:\Program Files\QuickTime
    2007-08-13 23:22 ——— d——– C:\Program Files\Skype
    2007-08-13 23:22 ——— d——– C:\Program Files\Common Files\Skype
    2007-08-13 23:22 ——— d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Skype
    2007-08-13 21:20 ——— d——– C:\Program Files\MSN Messenger
    2007-08-13 13:02 ——— d–h—– C:\Program Files\InstallShield Installation Information
    2007-08-13 13:02 ——— d——– C:\Program Files\Realtek
    2007-08-12 19:54 ——— d——– C:\Program Files\AlienGUIse
    2007-08-10 23:53 ——— d——– C:\Program Files\VIA
    2007-08-10 23:45 ——— d——– C:\Program Files\My Company Name
    2007-08-10 23:44 ——— d——– C:\Program Files\ASUS
    2007-08-01 10:48 ——— d——– C:\Program Files\Google
    2007-07-31 13:57 ——— d——– C:\Program Files\Common Files\Stardock
    2007-07-31 13:00 ——— d——– C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\Google
    2007-07-29 22:07 ——— d——– C:\DOCUME~1\Jesse\APPLIC~1\Skype
    2007-07-29 19:28 ——— d——– C:\DOCUME~1\Jesse\APPLIC~1\StumbleUpon
    2007-07-22 17:54 ——— d——– C:\Program Files\Steinberg
    2007-07-20 14:26 ——— d——– C:\DOCUME~1\Jesse\APPLIC~1\Xfire
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-04-12 17:44]
    "nwiz"="nwiz.exe" [2007-04-12 17:44 C:\WINDOWS\system32
    wiz.exe]
    "NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-04-12 17:44]
    "GamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 09:42]
    "RTHDCPL"="RTHDCPL.EXE" [2006-09-12 03:58 C:\WINDOWS\RTHDCPL.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 05:04 C:\WINDOWS\SkyTel.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-09 15:08]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
    "Steam"="d:\program files\steam\steam.exe" [2007-08-18 00:01]

    C:\DOCUME~1\ALLUSE~1.WIN\MENUST~1\PROGRA~1\OPSTAR~1\
    BlueSoleil.lnk - D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe [2006-07-16 18:33:36]

    C:\DOCUME~1\JESSE~1.PC-\MENUST~1\PROGRA~1\OPSTAR~1\
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
    Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe [2007-07-31 13:57:55]

    C:\DOCUME~1\Jesse\MENUST~1\PROGRA~1\OPSTAR~1\
    Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=0 (0x0)

    R1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\System32\drivers\asusgsb32.sys
    R3 Camdrv30;Philips ToUcam XS;C:\WINDOWS\System32\Drivers\camdrv30.sys

    *Newly Created Service* - ALG
    *Newly Created Service* - IPNAT
    .
    Contents of the 'Scheduled Tasks' folder
    "2007-08-26 10:04:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-16 14:48:07
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-16 14:50:02 - machine was rebooted
    C:\ComboFix-quarantined-files.txt … 2007-09-16 14:50
    C:\ComboFix2.txt … 2007-07-29 22:09
    .
    — E O F —


    ======================================================================
    ——————————————————————————————————————————
    ======================================================================

    Hier het logje van HijackThis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:51:36, on 16-9-2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
    C:\WINDOWS\System32
    vsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\system32
    otepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BlueSoleil.lnk = D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32
    wprovau.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32
    vsvc32.exe


    End of file - 4550 bytes








Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.