Vraag & Antwoord
Systeem Beheerder Error - Hijack Log
4 antwoorden
- Ik krijg bij ongeveer alles wat ik doe op mijn PC om iets te doen in mijn PC zelf (configuratie scherm, taakbeheer dat soort dingen) een error: De bewerking is geannuleerd vanwege o puw systeem geldende beperkingen. Neem contact met de systeembheerder op.
Het maffe is dat ik de systeembeheerder / administrator ben..
Kan iemand me aub helpen?
Bedankt.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:20:38, on 15-9-2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\printer.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\HPAware.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jesse)\Bureaublad\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKLM\..\Run: [HP Update Assistant] C:\WINDOWS\System32\HPAware.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: system.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: BlueSoleil.lnk = D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\System32\systems.txt
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
–
End of file - 5374 bytes - Volg de aanwijzingen van M@rc je bent in goede handen
- Gebruik deze versie van hijackthis: http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
Sluit alle open vensters.
Start HijackThis nog een keer en plaats een vinkje bij de volgende items:
[b:d4f0df2189]F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKLM\..\Run: [HP Update Assistant] C:\WINDOWS\System32\HPAware.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - Startup: system.exe
O4 - Global Startup: autorun.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O20 - AppInit_DLLs: C:\WINDOWS\System32\systems.txt[/b:d4f0df2189]
Klik daarna op "Fix checked" en sluit HijackThis af.
Herstart de computer.
Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Plaats het op je bureaublad.
Dubbelklik er op om het programma te starten.
In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
Volg de instructies op het scherm.
Als het tooltje klaar is, opent er een logfile (combofix.txt).
Post de inhoud van dit bestandje samen met een nieuwe hijackthislog. - Alvast bedankt voor het helpen.
Hier het logje van Combofix:
ComboFix 07-09-14.2 - "Jesse)" 2007-09-16 14:45:03.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1252.31.1043.18.1582 [GMT 2:00]
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp24.tmp.exe
C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp25.tmp.exe
C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp26.tmp.exe
C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp4.tmp.exe
C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp5.tmp.exe
C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\tmp7.tmp.exe
C:\WINDOWS\system32\0_exception.nls
C:\WINDOWS\system32\drivers\runtime2.sys
C:\WINDOWS\system32\drivers\secdrv.sys
C:\WINDOWS\system32\drivers\smtpdrv.sys
C:\WINDOWS\system32\printer.exe
C:\WINDOWS\system32\WinAvXX.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
——-\LEGACY_RUNTIME
——-\LEGACY_RUNTIME2
——-\LEGACY_SMTPDRV
——-\nm
——-\runtime
——-\smtpdrv
((((((((((((((((((((((((( Files Created from 2007-08-16 to 2007-09-16 )))))))))))))))))))))))))))))))
.
2007-09-16 14:44 51,200 –a—— C:\WINDOWS\NirCmd.exe
2007-09-15 17:32 53,248 –a—— C:\WINDOWS\system32\Process.exe
2007-09-15 17:32 51,200 –a—— C:\WINDOWS\system32\dumphive.exe
2007-09-15 17:32 289,144 –a—— C:\WINDOWS\system32\VCCLSID.exe
2007-09-15 17:32 288,417 –a—— C:\WINDOWS\system32\SrchSTS.exe
2007-09-15 17:32 1,696 –a—— C:\WINDOWS\system32\tmp.reg
2007-09-15 16:53 <DIR> dr-h—– C:\DOCUME~1\Jesse)\Onlangs geopend
2007-09-14 15:53 39,424 –a—— C:\WINDOWS\system32\vtr.dll
2007-09-12 08:23 187,412 –a—— C:\WINDOWS\system32\HPAware.exe
2007-09-08 23:14 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\Apple Computer
2007-09-07 17:34 543,232 –a—— C:\WINDOWS\system32\GE.dll
2007-09-02 00:29 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\Ventrilo
2007-09-01 13:47 <DIR> d——– C:\Program Files\Ventrilo
2007-08-29 14:40 <DIR> d——– C:\WINDOWS\system32\SolidStateNetworks
2007-08-29 13:28 10,872 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-29 11:34 <DIR> d——– C:\Program Files\uTorrent
2007-08-29 11:34 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\uTorrent
2007-08-29 11:32 <DIR> d——– C:\Program Files\BitComet
2007-08-29 11:13 <DIR> d——– C:\MySQL
2007-08-27 07:58 4,682 –a—— C:\WINDOWS\system32\npptNT2.sys
2007-08-26 12:04 <DIR> d——– C:\Program Files\Apple Software Update
2007-08-26 12:04 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
2007-08-26 12:04 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
2007-08-24 15:15 1,554 –a—— C:\WINDOWS\mozver.dat
2007-08-23 21:48 492,544 –a—— C:\WINDOWS\system32\HtBt.dll
2007-08-23 15:30 <DIR> d——– C:\DOCUME~1\Jesse)\Incomplete
2007-08-23 15:30 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\LimeWire
2007-08-23 15:11 8,192 –a–c— C:\WINDOWS\system32\dllcache\tsbyuv.dll
2007-08-23 15:11 8,192 –a—— C:\WINDOWS\system32\tsbyuv.dll
2007-08-23 15:11 57,856 –a–c— C:\WINDOWS\system32\dllcache\drmk.sys
2007-08-23 15:11 57,856 –a—— C:\WINDOWS\system32\drivers\drmk.sys
2007-08-23 15:11 50,176 –a—— C:\WINDOWS\system32\drivers\vfwwdm32.dll
2007-08-23 15:11 45,568 –a–c— C:\WINDOWS\system32\dllcache\iyuv_32.dll
2007-08-23 15:11 45,568 –a—— C:\WINDOWS\system32\iyuv_32.dll
2007-08-23 15:05 <DIR> d——– C:\WINDOWS\Profiles
2007-08-23 15:05 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\InterTrust
2007-08-23 15:04 306,688 –a—— C:\WINDOWS\IsUninst.exe
2007-08-22 08:32 20,992 –a—— C:\WINDOWS\libasco.exe
2007-08-20 21:32 <DIR> d——– C:\DOCUME~1\LOCALS~1.000\APPLIC~1\Xfire
2007-08-20 21:17 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\teamspeak2
2007-08-20 21:08 <DIR> d——– C:\Program Files\Xfire
2007-08-20 21:08 <DIR> d——– C:\DOCUME~1\Jesse)\APPLIC~1\Xfire
2007-08-20 10:23 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Bluetooth
2007-08-18 12:03 <DIR> d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Google
2007-08-17 23:48 <DIR> d——– C:\Program Files\CCleaner
2007-08-17 23:47 <DIR> d——– C:\Program Files\SoftPortal
2007-08-17 23:28 348,845 –a—— C:\WINDOWS\system32\head.exe
2007-08-17 23:28 33,070 –a—— C:\WINDOWS\system32\XPEntertainmentsUninstall.exe
2007-08-16 14:53 8 –a—— C:\WINDOWS\system32\nvModes.dat
2007-08-16 13:59 0 –a—— C:\WINDOWS\nsreg.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-05 21:55 ——— d——– C:\DOCUME~1\Jesse)\APPLIC~1\Skype
2007-09-01 13:47 ——— d——– C:\Program Files\Common Files\Wise Installation Wizard
2007-08-29 13:02 ——— d——– C:\Program Files\Common Files\Blizzard Entertainment
2007-08-26 12:05 ——— d——– C:\Program Files\QuickTime
2007-08-13 23:22 ——— d——– C:\Program Files\Skype
2007-08-13 23:22 ——— d——– C:\Program Files\Common Files\Skype
2007-08-13 23:22 ——— d——– C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Skype
2007-08-13 21:20 ——— d——– C:\Program Files\MSN Messenger
2007-08-13 13:02 ——— d–h—– C:\Program Files\InstallShield Installation Information
2007-08-13 13:02 ——— d——– C:\Program Files\Realtek
2007-08-12 19:54 ——— d——– C:\Program Files\AlienGUIse
2007-08-10 23:53 ——— d——– C:\Program Files\VIA
2007-08-10 23:45 ——— d——– C:\Program Files\My Company Name
2007-08-10 23:44 ——— d——– C:\Program Files\ASUS
2007-08-01 10:48 ——— d——– C:\Program Files\Google
2007-07-31 13:57 ——— d——– C:\Program Files\Common Files\Stardock
2007-07-31 13:00 ——— d——– C:\DOCUME~1\JESSE~1.PC-\APPLIC~1\Google
2007-07-29 22:07 ——— d——– C:\DOCUME~1\Jesse\APPLIC~1\Skype
2007-07-29 19:28 ——— d——– C:\DOCUME~1\Jesse\APPLIC~1\StumbleUpon
2007-07-22 17:54 ——— d——– C:\Program Files\Steinberg
2007-07-20 14:26 ——— d——– C:\DOCUME~1\Jesse\APPLIC~1\Xfire
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-04-12 17:44]
"nwiz"="nwiz.exe" [2007-04-12 17:44 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-04-12 17:44]
"GamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 09:42]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-12 03:58 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 05:04 C:\WINDOWS\SkyTel.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-09 15:08]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
"Steam"="d:\program files\steam\steam.exe" [2007-08-18 00:01]
C:\DOCUME~1\ALLUSE~1.WIN\MENUST~1\PROGRA~1\OPSTAR~1\
BlueSoleil.lnk - D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe [2006-07-16 18:33:36]
C:\DOCUME~1\JESSE~1.PC-\MENUST~1\PROGRA~1\OPSTAR~1\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe [2007-07-31 13:57:55]
C:\DOCUME~1\Jesse\MENUST~1\PROGRA~1\OPSTAR~1\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
R1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\System32\drivers\asusgsb32.sys
R3 Camdrv30;Philips ToUcam XS;C:\WINDOWS\System32\Drivers\camdrv30.sys
*Newly Created Service* - ALG
*Newly Created Service* - IPNAT
.
Contents of the 'Scheduled Tasks' folder
"2007-08-26 10:04:40 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-16 14:48:07
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-16 14:50:02 - machine was rebooted
C:\ComboFix-quarantined-files.txt … 2007-09-16 14:50
C:\ComboFix2.txt … 2007-07-29 22:09
.
— E O F —
======================================================================
——————————————————————————————————————————
======================================================================
Hier het logje van HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:51:36, on 16-9-2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "d:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = D:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
–
End of file - 4550 bytes
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.