Vraag & Antwoord

Beveiliging & privacy

Hijack this logje

Anoniem
None
16 antwoorden
 • Me pc is weer in flipmode
  Ik heb hier een logje gemaakt
  ik hoop dat jullie wat vinden  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 11:23:30, on 27-12-2007
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v7.00 (7.00.6000.16574)
  Boot mode: Normal

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  C:\WINDOWS\RTHDCPL.EXE
  C:\WINDOWS\Mixer.exe
  C:\Program Files\ESET\ESET Smart Security\egui.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
  C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
  D:\steam\steam.exe
  C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\PROGRA~1\MICROS~4\rapimgr.exe
  C:\WINDOWS\system32\PnkBstrA.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\internet explorer\iexplore.exe
  C:\Program Files\Windows Live\Messenger\usnsvc.exe
  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  F3 - REG:win.ini: run=
  O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
  O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
  O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
  O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
  O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
  O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
  O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sadik\Menu Start\Programma's\IMVU\Run IMVU.lnk
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
  O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
  O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195901566359
  O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
  O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe


  End of file - 8294 bytes


  ben blij als jullie me zo snel mogelijk helpen

  alvast erg bedankt

  ennnn prettige vuurwerkdagen verder.. :D
 • nog iemand???

 • Geef eens een wat duidelijkere omschrijving van de problemen die er zijn.
 • hij doet weer traag enzo
  start moeilijk op
 • Fix deze met hijackthis:
  F3 - REG:win.ini: run=

  Voer de instructies uit die op deze site beschreven worden.
  Help! Mijn computer is traag!
 • bedankt maar die dingen doe ik al elke dag/week
 • Download combofix.exe: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  Plaats het op je bureaublad.
  Dubbelklik er op om het programma te starten.
  In het scherm dat verschijnt tik je een 1 in om het cleaning- en analysesproces te laten uitvoeren.
  Volg de instructies op het scherm.
  Als het tooltje klaar is, opent er een logfile (combofix.txt).
  Post de inhoud van dit bestandje samen met een nieuwe hijackthislog.
 • ComboFix 07-12-21.4 - Sadik 2007-12-30 22:10:22.2 - NTFSx86
  Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.1463 [GMT 1:00]
  Gestart vanuit: C:\Documents and Settings\Sadik\Bureaublad\ComboFix.exe
  * Nieuw herstelpunt werd aangemaakt
  .

  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .

  C:\Documents and Settings\Sadik\Application Data\inst.exe

  .
  (((((((((((((((((((( Bestanden Gemaakt van 2007-11-28 to 2007-12-30 ))))))))))))))))))))))))))))))
  .

  2007-12-30 21:19 . 2007-12-30 21:19 <DIR> dr-h—– C:\Documents and Settings\Sadik\Onlangs geopend
  2007-12-29 13:49 . 2007-12-29 13:52 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Nokia
  2007-12-29 13:49 . 2007-12-29 13:49 <DIR> d——– C:\Documents and Settings\All Users\Application Data\PC Suite
  2007-12-29 13:46 . 2007-12-29 13:51 <DIR> d——– C:\Program Files\Nokia
  2007-12-29 13:46 . 2007-12-29 13:46 <DIR> d——– C:\Program Files\DIFX
  2007-12-29 13:46 . 2007-12-29 13:46 <DIR> d——– C:\Program Files\Common Files\PCSuite
  2007-12-29 13:46 . 2007-12-29 13:46 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PC Suite
  2007-12-29 13:45 . 2007-12-29 13:45 <DIR> d——– C:\Program Files\PC Connectivity Solution
  2007-12-28 01:49 . 2007-12-28 01:49 <DIR> d——– C:\Program Files\MSBuild
  2007-12-28 01:46 . 2007-12-28 17:40 <DIR> d——– C:\WINDOWS\system32\XPSViewer
  2007-12-28 01:45 . 2007-12-28 01:45 <DIR> d——– C:\Program Files\Reference Assemblies
  2007-12-28 01:44 . 2006-06-29 13:07 14,048 ——— C:\WINDOWS\system32\spmsg2.dll
  2007-12-27 19:45 . 2007-12-27 19:45 <DIR> d——– C:\Documents and Settings\All Users\Application Data\LogiShrd
  2007-12-27 19:41 . 2007-12-27 19:41 <DIR> d——– C:\Program Files\Common Files\Logishrd
  2007-12-27 19:41 . 2007-11-15 10:06 301,656 –a—— C:\WINDOWS\system32\BtCoreIf.dll
  2007-12-27 19:32 . 2007-12-27 19:32 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Logitech
  2007-12-27 19:31 . 2007-12-27 19:31 127,034 -r——- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
  2007-12-27 19:30 . 2007-11-15 10:07 170,512 –a—— C:\WINDOWS\system32\kemutb.dll
  2007-12-27 19:30 . 2007-11-15 10:07 141,840 –a—— C:\WINDOWS\system32\KemUtil.dll
  2007-12-27 19:30 . 2007-11-15 10:07 117,264 –a—— C:\WINDOWS\system32\KemWnd.dll
  2007-12-27 19:30 . 2007-09-21 03:10 78,992 –a—— C:\WINDOWS\system32\drivers\LMouKE.Sys
  2007-12-27 19:30 . 2007-11-15 10:07 76,304 –a—— C:\WINDOWS\system32\KemXML.dll
  2007-12-27 19:30 . 2007-09-21 03:10 63,120 –a—— C:\WINDOWS\system32\drivers\L8042mou.Sys
  2007-12-27 19:30 . 2007-09-21 03:10 55,824 –a—— C:\WINDOWS\KHALMNPR.Exe
  2007-12-27 19:30 . 2007-09-21 03:10 20,240 –a—— C:\WINDOWS\system32\drivers\L8042Kbd.sys
  2007-12-27 19:29 . 2007-12-27 19:31 <DIR> d——– C:\Program Files\Logitech
  2007-12-27 19:29 . 2007-12-27 19:41 <DIR> d——– C:\Program Files\Common Files\Logitech
  2007-12-27 19:29 . 2007-12-27 19:29 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Logitech
  2007-12-27 11:21 . 2007-12-30 01:37 54,156 –ah—– C:\WINDOWS\QTFont.qfn
  2007-12-27 11:21 . 2007-12-27 11:21 1,409 –a—— C:\WINDOWS\QTFont.for
  2007-12-27 00:55 . 2007-12-28 14:25 <DIR> d-a—— C:\Documents and Settings\All Users\Application Data\TEMP
  2007-12-27 00:47 . 2007-12-27 00:56 <DIR> d——– C:\Program Files\Spyware Doctor
  2007-12-27 00:47 . 2007-12-27 00:47 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\PC Tools
  2007-12-27 00:47 . 2005-09-23 08:29 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
  2007-12-27 00:47 . 2007-12-27 00:47 74,240 –a—— C:\WINDOWS\system32\drivers\iksyssec.sys
  2007-12-27 00:47 . 2007-12-27 00:47 56,832 –a—— C:\WINDOWS\system32\drivers\iksysflt.sys
  2007-12-27 00:47 . 2007-10-18 00:14 41,288 –a—— C:\WINDOWS\system32\drivers\ikfilesec.sys
  2007-12-27 00:47 . 2007-10-18 00:16 29,000 –a—— C:\WINDOWS\system32\drivers\kcom.sys
  2007-12-26 13:19 . 2007-12-26 13:20 <DIR> d——– C:\Program Files\QuickTime
  2007-12-25 01:31 . 2007-12-25 01:31 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\ESET
  2007-12-25 01:30 . 2007-12-25 01:30 <DIR> d——– C:\Documents and Settings\All Users\Application Data\ESET
  2007-12-24 02:45 . 2007-12-24 02:45 <DIR> d——– C:\Program Files\America's Army Server Manager
  2007-12-23 18:04 . 2001-11-23 12:08 712,704 –a—— C:\WINDOWS\system32\Audio3D.dll
  2007-12-22 12:48 . 2006-07-22 07:40 143,360 –a—— C:\WINDOWS\system32\RtlCPAPI.dll
  2007-12-22 12:48 . 2006-08-01 15:02 49,152 –a—— C:\WINDOWS\system32\ChCfg.exe
  2007-12-22 12:47 . 2007-12-22 12:47 <DIR> d——– C:\Program Files\Realtek
  2007-12-21 20:45 . 2004-08-04 09:03 299,008 –a—— C:\WINDOWS\system\MSH263.DRV
  2007-12-21 20:45 . 2004-08-04 09:03 54,272 –a—— C:\WINDOWS\system32\vfwwdm32.dll
  2007-12-21 20:45 . 2004-08-04 09:03 54,272 –a–c— C:\WINDOWS\system32\dllcache\vfwwdm32.dll
  2007-12-21 20:45 . 2004-08-04 09:03 47,616 –a—— C:\WINDOWS\system\IYUV_32.DLL
  2007-12-21 20:44 . 2007-12-21 20:44 <DIR> d——– C:\Program Files\MD40323
  2007-12-21 16:01 . 2007-12-21 16:01 <DIR> d——– C:\Program Files\Riva
  2007-12-21 16:01 . 2007-12-21 16:01 <DIR> d——– C:\Program Files\Common Files\SWF Studio
  2007-12-21 15:58 . 2007-12-21 16:04 <DIR> d——– C:\Temp
  2007-12-21 15:52 . 2007-12-21 15:52 <DIR> d——– C:\Program Files\Xilisoft
  2007-12-21 15:46 . 2007-12-21 15:46 <DIR> d——– C:\Program Files\Common Files\Download Manager
  2007-12-21 14:53 . 2007-12-21 14:53 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Messenger Plus!
  2007-12-21 00:14 . 2007-12-21 15:45 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Vso
  2007-12-21 00:14 . 2007-12-21 00:14 47,360 –a—— C:\WINDOWS\system32\drivers\pcouffin.sys
  2007-12-21 00:14 . 2007-12-21 15:45 47,360 –a—— C:\Documents and Settings\Sadik\Application Data\pcouffin.sys
  2007-12-20 23:15 . 2007-12-20 23:19 <DIR> d——– C:\Program Files\IMVU
  2007-12-20 23:15 . 2007-12-20 23:16 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\IMVU
  2007-12-20 16:12 . 2007-12-20 16:12 <DIR> d——– C:\Program Files\Messenger Plus! Live
  2007-12-20 13:37 . 2007-12-25 14:19 <DIR> d——– C:\Documents and Settings\Sadik\G-Force
  2007-12-17 23:25 . 2007-12-17 23:25 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\SoundSpectrum
  2007-12-17 23:24 . 2007-12-20 13:36 <DIR> d——– C:\Program Files\SoundSpectrum
  2007-12-17 20:02 . 2007-12-18 16:59 <DIR> d——– C:\Program Files\Windows Live Safety Center
  2007-12-16 21:11 . 2007-12-16 21:11 <DIR> d——– C:\Program Files\C-Media
  2007-12-16 21:11 . 2006-06-14 11:05 1,855,488 ——— C:\WINDOWS\mixer.exe
  2007-12-16 21:11 . 2000-10-20 18:28 765,952 –a—— C:\WINDOWS\system\crlds3d.dll
  2007-12-16 21:11 . 2002-11-18 15:51 377,358 –a—— C:\WINDOWS\system32\drivers\cmaudio.sys
  2007-12-16 21:11 . 2002-07-11 11:24 139,264 –a—— C:\WINDOWS\cmuninst.exe
  2007-12-16 21:11 . 2002-07-11 12:13 135,168 –a—— C:\WINDOWS\cmuninst.dat
  2007-12-16 21:11 . 2002-11-19 15:46 39,104 –a—— C:\WINDOWS\cmijack.dat
  2007-12-16 21:11 . 2006-06-14 11:05 32,768 –a—— C:\WINDOWS\system32\cmnprop.dll
  2007-12-16 21:11 . 2002-11-19 15:43 22,178 –a—— C:\WINDOWS\cmaudio.dat
  2007-12-16 21:00 . 2007-12-16 21:00 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\Comodo
  2007-12-16 21:00 . 2007-12-16 21:00 <DIR> d——– C:\Documents and Settings\All Users\Application Data\Comodo
  2007-12-16 19:52 . 2007-12-16 19:52 <DIR> d–h—– C:\WINDOWS\PIF
  2007-12-16 17:38 . 2007-12-17 17:13 <DIR> d——– C:\Program Files\Comodo
  2007-12-16 17:38 . 2007-12-08 02:29 211 –a—— C:\boot.ini.comodofirewall
  2007-12-15 10:52 . 2007-12-15 10:58 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\NewsBin
  2007-12-15 10:52 . 2007-12-15 10:52 <DIR> d——– C:\Documents and Settings\All Users\Application Data\NewsBin
  2007-12-14 23:55 . 2007-12-14 23:55 <DIR> d——– C:\Program Files\SystemRequirementsLab
  2007-12-13 18:26 . 2007-12-13 18:26 <DIR> d——– C:\Program Files\directx
  2007-12-12 23:19 . 2007-12-12 23:19 <DIR> d——– C:\Program Files\Common Files\Adobe
  2007-12-11 20:41 . 2007-12-11 20:41 <DIR> d——– C:\WINDOWS\ASTULogTemp
  2007-12-11 20:41 . 2007-12-11 20:41 <DIR> d——– C:\Program Files\Microsoft.NET
  2007-12-11 20:41 . 2007-12-28 02:19 6,094 –a—— C:\WINDOWS\system32\ASTULog.cab
  2007-12-11 20:41 . 2007-12-28 02:19 1,043 –a—— C:\WINDOWS\system32\setup.inf
  2007-12-11 20:41 . 2007-12-28 02:19 283 –a—— C:\WINDOWS\system32\setup.rpt
  2007-12-11 19:32 . 2007-12-11 19:32 <DIR> d——– C:\Program Files\MSXML 6.0
  2007-12-11 10:57 . 2007-12-11 10:57 65,536 –a—— C:\WINDOWS\system32\QuickTimeVR.qtx
  2007-12-11 10:57 . 2007-12-11 10:57 49,152 –a—— C:\WINDOWS\system32\QuickTime.qts
  2007-12-10 23:38 . 2007-12-16 02:59 <DIR> d——– C:\Program Files\Microsoft ActiveSync
  2007-12-09 20:52 . 2007-12-09 20:52 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\vlc
  2007-12-09 20:48 . 2007-12-09 20:48 <DIR> d——– C:\Program Files\VideoLAN
  2007-12-09 20:38 . 2007-12-09 20:44 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\DivX
  2007-12-09 11:42 . 2007-12-09 11:42 <DIR> d——– C:\Program Files\IE7Pro
  2007-12-09 11:42 . 2007-12-09 11:42 <DIR> d——– C:\Documents and Settings\Sadik\Application Data\IE7Pro

  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2007-12-30 20:15 ——— d–h–w C:\Program Files\InstallShield Installation Information
  2007-12-26 12:19 ——— d—–w C:\Documents and Settings\All Users\Application Data\Apple Computer
  2007-12-10 22:36 ——— d—–w C:\Program Files\Common Files\Teleca Shared
  2007-12-08 11:17 ——— d—–w C:\Program Files\ASUS
  2007-12-08 01:43 382 —-a-w C:\Program Files\Snelkoppeling naar Program Files.lnk
  2007-11-24 01:01 9,344 —-a-w C:\WINDOWS\system32\drivers\NSDriver.sys
  2007-11-24 01:01 8,320 —-a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
  2007-11-23 18:20 ——— d—–w C:\Program Files\MP3 Player Utilities 3.13
  2007-11-23 18:17 ——— d—–w C:\Program Files\NVIDIA Corporation
  2007-11-23 18:13 ——— d—–w C:\Documents and Settings\Sadik\Application Data\Teleca
  2007-11-23 18:11 ——— d—–w C:\Program Files\Disc2Phone
  2007-11-23 18:00 6,176 —-a-w C:\WINDOWS\system32\drivers\w810cm.sys
  2007-11-23 18:00 5,808 —-a-w C:\WINDOWS\system32\drivers\w810wh.sys
  2007-11-23 17:57 ——— d—–w C:\Program Files\LRC Editor 4
  2007-11-23 17:51 ——— d—–w C:\Program Files\Common Files\InstallShield
  2007-11-23 17:48 ——— d—–w C:\Program Files\Marvell
  2007-11-23 17:43 ——— d—–w C:\Program Files\Intel
  2007-11-23 17:38 ——— d—–w C:\Program Files\microsoft frontpage
  2007-11-13 10:25 20,480 —-a-w C:\WINDOWS\system32\drivers\secdrv.sys
  2007-10-29 22:45 1,291,776 —-a-w C:\WINDOWS\system32\quartz.dll
  2007-10-25 08:28 222,720 —-a-w C:\WINDOWS\system32\wmasf.dll
  2007-10-24 00:47 96,760 —-a-w C:\WINDOWS\system32\dfshim.dll
  2007-10-24 00:47 84,480 —-a-w C:\WINDOWS\system32\mscories.dll
  2007-10-24 00:47 282,112 —-a-w C:\WINDOWS\system32\mscoree.dll
  2007-10-24 00:47 158,720 —-a-w C:\WINDOWS\system32\mscorier.dll
  2007-10-23 16:49 586,752 —-a-w C:\WINDOWS\WLXPGSS.SCR
  2007-10-22 07:51 972,072 —-a-w C:\WINDOWS\UNRecode.exe
  2007-10-20 00:56 129,784 ——w C:\WINDOWS\system32\pxafs.dll
  2007-10-20 00:56 120,056 ——w C:\WINDOWS\system32\pxcpyi64.exe
  2007-10-20 00:56 118,520 ——w C:\WINDOWS\system32\pxinsi64.exe
  2007-10-18 10:31 51,224 —-a-w C:\WINDOWS\system32\sirenacm.dll
  2007-10-11 08:55 88,576 —-a-w C:\WINDOWS\system32\infocardapi.dll
  2007-10-11 08:55 579,584 —-a-w C:\WINDOWS\system32\icardagt.exe
  2007-10-11 08:55 11,776 —-a-w C:\WINDOWS\system32\icardres.dll
  2007-10-09 12:03 779,800 —-a-w C:\WINDOWS\system32\PresentationNative_v0300.dll
  2007-10-09 12:03 73,752 —-a-w C:\WINDOWS\system32\dxva2.dll
  2007-10-09 12:03 493,080 —-a-w C:\WINDOWS\system32\evr.dll
  2007-10-09 12:03 350,744 —-a-w C:\WINDOWS\system32\PresentationHost.exe
  2007-10-09 12:03 33,304 —-a-w C:\WINDOWS\system32\PresentationHostProxy.dll
  2007-10-09 12:03 161,304 —-a-w C:\WINDOWS\system32\UIAutomationCore.dll
  2007-10-09 12:03 106,520 —-a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
  2007-10-09 12:03 1,986,072 —-a-w C:\WINDOWS\system32\milcore.dll
  2007-10-09 11:58 16,896 —-a-w C:\WINDOWS\system32\tswpfwrp.exe
  2007-10-04 17:16 356,352 —-a-w C:\WINDOWS\system32\NVUNINST.EXE
  2007-10-04 16:14 81,920 —-a-w C:\WINDOWS\system32\nvwddi.dll
  2007-10-04 16:14 81,920 —-a-w C:\WINDOWS\system32\nvmctray.dll
  2007-10-04 16:14 8,491,008 —-a-w C:\WINDOWS\system32\nvcpl.dll
  2007-10-04 16:14 753,664 —-a-w C:\WINDOWS\system32\nvcplui.exe
  2007-10-04 16:14 6,750,208 —-a-w C:\WINDOWS\system32\nvoglnt.dll
  2007-10-04 16:14 6,344,704 —-a-w C:\WINDOWS\system32\nvdisps.dll
  2007-10-04 16:14 5,783,424 —-a-w C:\WINDOWS\system32\nv4_disp.dll
  2007-10-04 16:14 466,944 —-a-w C:\WINDOWS\system32\nvshell.dll
  2007-10-04 16:14 45,056 —-a-w C:\WINDOWS\system32\nvmccsrs.dll
  2007-10-04 16:14 442,368 —-a-w C:\WINDOWS\system32\nvappbar.exe
  2007-10-04 16:14 425,984 —-a-w C:\WINDOWS\system32\keystone.exe
  2007-10-04 16:14 364,544 —-a-w C:\WINDOWS\system32\nvapi.dll
  2007-10-04 16:14 36,864 —-a-w C:\WINDOWS\system32\nvcodins.dll
  2007-10-04 16:14 36,864 —-a-w C:\WINDOWS\system32\nvcod.dll
  2007-10-04 16:14 356,352 —-a-w C:\WINDOWS\system32\nvudisp.exe
  2007-10-04 16:14 307,200 —-a-w C:\WINDOWS\system32\nvexpbar.dll
  2007-10-04 16:14 3,551,232 —-a-w C:\WINDOWS\system32\nvvitvs.dll
  2007-10-04 16:14 3,334,144 —-a-w C:\WINDOWS\system32\nvgames.dll
  2007-10-04 16:14 286,720 —-a-w C:\WINDOWS\system32\nvnt4cpl.dll
  2007-10-04 16:14 229,376 —-a-w C:\WINDOWS\system32\nvmccs.dll
  2007-10-04 16:14 2,371,584 —-a-w C:\WINDOWS\system32\nvwss.dll
  2007-10-04 16:14 188,416 —-a-w C:\WINDOWS\system32\nvmccss.dll
  2007-10-04 16:14 155,716 —-a-w C:\WINDOWS\system32\nvsvc32.exe
  2007-10-04 16:14 147,456 —-a-w C:\WINDOWS\system32\nvcolor.exe
  2007-10-04 16:14 1,703,936 —-a-w C:\WINDOWS\system32\nvwdmcpl.dll
  2007-10-04 16:14 1,626,112 —-a-w C:\WINDOWS\system32\nwiz.exe
  2007-10-04 16:14 1,478,656 —-a-w C:\WINDOWS\system32\nview.dll
  2007-10-04 16:14 1,339,392 —-a-w C:\WINDOWS\system32\nvdspsch.exe
  2007-10-04 16:14 1,150,976 —-a-w C:\WINDOWS\system32\nvmobls.dll
  2007-10-04 16:14 1,019,904 —-a-w C:\WINDOWS\system32\nvwimg.dll
  2006-06-14 10:05 712,704 —-a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
  .

  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  REGEDIT4
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:03]
  "NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-07-03 12:32]
  "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
  "Steam"="d:\steam\steam.exe" [2007-11-30 14:33]
  "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 18:34]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
  "nwiz"="nwiz.exe" [2007-10-04 17:14 C:\WINDOWS\system32\nwiz.exe]
  "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 09:03 C:\WINDOWS\system32\rundll32.exe]
  "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
  "SkyTel"="SkyTel.EXE" [2006-05-16 18:04 C:\WINDOWS\SkyTel.exe]
  "C-Media Mixer"="Mixer.exe" [2006-06-14 11:05 C:\WINDOWS\mixer.exe]
  "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-11-14 15:05]
  "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56]
  "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 C:\WINDOWS\KHALMNPR.Exe]
  "NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-09-07 14:44]

  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
  "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03]

  C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
  Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-12-27 19:31:43]
  Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-12-27 19:41:39]

  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
  c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 2007-11-15 10:10 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
  @=""

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
  @=""

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
  @=""

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^2Mega Camera Manager Monitor.lnk]
  path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\2Mega Camera Manager Monitor.lnk
  backup=C:\WINDOWS\pss\2Mega Camera Manager Monitor.lnkCommon Startup

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
  path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
  backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusStartupHelp]
  2006-11-14 07:25 363008 -ra—— C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
  2007-10-23 14:18 202024 –a—— C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  C:\WINDOWS\system32\NeroCheck.exe

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  C:\Program Files\QuickTime\qttask.exe -atboottime

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
  SkyTel.EXE

  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wizzl]
  2007-11-28 15:45 6119424 –a—— C:\Program Files\Wizzl\Wizzl.exe

  R1 easdrv;easdrv;C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-11-14 15:04]
  R1 epfwtdi;epfwtdi;C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-11-14 15:06]
  R2 eamon;EAMON;C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-11-14 15:03]
  R2 ekrn;Eset Service;"C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [2007-11-14 15:05]
  R2 epfw;epfw;C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-11-14 15:06]
  R3 Epfwndis;Eset Personal Firewall;C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-11-14 15:06]
  S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\Drivers\Ca100v.sys [2002-09-01 06:35]
  S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe" [2007-11-14 15:07]
  S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM);C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-05-03 10:28]
  S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\Drivers\Bulk100.sys [2002-07-28 02:19]

  .
  Inhoud van de 'Gedeelde Taken' map
  "2007-12-26 12:14:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
  .
  **************************************************************************

  catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  Rootkit scan 2007-12-30 22:11:23
  Windows 5.1.2600 Service Pack 2 NTFS

  scannen van verborgen processen …

  scannen van verborgen autostart items …

  scannen van verborgen bestanden …

  Scan succesvol afgerond
  verborgen bestanden: 0

  **************************************************************************
  .
  Voltooingstijd: 2007-12-30 22:11:42
  .
  2007-12-28 10:30:43 — E O F —
 • Ik zie niet direct sporen van malware in je logjes.
 • oops
  vergete
  hijackthislogie

  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 20:21:17, on 31-12-2007
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v7.00 (7.00.6000.16574)
  Boot mode: Normal

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\csrss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\WINDOWS\Mixer.exe
  C:\Program Files\ESET\ESET Smart Security\egui.exe
  C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
  D:\steam\steam.exe
  C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
  C:\PROGRA~1\MICROS~4\rapimgr.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
  C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\system32\PnkBstrA.exe
  C:\Program Files\Spyware Doctor\svcntaux.exe
  C:\Program Files\Spyware Doctor\swdsvc.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  C:\WINDOWS\System32\alg.exe
  C:\Program Files\Windows Live\Messenger\usnsvc.exe
  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
  c:\program files\internet explorer\iexplore.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\WINDOWS\System32\wbem\wmiprvse.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
  O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
  O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
  O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
  O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sadik\Menu Start\Programma's\IMVU\Run IMVU.lnk
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
  O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
  O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195901566359
  O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
  O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
  O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


  End of file - 9312 bytes  en verder prettige jaarwisseling voor iedereen!!!!
  en kijk uit met vuurwerk ;)
 • Ik zie geen sporen van malware in je logjes.
 • nuu?

  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 3:37:34, on 2-1-2008
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v7.00 (7.00.6000.16574)
  Boot mode: Normal

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\csrss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\system32\RUNDLL32.EXE
  C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  C:\WINDOWS\Mixer.exe
  C:\Program Files\ESET\ESET Smart Security\egui.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
  C:\Program Files\Microsoft ActiveSync\wcescomm.exe
  C:\PROGRA~1\MICROS~4\rapimgr.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
  C:\WINDOWS\System32\nvsvc32.exe
  C:\WINDOWS\system32\PnkBstrA.exe
  C:\Program Files\Spyware Doctor\svcntaux.exe
  C:\Program Files\Spyware Doctor\swdsvc.exe
  C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\System32\alg.exe
  C:\Program Files\Windows Live\Messenger\usnsvc.exe
  C:\Program Files\Windows Live\Messenger\msnmsgr.exe
  C:\WINDOWS\System32\wbem\wmiprvse.exe
  C:\Program Files\internet explorer\iexplore.exe
  C:\Program Files\internet explorer\iexplore.exe
  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\WINDOWS\System32\wbem\wmiprvse.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv1.dll
  O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
  O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
  O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
  O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
  O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
  O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
  O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
  O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
  O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra 'Tools' menuitem: Mobiele favorieten maken… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
  O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Sadik\Menu Start\Programma's\IMVU\Run IMVU.lnk
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
  O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
  O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1195901566359
  O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
  O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
  O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
  O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
  O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


  End of file - 9581 bytes
 • Zoals ik al 2x eerder zei, je logjes vertonen geen sporen van malware.
 • jkkkkee

  wat kan het probleem zijn?


  en soms sluit me pc af in een blue screen
  het is steeds 2 zelfde
  1 na 1

  als ik zeg maar cs source speel
  of met msn iemands webcam laat openen
  :

  Driver_irql_not_less_or_equal


  *stop: 0x000000D1 (0x000006C5, 0x00000002, 0x00000000, 0xB970D342

  base at B96e50000, Datestamp 3dd89c06

  En die andere


  Driver_irql'''''''''''

  *Stop: 0x000000D1 (0x00000001, 0x00000002, 0x00000000, 0x0000001\

  alvast erg bedankt
  want het is erg iritant
  vb als ik zeg maar met me familie enzo ga prate uit turkijke zeg maar
  willen we onze cameras en mics openen
  valt ie gewoon uit :S
  en bij cs source
  bij andere spellen zoals cod4 heb k niet
  ik heb ook geprobeerd om de game cache files te herstellen enzo
  "verify integrity game cache files" ofsoww :S

  Steam>Games>CS;Source>Properties>LocalFiles>verify integrity game cache files.

  ik had verder gekeke op google enzo
  op een forum zeiden ze dat je memory ook kapot was ofsow
  dat was het geval niet :D
  had namelijk voor een andere geruild, voor een Geil :D(alternate)
  maar wat kan het oorzaak ervan zijn??


  alvast erg bedankt
  prettige dag verder
 • Wordt er geen bestandsnaam genoemd wanneer je het BSOD krijgt?
  Defect geheugen is een mogelijkheid.
 • had me geheugen omgeruild voor een ander
  toen ik dat blue screens kreeg
  en het zelfde probleem

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.