Ga naar inhoud

smorgens

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    6

  • Registratiedatum

  • Laatst bezocht

Over smorgens

  • Verjaardag 03-01-1958

smorgens's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. smorgens
    In orde. Groeten
  2. smorgens
    Logfile of The Avenger Version 2.0, © by Swandog46 Swandog46's Public Anti-Malware Tools Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\WINDOWS\system32\enjoxypr.dll" deleted successfully. File "C:\WINDOWS\qdnkewfa.dll" deleted successfully. Completed script processing. ******************* Finished! Terminate. Heeft volgens mij zijn werk gedaan. Bedankt nog eens.
  3. smorgens
    Ik heb het kladblokbestand aangemaakt zolas beschreven en gesleept naar ComboFix.exe. ComboFix krijg ik weer niet gestart. Maar de pop-ups zijn ondertussen al weggebleven. Nog eens een dank.
  4. smorgens
    ComboFix 08-04-07.5 - roger 2008-04-08 18:54:53.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.624 [GMT 2:00] Gestart vanuit: C:\Documents and Settings\roger\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe * Nieuw herstelpunt werd aangemaakt WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\roger\Application Data\inst.exe C:\WINDOWS\system32\ayoahdbh.dll C:\WINDOWS\system32\geBstSMC.dll C:\WINDOWS\system32\hbdhaoya.ini C:\WINDOWS\system32\jsibhplx.dll C:\WINDOWS\system32\mmWHOqru.ini C:\WINDOWS\system32\mmWHOqru.ini2 C:\WINDOWS\system32\urqOHWmm.dll C:\WINDOWS\system32\xlphbisj.ini . (((((((((((((((((((( Bestanden Gemaakt van 2008-03-08 to 2008-04-08 )))))))))))))))))))))))))))))) . 2008-04-08 18:43 . 2008-04-08 18:43 3,648 --a------ C:\WINDOWS\system32\enjoxypr.dll 2008-04-07 20:04 . 2008-04-07 20:04 <DIR> d-------- C:\Program Files\Trend Micro 2008-04-06 21:54 . 2008-04-06 21:18 229,376 --a------ C:\WINDOWS\qdnkewfa.dll 2008-04-02 18:44 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys 2008-04-02 18:44 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys 2008-03-09 17:41 . 2001-09-30 20:10 246,784 --a------ C:\WINDOWS\system32\ActiveSkin.ocx 2008-03-09 17:41 . 2001-05-24 13:59 162,304 --a------ C:\UNWISE.EXE 2008-03-09 17:41 . 2002-01-18 19:12 112 --a------ C:\WINDOWS\ActiveSkin.INI 2008-03-09 15:49 . 2008-03-09 15:49 <DIR> d-------- C:\Program Files\DVDFab Platinum 4 . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-08 17:02 --------- d-----w C:\Documents and Settings\roger\Application Data\OpenOffice.org2 2008-04-06 18:02 --------- d-----w C:\Program Files\Avant Browser 2008-04-05 11:32 --------- d-----w C:\Documents and Settings\roger\Application Data\gtk-2.0 2008-04-04 16:24 --------- d-----w C:\Program Files\Opera 2008-03-29 17:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2008-03-29 17:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2008-03-29 17:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2008-03-29 17:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2008-03-24 15:34 --------- d-----w C:\Program Files\Java 2008-03-23 14:23 --------- d-----w C:\Program Files\MediaCoder 2008-03-22 18:14 --------- d-----w C:\Documents and Settings\roger\Application Data\Vso 2008-03-09 13:49 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys 2008-03-09 13:49 47,360 ----a-w C:\Documents and Settings\roger\Application Data\pcouffin.sys 2008-03-09 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2008-03-05 22:10 --------- d-----w C:\Program Files\AllToAVI 2008-02-25 17:34 --------- d-----w C:\Documents and Settings\roger\Application Data\U3 2008-02-21 08:16 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-17 14:56 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-17 14:56 --------- d-----w C:\Program Files\Ipswitch 2008-02-17 14:56 --------- d-----w C:\Documents and Settings\roger\Application Data\Ipswitch 2008-02-17 14:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ipswitch 2008-02-17 13:40 --------- d-----w C:\Program Files\FileZilla 2008-02-16 13:10 --------- d-----w C:\Program Files\Common Files\SupportSoft 2007-10-07 09:55 81,920 ----a-w C:\Documents and Settings\roger\Application Data\ezpinst.exe 2007-07-17 19:49 53 ----a-w C:\Program Files\GMLMatting.ini 2007-04-30 18:35 774,144 ----a-w C:\Program Files\RngInterstitial.dll 2007-03-28 21:47 262,144 ----a-w C:\Program Files\GMLMatting.8bf 2006-05-06 09:14 2,244 ----a-w C:\Program Files\ST6UNST.LOG 2001-06-11 21:32 315,392 ----a-w C:\Program Files\SAILCUT5.exe 2004-08-04 12:00 94,784 --sh--w C:\WINDOWS\twain.dll 2004-08-04 12:00 50,688 --sh--w C:\WINDOWS\twain_32.dll 2007-11-11 15:45 56 --sh--r C:\WINDOWS\system32\433A3B47A4.sys 2007-11-11 15:45 10,022 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys 2004-08-04 12:00 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll 2004-08-04 12:00 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll 2007-12-04 18:42 550,912 --sh--w C:\WINDOWS\system32\oleaut32.dll 2004-08-04 12:00 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll 2004-08-04 12:00 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 21:59 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "PCLEPCI"="C:\PROGRA~1\Pinnacle\PPE\ppe.exe" [2002-11-04 10:40 32768] "C:\Program Files\NET Traffic Meter\NET Traffic Meter"="C:\Program Files\NET Traffic Meter\NET Traffic Meter.exe" [ ] "SoundMax"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-08-06 07:27 860160] "Lingoes"="C:\Program Files\Lingoes\Translator\Lingoes.exe" [2008-01-01 22:40 1945600] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Pinnacle Scheduler.lnk - C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [2006-05-02 17:43:17 237568] TabUserW.exe.lnk - C:\WINDOWS\system32\Wtablet\TabUserW.exe [2003-12-04 17:48:40 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.PIM1"= PCLEPIM1.dll "msacm.ac3acm"= ac3acm.acm "VIDC.X264"= x264vfw.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv "vidc.i420"= i420vfw.dll "msacm.lameacm"= lameACM.acm "msacm.l3fhg"= mp3fhg.acm "msacm.divxa32"= DivXa32.acm "msacm.imc"= imc32.acm "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Poort voor Symantec Fax Starter Edition.lnk backup=C:\WINDOWS\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^roger^Menu Start^Programma's^Opstarten^OpenOffice.org 2.0 .lnk] path=C:\Documents and Settings\roger\Menu Start\Programma's\Opstarten\OpenOffice.org 2.0 .lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0 .lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^roger^Menu Start^Programma's^Opstarten^PopTray.lnk] path=C:\Documents and Settings\roger\Menu Start\Programma's\Opstarten\PopTray.lnk backup=C:\WINDOWS\pss\PopTray.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a------ 2006-12-10 20:37 227328 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsgCenterExe] C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] ---hs---- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] --a------ 2006-03-16 01:07 421888 C:\Program Files\Picasa2\PicasaMediaDetector.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] --a------ 2001-07-03 09:11 57344 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] --a------ 2006-10-18 12:50 20058152 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] --a------ 2004-08-06 07:27 860160 C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2004-10-14 09:11 1388544 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Pinnacle\\Pinnacle PCTV\\TeleText\\WebServer.exe"= "C:\\Program Files\\AboutTime\\AboutTime.exe"= "C:\\Program Files\\Opera\\Opera.exe"= "C:\\Program Files\\Avant Browser\\avant.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "C:\\Program Files\\Zinf\\zinf.exe"= "C:\\Program Files\\Chami\\HTML-Kit\\Bin\\HTMLKit.exe"= R0 PenClass;Pen Class;C:\WINDOWS\system32\Drivers\penclass.sys [2001-04-09 13:45] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35] R3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2002-11-11 19:52] S2 BT848;Bt878, WDM Video Capture;C:\WINDOWS\system32\drivers\BT848.sys [2002-06-26 00:39] S2 BTTUNER;BtTuner, WDM TvTuner;C:\WINDOWS\system32\drivers\BTTUNER.sys [2002-02-22 17:34] S2 BTXBAR;BtXBar, WDM Crossbar;C:\WINDOWS\system32\drivers\BTXBAR.sys [2002-03-07 15:05] S2 Pv848;Hercules, SmartTV WDM Video Capture;C:\WINDOWS\system32\drivers\PH848.sys [] S2 PVTUNER;ProVideo, PV-957 WDM TvTuner;C:\WINDOWS\system32\drivers\PHtuner.sys [] S2 PVXBAR;Hercules, SmartTV WDM Crossbar;C:\WINDOWS\system32\drivers\PvXBAR.sys [] S3 NAL;Nal Service ;C:\WINDOWS\system32\Drivers\iqvw32.sys [2004-11-02 15:12] S3 portio;portio;C:\Program Files\Zinf\portio.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \Shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99e170b6-5e58-11dc-8789-0015f2c5235d}] \Shell\AutoRun\command - F:\LaunchU3.exe -a . ************************************************************************** catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-08 19:02:11 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run] "C:\\Program Files\\NET Traffic Meter\\NET Traffic Meter"="\"C:\\Program Files\\NET Traffic Meter\\NET Traffic Meter.exe\"" . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************** . Voltooingstijd: 2008-04-08 19:05:30 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-08 17:05:27 Pre-Run: 17,170,087,936 bytes beschikbaar Post-Run: 17,814,536,192 bytes beschikbaar . 2008-03-11 21:07:19 --- E O F --- Gelukt
  5. smorgens
    Combofix werkt bij mij niet. Wellicht omdat ik registersleutels handmatig reeds had verwijderd. Omdat me geweigerd werd om C:\Documents and Settings\All Users\Application Data\jsrabqtc C:\WINDOWS\system32\pcnqryfe.exe te verwijderen. Na het klikken op 'Fix checked' viel mijne frank. Nieuwe check-log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:12:13, on 7/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Lingoes\Translator\Lingoes.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\WINDOWS\system32\Wtablet\TabUserW.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\WINDOWS\system32\Tablet.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe O4 - HKLM\..\Run: [C:\Program Files\NET Traffic Meter\NET Traffic Meter] "C:\Program Files\NET Traffic Meter\NET Traffic Meter.exe" O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Lingoes] "C:\Program Files\Lingoes\Translator\Lingoes.exe" -cphs O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Startup: OpenOffice.org 2.3 .lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: Pinnacle Scheduler.lnk = ? O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe -- End of file - 4792 bytes Sorry
  6. smorgens
    Hallo iedereen, Ik heb sinds 8 april hetzelfde probleem met men pc als Jesse. Zo komt er ook heel vaak plots in het scherm 'security system warning' en 'system integrity scan wizard', ook al wil ik dit dus totaal niet. Verder krijg ik vaak een scherm waarin staat dat ik iets zou moeten downloaden omdat c:\WINDOWS\wml.exe iets besmet zou zijn. Ik heb hijackthis binnen gehaald maar vanaf dan durf ik nog niet verder. Graag wat hulp. Hier onder het Log bestand Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:30:56, on 7/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\jsrabqtc\zatkjehk.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Lingoes\Translator\Lingoes.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\pcnqryfe.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe C:\WINDOWS\system32\Wtablet\TabUserW.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe O4 - HKLM\..\Run: [C:\Program Files\NET Traffic Meter\NET Traffic Meter] "C:\Program Files\NET Traffic Meter\NET Traffic Meter.exe" O4 - HKLM\..\Run: [soundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Lingoes] "C:\Program Files\Lingoes\Translator\Lingoes.exe" -cphs O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [00e9c502] rundll32.exe "C:\WINDOWS\system32\jsibhplx.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [jeupaznh] C:\WINDOWS\system32\pcnqryfe.exe O4 - HKLM\..\Policies\Explorer\Run: [8LolJb3kLJ] C:\Documents and Settings\All Users\Application Data\jsrabqtc\zatkjehk.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.2 .lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe O4 - Startup: OpenOffice.org 2.3 .lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: Pinnacle Scheduler.lnk = ? O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe -- End of file - 5266 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.