Ga naar inhoud

Aanbevolen berichten

Geplaatst:

ik speel sinds kort fifa manager 08 .

bij het afsluiten van het spel krijg ik altijd een blauw scherm met de mededeling windows wordt afgesloten wegens een ernstige fout.

de mededeling is dat hij een geheugendump maakt

bij foutmelding staat er dan win32k.sys

kan iemand me hierbij helpen??

Geplaatst:

kunt u eens het programma hijack this laten lopen, en dan hier de log posten?

gebruikt u mss een illigale vista? want win32k.sys is HET beveiligingsbestand van vista, als je een illigale hebt, is de kans groot dat het daardoor komt...

Geplaatst:

hijackthis is een programma dat uw register scant op mogelijke fouten, spyware en ander ongedierte.

als u daarvan een log plaatst dan kunnen wij dat log bekijken en zo de (mogelijke) dader vinden van het euvel

Geplaatst:

W4915787H4900A1106-HWHXFLFALogfile of HijackThis v1.98.2

Scan saved at 17:53:10, on 15/11/2007

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

H:\photoshop\PhotoshopElementsFileAgent.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\wdfmgr.exe

C:\WINDOWS\System32\UAService7.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\RunDll32.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\kdx\KHost.exe

C:\Program Files\HP\HP Software Update\HPWuSchd.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\System32\wuauclt.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\ICQLite\ICQLite.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

H:\photoshop\apdproxy.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Messenger\MSMSGS.EXE

C:\WINDOWS\System32\RUNDLL32.EXE

C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\phonostar\ps_agent.exe

C:\Program Files\phonostar\ps_timer.exe

C:\Program Files\MediaKey v2.00\Versato.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\THDetect.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Rainlendar\Rainlendar.exe

C:\Program Files\Zero PopUp Killer XP\zpk_xp.exe

C:\Program Files\OpenOffice.org1.0.1\program\soffice.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

C:\Program Files\MediaKey v2.00\MePlayer.exe

C:\Program Files\MediaKey v2.00\OSD.EXE

C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\exe\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://searchbar.findthewebsiteyouneed.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: (no name) - {4718115F-DCB1-894D-C809-D998BE16F7BF} - C:\WINDOWS\System32\xamjrqd.dll (file missing)

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll

O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll

O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\System32\pmxinit.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iehelper] C:\Program Files\syslaunch.exe

O4 - HKLM\..\Run: [systray] C:\WINDOWS\System32\a.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [] C:\WINDOWS\System32\

O4 - HKLM\..\Run: [iyus] C:\WINDOWS\System32\iyus\ajobjoap.exe

O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe

O4 - HKLM\..\Run: [savePokeOwnsMeal] C:\Documents and Settings\All Users\Application Data\Software Readme Save Poke\Lies Test.exe

O4 - HKLM\..\Run: [syschk] syschk.exe /fastcheck

O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\spguard\spguard.exe /s

O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"

O4 - HKLM\..\Run: [nethm.exe] C:\WINDOWS\system32\nethm.exe

O4 - HKLM\..\Run: [winbw.exe] C:\WINDOWS\system32\winbw.exe

O4 - HKLM\..\Run: [PrevxHome] C:\Program Files\PREVX\Prevx Home\SAGUI.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [ipjx32.exe] C:\WINDOWS\system32\ipjx32.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [hgqhp.exe] C:\WINDOWS\System32\hgqhp.exe

O4 - HKLM\..\Run: [iCQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Denis\LOCALS~1\Temp\se.dll,DllInstall

O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "H:\photoshop\apdproxy.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [WeatherAloud] C:\Program Files\WeatherAloud\WeatherAloud.exe -auto

O4 - HKCU\..\Run: [syschk] syschk.exe /fastcheck

O4 - HKCU\..\Run: [mpegbarb] C:\DOCUME~1\Denis\APPLIC~1\LOCKSB~1\pingoozeproxy.exe

O4 - HKCU\..\Run: [Mrtc] C:\WINDOWS\System32\j?vaw.exe

O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Tnlu] "C:\PROGRA~1\COMMON~1\WNSXS~1\msconfig.exe" -vt ndrv

O4 - HKCU\..\Run: [unSpyPC] "C:\Program Files\UnSpyPC\UnSpyPC.exe"

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent

O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe

O4 - HKCU\..\Run: [PhonostarAgent] C:\Program Files\phonostar\ps_agent.exe

O4 - HKCU\..\Run: [PhonostarTimer] C:\Program Files\phonostar\ps_timer.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - Startup: Download Plus.lnk = C:\Documents and Settings\Denis\Application Data\DownloadPlus.exe

O4 - Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe

O4 - Startup: OpenOffice.org 1.0.1.lnk = C:\Program Files\OpenOffice.org1.0.1\program\quickstart.exe

O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe

O4 - Startup: Zero PoPup Killer XP.lnk = C:\Program Files\Zero PopUp Killer XP\zpk_xp.exe

O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\MediaKey v2.00\Versato.exe

O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: THDetect.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra button: Scan and protect your PC - {BF69DF00-4734-477F-8257-27CD04F88779} - C:\Program Files\UnSpyPC\UnSpyPC.exe (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: Scan and protect your PC - {BF69DF00-4734-477F-8257-27CD04F88779} - C:\Program Files\UnSpyPC\UnSpyPC.exe (file missing) (HKCU)

O15 - Trusted Zone: *.05p.com

O15 - Trusted Zone: *.awmdabest.com

O15 - Trusted Zone: *.frame.crazywinnings.com

O15 - Trusted Zone: *.scoobidoo.com

O15 - Trusted Zone: *.slotchbar.com

O15 - Trusted Zone: *.static.topconverting.com

O15 - Trusted Zone: *.ysbweb.com

O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control) - http://www.euroland.com/download/CfxIEAx.cab

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab

O16 - DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} (AudioHandlerEmbedded) - http://cam-cityhall1.delft.nl/activex/AMC.cab

O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab

O16 - DPF: {FA6E0C2F-B2C0-11D7-A5D3-005022E14DE2} (Installer Class) - http://www.datik.be:8080/agent_be//AgentInstaller.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{527531EF-2E09-4FC2-AF58-61B1CF324EC0}: NameServer = 85.255.116.155,85.255.112.26

O17 - HKLM\System\CCS\Services\Tcpip\..\{881DE64E-1B4C-4E16-B9FB-EE17F05DE7F1}: NameServer = 85.255.116.155,85.255.112.26

O17 - HKLM\System\CCS\Services\Tcpip\..\{B862C927-DC0D-4DE7-BB88-D65F4E950CAA}: NameServer = 85.255.116.155,85.255.112.26

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.155 85.255.112.26

O18 - Protocol: copernicdesktopsearch - {D9656C75-5090-45C3-B27E-436FBC7ACFA7} - C:\PROGRA~1\COPERN~1\COPERN~2.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll

O18 - Filter: tœ†5òÏTÆR - {E6A92098-CE89-4101-920E-8A043B066D43} - (no file)

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.