[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:48:18, on 29/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\windows\system32\dwm.exe
c:\windows\system32\taskeng.exe
c:\windows\explorer.exe
c:\program files\windows defender\msascui.exe
c:\windows\rthdvcpl.exe
c:\program files\genesys pc camera device\genepccmon.exe
c:\program files\synaptics\syntp\syntpenh.exe
c:\program files\intel\intel matrix storage manager\iaanotif.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe
c:\program files\microsoft office\office12\groovemonitor.exe
c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe
c:\program files\winamp\winampa.exe
c:\windows\system32\rundll32.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\windows\system32\rundll32.exe
c:\program files\logitech\setpoint\setpoint.exe
c:\program files\common files\logishrd\khal2\khalmnpr.exe
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\searchfilterhost.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: winamp toolbar loader - {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
o2 - bho: ievkbdbho - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\ievkbd.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\grooveshellextensions.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o3 - toolbar: winamp toolbar - {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
o4 - hklm\..\run: [windows defender] %programfiles%\windows defender\msascui.exe -hide
o4 - hklm\..\run: [rthdvcpl] rthdvcpl.exe
o4 - hklm\..\run: [genepccmon.exe] c:\program files\genesys pc camera device\genepccmon.exe
o4 - hklm\..\run: [syntpenh] c:\program files\synaptics\syntp\syntpenh.exe
o4 - hklm\..\run: [iaanotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hklm\..\run: [avp] c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe
o4 - hklm\..\run: [kernel and hardware abstraction layer] khalmnpr.exe
o4 - hklm\..\run: [groovemonitor] c:\program files\microsoft office\office12\groovemonitor.exe
o4 - hklm\..\run: [adobe photo downloader] c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe
o4 - hklm\..\run: [winampagent] c:\program files\winamp\winampa.exe
o4 - hklm\..\run: [nvsvc] rundll32.exe c:\windows\system32\nvsvc.dll,nvsvcstart
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hklm\..\run: [everything] c:\program files\everything\everything.exe -startup
o4 - hklm\..\run: [trojanscanner] c:\program files\trojan remover\trjscan.exe /boot
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter
o4 - hkcu\..\run: [msnmsgr] c:\program files\windows live\messenger\msnmsgr.exe /background
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'local service')
o4 - hkus\s-1-5-19\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'network service')
o4 - global startup: logitech setpoint.lnk = c:\program files\logitech\setpoint\setpoint.exe
o8 - extra context menu item: e&xporteren naar microsoft excel - res://c:\progra~1\micros~2\office12\excel.exe/3000
o9 - extra button: web traffic protection statistics - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\scieplgn.dll
o9 - extra button: verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~2\office12\onbttnie.dll
o9 - extra 'tools' menuitem: verz&enden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~2\office12\onbttnie.dll
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office12\refiebar.dll
o13 - gopher prefix:
o16 - dpf: {1e54d648-b804-468d-bc78-4affed8e262e} (system requirements lab) - [noparse]http://www.srtest.com/srl_bin/sysreqlab3.cab[/noparse]
o18 - protocol: groovelocalgws - {88fed34c-f0ca-4636-a375-3cb6248b04cd} - c:\program files\microsoft office\office12\groovesystemservices.dll
o20 - appinit_dlls: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll
o23 - service: kaspersky anti-virus (avp) - kaspersky lab - c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe
o23 - service: ##id_string1.6844f930_1628_4223_b5cc_5bb94b879762## (bonjour service) - apple computer, inc. - c:\program files\bonjour\mdnsresponder.exe
o23 - service: flexnet licensing service - macrovision europe ltd. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: intel(r) matrix storage event monitor (iaantmon) - intel corporation - c:\program files\intel\intel matrix storage manager\iaantmon.exe
o23 - service: logitech bluetooth service (lbtserv) - logitech, inc. - c:\program files\common files\logishrd\bluetooth\lbtserv.exe
o23 - service: pnkbstra - unknown owner - c:\windows\system32\pnkbstra.exe
o23 - service: sandra data service (sandradatasrv) - sisoftware - c:\program files\sisoftware\sisoftware sandra lite 2007.sp1\win32\rpcdatasrv.exe
o23 - service: sandra service (sandrathesrv) - sisoftware - c:\program files\sisoftware\sisoftware sandra lite 2007.sp1\rpcsandrasrv.exe
o23 - service: xaudioservice - conexant systems, inc. - c:\windows\system32\drivers\xaudio.exe
--
end of file - 7756 bytes
[/hjt]
(dit is wel een scan van mijn account die wel werkt, weet niet of dit wat uitmaakt...)