Re: internet val regelmatig weg
[hjt]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:01:57, on 12-5-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe
c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe
c:\program files (x86)\microsoft office\office14\onenotem.exe
c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe
c:\program files (x86)\hp\hp software update\hpwuschd2.exe
c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe
c:\program files (x86)\common files\pure networks shared\platform\nmctxth.exe
c:\program files (x86)\pure networks\network magic\nmapp.exe
c:\program files (x86)\itunes\ituneshelper.exe
c:\program files (x86)\common files\nokia\mplatform\nokiamserver.exe
c:\program files (x86)\common files\java\java update\jusched.exe
c:\program files (x86)\avg\avg10\avgtray.exe
c:\program files\logitech\setpoint\x86\setpoint32.exe
c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe
c:\program files (x86)\hewlett-packard\shared\hpqtoaster.exe
c:\program files (x86)\avg\avg10\identity protection\agent\bin\avgidsmonitor.exe
c:\program files (x86)\pc connectivity solution\transports\nclmsbtsrvex.exe
c:\program files (x86)\trend micro\hijackthis\hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = [noparse]http://g.uk.msn.com/hpcon/8[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://g.uk.msn.com/hpcon/8[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://g.uk.msn.com/hpcon/8[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = *.local
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
f2 - reg:system.ini: userinit=userinit.exe
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: wormradar.com iesiteblocker.navfilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg10\avgssie.dll
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~1\office14\grooveex.dll
o2 - bho: aanmeldhulp voor windows live id - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: windows live messenger companion helper - {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
o2 - bho: adobe pdf conversion toolbar helper - {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll
o2 - bho: skypeiepluginbho - {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
o2 - bho: urlredirectionbho - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~1\office14\urlredir.dll
o2 - bho: bing bar bho - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files (x86)\msn toolbar\platform\6.3.2322.0\npwinext.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
o2 - bho: smartselect - {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll
o3 - toolbar: adobe pdf - {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
o3 - toolbar: @c:\program files (x86)\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files (x86)\msn toolbar\platform\6.3.2322.0\npwinext.dll
o4 - hklm\..\run: [startccc] c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe msrun
o4 - hklm\..\run: [hpcam_menu] c:\program files (x86)\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe "c:\program files (x86)\hewlett-packard\media\webcam" updatewithcreateonce "software\hewlett-packard\media\webcam"
o4 - hklm\..\run: [qlbctrl.exe] c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe /start
o4 - hklm\..\run: [easybits recovery] c:\program files (x86)\easybits for kids\ezrecover.exe
o4 - hklm\..\run: [hp software update] c:\program files (x86)\hp\hp software update\hpwuschd2.exe
o4 - hklm\..\run: [adobecs4servicemanager] c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe -launchedbylogin
o4 - hklm\..\run: [adobe acrobat speed launcher] c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrobat_sl.exe
o4 - hklm\..\run: [acrobat assistant 8.0] c:\program files (x86)\adobe\acrobat 9.0\acrobat\acrotray.exe
o4 - hklm\..\run: [adobe_id0enqbo] c:\progra~2\common~1\adobe\adobev~1\server\bin\versio~2.exe
o4 - hklm\..\run: [wirelessassistant] c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe
o4 - hklm\..\run: [communicator] c:\program files (x86)\microsoft office communicator\communicator.exe /fromrunkey
o4 - hklm\..\run: [bcssync] c:\program files (x86)\microsoft office\office14\bcssync.exe /delayservices
o4 - hklm\..\run: [nmctxth] c:\program files (x86)\common files\pure networks shared\platform\nmctxth.exe
o4 - hklm\..\run: [nmapp] c:\program files (x86)\pure networks\network magic\nmapp.exe -autorun -nosplash
o4 - hklm\..\run: [adobe arm] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [quicktime task] c:\program files (x86)\quicktime\qttask.exe -atboottime
o4 - hklm\..\run: [ituneshelper] c:\program files (x86)\itunes\ituneshelper.exe
o4 - hklm\..\run: [nokiamserver] c:\program files (x86)\common files\nokia\mplatform\nokiamserver /watchfiles startup
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files (x86)\common files\java\java update\jusched.exe
o4 - hklm\..\run: [avg_tray] c:\program files (x86)\avg\avg10\avgtray.exe
o4 - hkcu\..\run: [lightscribe control panel] c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe -hidden
o4 - hkcu\..\run: [swg] c:\program files (x86)\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [nokiaovisuite2] c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe -tray
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service')
o4 - startup: onenote 2010 schermopname en snel starten.lnk = c:\program files (x86)\microsoft office\office14\onenotem.exe
o4 - global startup: logitech setpoint.lnk = ?
o8 - extra context menu item: &verzenden naar onenote - res://c:\progra~2\micros~1\office14\onbttnie.dll/105
o8 - extra context menu item: converteren naar adobe pdf - res://c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: doel van koppeling converteren naar adobe pdf - res://c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll/acroiecapturesellinks.html
o8 - extra context menu item: doel van koppeling toevoegen aan bestaande pdf - res://c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll/acroieappendsellinks.html
o8 - extra context menu item: e&xporteren naar microsoft excel - res://c:\progra~2\micros~1\office14\excel.exe/3000
o8 - extra context menu item: google sidewiki... - res://c:\program files (x86)\google\google toolbar\component\googletoolbardynamic_mui_en_e11712c84ea7e12b.dll/cmsidewiki.html
o8 - extra context menu item: toevoegen aan bestaande pdf - res://c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll/acroieappend.html
o9 - extra button: @c:\program files (x86)\windows live\companion\companionlang.dll,-600 - {0000036b-c524-4050-81a0-243669a86b9f} - c:\program files (x86)\windows live\companion\companioncore.dll
o9 - extra button: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1004 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1003 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra button: verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra 'tools' menuitem: &verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra button: &gekoppelde notities van onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o9 - extra 'tools' menuitem: &gekoppelde notities van onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o9 - extra button: skype add-on for internet explorer - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o9 - extra 'tools' menuitem: skype add-on for internet explorer - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o11 - options group: [accelerated_graphics] accelerated graphics
o16 - dpf: {c345e174-3e87-4f41-a01c-b066a90a49b4} (wrc class) - [noparse]http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx[/noparse]
o18 - protocol: linkscanner - {f274614c-63f8-47d5-a4d1-fbdde494f8d1} - c:\program files (x86)\avg\avg10\avgpp.dll
o18 - protocol: skype-ie-addon-data - {91774881-d725-4e58-b298-07617b9b86a8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~2\common~1\skype\skype4~1.dll
o18 - protocol: wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files (x86)\windows live\photo gallery\albumdownloadprotocolhandler.dll
o18 - filter hijack: text/xml - {807573e5-5146-11d5-a672-00b0d022e945} - c:\program files (x86)\common files\microsoft shared\office14\msoxmlmf.dll
o23 - service: adobe version cue cs4 - adobe systems incorporated - c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe
o23 - service: andrea st filters service (aestfilters) - andrea electronics corporation - c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe
o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
o23 - service: amd external events utility - unknown owner - c:\windows\system32\atiesrxx.exe (file missing)
o23 - service: mobiel apple apparaat (apple mobile device) - apple inc. - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
o23 - service: avgidsagent - avg technologies cz, s.r.o. - c:\program files (x86)\avg\avg10\identity protection\agent\bin\avgidsagent.exe
o23 - service: avg watchdog (avgwd) - avg technologies cz, s.r.o. - c:\program files (x86)\avg\avg10\avgwdsvc.exe
o23 - service: bonjour-service (bonjour service) - apple inc. - c:\program files (x86)\bonjour\mdnsresponder.exe
o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing)
o23 - service: flexnet licensing service - acresso software inc. - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: flexnet licensing service 64 - acresso software inc. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe
o23 - service: gameconsoleservice - wildtangent, inc. - c:\program files (x86)\hp games\hp game console\gameconsoleservice.exe
o23 - service: google updateservice (gupdate) (gupdate) - google inc. - c:\program files (x86)\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files (x86)\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
o23 - service: hp health check service - hewlett-packard company - c:\program files (x86)\hewlett-packard\hp health check\hphc_service.exe
o23 - service: hp quick synchronization service (hpdrvmntsvc.exe) - hewlett-packard company - c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe
o23 - service: hp software framework service (hpqwmiex) - hewlett-packard company - c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe
o23 - service: hp service (hpsrv) - unknown owner - c:\windows\system32\hpservice.exe (file missing)
o23 - service: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: lightscribeservice direct disc labeling service (lightscribeservice) - hewlett-packard company - c:\program files (x86)\common files\lightscribe\lssrvc.exe
o23 - service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing)
o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: pure networks platform service (nmservice) - cisco systems, inc. - c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe
o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: cyberlink richvideo service(crvs) (richvideo) - unknown owner - c:\program files (x86)\cyberlink\shared files\richvideo.exe
o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: servicelayer - nokia - c:\program files (x86)\pc connectivity solution\servicelayer.exe
o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing)
o23 - service: audio service (stacsv) - idt, inc. - c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
o23 - service: @%systemroot%\system32\wat\watux.exe,-601 (watadminsvc) - unknown owner - c:\windows\system32\wat\watadminsvc.exe (file missing)
o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing)
o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing)
--
end of file - 18209 bytes
[/hjt]