predator
Gewaardeerd
- Lid geworden
- 30 mrt 2008
- Berichten
- 1.719
- Waarderingsscore
- 88
Hoi Abe .
Als ik op een link klik in een pagina wordt ik doorgelinkt naar
2 twingly com 230B5340A55132F7B08B2B78322537
Erg irriii heb een logje (HJ) bijgevoegd M Bam vind niks, graag wat hulp.
BVD.
Pred...
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:18, on 28-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
c:\windows\system32\taskeng.exe
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\program files\windows defender\msascui.exe
c:\program files\intel\intel matrix storage manager\iaanotif.exe
c:\windows\system32\rundll32.exe
c:\program files\realtek\audio\hda\rthdvcpl.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\bullguard ltd\bullguard\bullguard.exe
c:\program files\yahoo!\messenger\yahoomessenger.exe
c:\windows\ehome\ehtray.exe
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\windows media player\wmpnscfg.exe
c:\program files\wintv\ir.exe
c:\windows\ehome\ehmsas.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\homecinema\power2go\power2goexpressserver.exe
c:\windows\ehome\ehshell.exe
c:\program files\save tube video company\savetubevideo\downloader.exe
c:\windows\system32\conime.exe
c:\program files\mozilla firefox\firefox.exe
c:\progra~1\java\jre6\bin\jp2launcher.exe
c:\program files\java\jre6\bin\java.exe
c:\program files\malwarebytes' anti-malware\mbam.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = [noparse]http://www.aldi.nl/[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google-feed.net/?cid=1&pid=starburn[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://www.aldi.com/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o3 - toolbar: save tube video - {f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} - c:\program files\save tube video company\savetubevideo\savetubevideo.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o4 - hklm\..\run: [windows defender] %programfiles%\windows defender\msascui.exe -hide
o4 - hklm\..\run: [iaanotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
o4 - hklm\..\run: [bullguard] c:\program files\bullguard ltd\bullguard\bullguard.exe -boot
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hklm\..\run: [rthdvcpl] c:\program files\realtek\audio\hda\rthdvcpl.exe
o4 - hklm\..\run: [skytel] c:\program files\realtek\audio\hda\skytel.exe
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [bullguard] c:\program files\bullguard ltd\bullguard\bullguard.exe
o4 - hkcu\..\run: [messenger (yahoo!)] c:\program files\yahoo!\messenger\yahoomessenger.exe -quiet
o4 - hkcu\..\run: [ehtray.exe] c:\windows\ehome\ehtray.exe
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [msnmsgr] c:\program files\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [wmpnscfg] c:\program files\windows media player\wmpnscfg.exe
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'local service')
o4 - hkus\s-1-5-19\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'network service')
o4 - global startup: autostart ir.lnk = c:\program files\wintv\ir.exe
o8 - extra context menu item: add to google photos screensa&ver - res://c:\windows\system32\gphotos.scr/200
o8 - extra context menu item: google sidewiki... - res://c:\program files\google\google toolbar\component\googletoolbardynamic_mui_en_60d6097707281e79.dll/cmsidewiki.html
o9 - extra button: in weblog opnemen - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: &in weblog opnemen met windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o13 - gopher prefix:
o23 - service: bullguard liveupdate (bglivesvc) - bullguard ltd. - c:\program files\bullguard ltd\bullguard\bullguardupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: intel(r) matrix storage event monitor (iaantmon) - intel corporation - c:\program files\intel\intel matrix storage manager\iaantmon.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvvsvc.exe
o23 - service: protexis licensing v2 (psi_svc_2) - protexis inc. - c:\program files\common files\protexis\license service\psiservice_2.exe
o23 - service: starwind service lite (starwindservicelite) - rocket division software - c:\program files\rocket division software\starwind lite\starwindservicelite.exe
--
end of file - 7364 bytes
[/hjt]
Als ik op een link klik in een pagina wordt ik doorgelinkt naar
2 twingly com 230B5340A55132F7B08B2B78322537
Erg irriii heb een logje (HJ) bijgevoegd M Bam vind niks, graag wat hulp.
BVD.
Pred...
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:18, on 28-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
c:\windows\system32\taskeng.exe
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\program files\windows defender\msascui.exe
c:\program files\intel\intel matrix storage manager\iaanotif.exe
c:\windows\system32\rundll32.exe
c:\program files\realtek\audio\hda\rthdvcpl.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\bullguard ltd\bullguard\bullguard.exe
c:\program files\yahoo!\messenger\yahoomessenger.exe
c:\windows\ehome\ehtray.exe
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\windows media player\wmpnscfg.exe
c:\program files\wintv\ir.exe
c:\windows\ehome\ehmsas.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\homecinema\power2go\power2goexpressserver.exe
c:\windows\ehome\ehshell.exe
c:\program files\save tube video company\savetubevideo\downloader.exe
c:\windows\system32\conime.exe
c:\program files\mozilla firefox\firefox.exe
c:\progra~1\java\jre6\bin\jp2launcher.exe
c:\program files\java\jre6\bin\java.exe
c:\program files\malwarebytes' anti-malware\mbam.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = [noparse]http://www.aldi.nl/[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google-feed.net/?cid=1&pid=starburn[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://www.aldi.com/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o3 - toolbar: save tube video - {f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} - c:\program files\save tube video company\savetubevideo\savetubevideo.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o4 - hklm\..\run: [windows defender] %programfiles%\windows defender\msascui.exe -hide
o4 - hklm\..\run: [iaanotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
o4 - hklm\..\run: [bullguard] c:\program files\bullguard ltd\bullguard\bullguard.exe -boot
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hklm\..\run: [rthdvcpl] c:\program files\realtek\audio\hda\rthdvcpl.exe
o4 - hklm\..\run: [skytel] c:\program files\realtek\audio\hda\skytel.exe
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkcu\..\run: [bullguard] c:\program files\bullguard ltd\bullguard\bullguard.exe
o4 - hkcu\..\run: [messenger (yahoo!)] c:\program files\yahoo!\messenger\yahoomessenger.exe -quiet
o4 - hkcu\..\run: [ehtray.exe] c:\windows\ehome\ehtray.exe
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [msnmsgr] c:\program files\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [wmpnscfg] c:\program files\windows media player\wmpnscfg.exe
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'local service')
o4 - hkus\s-1-5-19\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'network service')
o4 - global startup: autostart ir.lnk = c:\program files\wintv\ir.exe
o8 - extra context menu item: add to google photos screensa&ver - res://c:\windows\system32\gphotos.scr/200
o8 - extra context menu item: google sidewiki... - res://c:\program files\google\google toolbar\component\googletoolbardynamic_mui_en_60d6097707281e79.dll/cmsidewiki.html
o9 - extra button: in weblog opnemen - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: &in weblog opnemen met windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o10 - unknown file in winsock lsp: c:\windows\system32\bglsp.dll
o13 - gopher prefix:
o23 - service: bullguard liveupdate (bglivesvc) - bullguard ltd. - c:\program files\bullguard ltd\bullguard\bullguardupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: intel(r) matrix storage event monitor (iaantmon) - intel corporation - c:\program files\intel\intel matrix storage manager\iaantmon.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvvsvc.exe
o23 - service: protexis licensing v2 (psi_svc_2) - protexis inc. - c:\program files\common files\protexis\license service\psiservice_2.exe
o23 - service: starwind service lite (starwindservicelite) - rocket division software - c:\program files\rocket division software\starwind lite\starwindservicelite.exe
--
end of file - 7364 bytes
[/hjt]