1. Deze website gebruikt cookies. Door deze website verder te gebruiken, gaat u akkoord met ons gebruik van cookies. Leer Meer.

Inactief - even checkup graag

Discussie in 'Opgeloste / Inactieve HJT-logs' gestart door twinkats1960, 26 dec 2009.

Discussie Inactief - even checkup graag in het Opgeloste / Inactieve HJT-logs forum op nationaalcomputerforum.nl/.

  1. twinkats1960

    twinkats1960 Gevestigd lid

    [hjt]
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:21:50, on 26/12/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18865)
    Boot mode: Normal

    Running processes:
    c:\windows\system32\dwm.exe
    c:\windows\explorer.exe
    c:\windows\system32\taskeng.exe
    c:\program files\windows defender\msascui.exe
    c:\program files\alwil software\avast4\ashdisp.exe
    c:\windows\system32\spool\drivers\w32x86\hpztsb03.exe
    c:\windows\ehome\ehtray.exe
    c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
    c:\program files\windows media player\wmpnscfg.exe
    c:\windows\system32\rundll32.exe
    c:\windows\ehome\ehmsas.exe
    c:\windows\system32\mobsync.exe
    c:\program files\internet explorer\iexplore.exe
    c:\program files\internet explorer\iexplore.exe
    c:\windows\system32\macromed\flash\flashutil10d.exe
    c:\windows\system32\searchfilterhost.exe
    c:\windows\system32\searchprotocolhost.exe
    c:\program files\trend micro\hijackthis\hijackthis.exe

    r1 - hkcu\software\microsoft\internet explorer\main,search bar = preserve
    r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.be/[/noparse]
    r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
    r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
    r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
    r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
    r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
    r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
    r0 - hkcu\software\microsoft\internet explorer\main,local page =
    r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
    o1 - hosts: ::1 localhost
    o2 - bho: adobe pdf reader link helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
    o2 - bho: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbp2p_.dll
    o2 - bho: realplayer download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\sdhelper.dll
    o2 - bho: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file)
    o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
    o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
    o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
    o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
    o2 - bho: google dictionary compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_b7c5ac242193bb3e.dll
    o2 - bho: urlhelper class - {cfc4f59b-a2da-4e12-b337-52a4f871e10c} - c:\program files\shareaza applications\shareaza\shareazaiehelper.dll
    o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    o2 - bho: windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    o3 - toolbar: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbp2p_.dll
    o3 - toolbar: shareaza mediabar - {196c3a46-4758-433d-a600-802c804af39c} - c:\program files\shareaza applications\shareaza mediabar\shareazamediabar.dll
    o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
    o4 - hklm\..\run: [windows defender] %programfiles%\windows defender\msascui.exe -hide
    o4 - hklm\..\run: [avast!] c:\progra~1\alwils~1\avast4\ashdisp.exe
    o4 - hklm\..\run: [hpdj taskbar utility] c:\windows\system32\spool\drivers\w32x86\hpztsb03.exe
    o4 - hklm\..\run: [nvsvc] rundll32.exe c:\windows\system32\nvsvc.dll,nvsvcstart
    o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
    o4 - hkcu\..\run: [ehtray.exe] c:\windows\ehome\ehtray.exe
    o4 - hkcu\..\run: [google update] c:\users\francis\appdata\local\google\update\googleupdate.exe /c
    o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
    o4 - hkcu\..\run: [wmpnscfg] c:\program files\windows media player\wmpnscfg.exe
    o4 - hkcu\..\run: [losalamos] rundll32.exe c:\windows\system32\sshnas.dll,addatomaw
    o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'local service')
    o4 - hkus\s-1-5-19\..\run: [windowswelcomecenter] rundll32.exe oobefldr.dll,showwelcomecenter (user 'local service')
    o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /detectmem (user 'network service')
    o4 - hkus\s-1-5-18\..\run: [cbssreg] c:\windows\temp\nond.tmp\svchost.exe (user 'systeem')
    o4 - hkus\.default\..\run: [cbssreg] c:\windows\temp\nond.tmp\svchost.exe (user 'default user')
    o9 - extra button: (no name) - {2d663d1a-8670-49d9-a1a5-4c56b4e14e84} - (no file)
    o9 - extra button: add to videoget - {88cfa58b-a63f-4a94-9c54-0c7a58e3333e} - c:\progra~1\nuclea~1\videoget\plugins\videog~1.dll
    o9 - extra 'tools' menuitem: add to &videoget - {88cfa58b-a63f-4a94-9c54-0c7a58e3333e} - c:\progra~1\nuclea~1\videoget\plugins\videog~1.dll
    o9 - extra button: onderzoek - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office11\refiebar.dll
    o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
    o9 - extra 'tools' menuitem: spybot - search && destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\program files\spybot - search & destroy\sdhelper.dll
    o13 - gopher prefix:
    o15 - trusted zone: [noparse]http://man.entriq.net[/noparse]
    o15 - trusted zone: [noparse]http://messagent.telenet.be[/noparse]
    o15 - trusted zone: [noparse]http://pctv.telenet.be[/noparse]
    o15 - trusted zone: [noparse]http://www.telenet.be[/noparse]
    o16 - dpf: {6f15128c-e66a-490c-b848-5000b5abeeac} (hp download manager) - [noparse]https://h20436.www2.hp.com/ediags/dex/secure/hpdexaxo.cab[/noparse]
    o16 - dpf: {8100d56a-5661-482c-bee8-afece305d968} (facebook photo uploader 5 control) - [noparse]http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/facebookphotouploader55.cab[/noparse]
    o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - [noparse]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/noparse]
    o16 - dpf: {e2883e8f-472f-4fb0-9522-ac9bf37916a7} - [noparse]http://platformdl.adobe.com/nos/getplusplus/1.6/gp.cab[/noparse]
    o20 - winlogon notify: !saswinlogon - c:\program files\superantispyware\saswinlo.dll
    o23 - service: avast! iavs4 control service (aswupdsv) - alwil software - c:\program files\alwil software\avast4\aswupdsv.exe
    o23 - service: avast! antivirus - alwil software - c:\program files\alwil software\avast4\ashserv.exe
    o23 - service: avast! mail scanner - alwil software - c:\program files\alwil software\avast4\ashmaisv.exe
    o23 - service: avast! web scanner - alwil software - c:\program files\alwil software\avast4\ashwebsv.exe
    o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
    o23 - service: nero backitup scheduler 3 - nero ag - c:\program files\nero\nero8\nero backitup\nbservice.exe
    o23 - service: nmindexingservice - nero ag - c:\program files\common files\nero\lib\nmindexingservice.exe
    o23 - service: nmsaccessu - unknown owner - c:\program files\cdburnerxp\nmsaccessu.exe
    --
    end of file - 8209 bytes

    [/hjt]
     
  2. Abraham54

    Abraham54 Administrator

    Re: even checkup graag

    Hallo twinkats1960, start HijackThis opnieuw en kies voor Scan only, nadat je een vinkje hebt gezet voor de met de onderstaand corresponderende regels, klik je vervolgens op de knop Fix checked:

    o2 - bho: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbp2p_.dll
    o3 - toolbar: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - c:\program files\p2p_energy\tbp2p_.dll

    Herstart je PC hierna opnieuw.



    Download, installeer en blijf a-squared Free 4.5 gebruiken.

    Direkt na de installatie wil ook a-squared Free 4.5 updaten.

    Dat verhinder je. Start a-squared Free 4.5 en klik op Configureer updates en haal dan het vinkje weg bij Extra talen installeren!

    Hierna kan je a-squared Free 4.5 de nieuwste definities binnenhalen.
    Nadat de update gedaan is kies je voor Grondige Scan.


    Download a-squared Free 4.5


    VISTAGEBRUIKERS: klik de betreffende snelkoppeling met rechts aan en kies voor Eigenschappen.
    In het Eigenschappenvenster klik je dan op de knop Geavanceerd en zet je een vinkje bij Als administrator uitvoeren.




    Hierna een nieuw Hijack This Log aanmaken en het resultaat daarvan samen met het scanresultaat van A-squared posten;
    tevens een Uninstall-lijst posten (Start HijackThis, klik op de knop Open the Misc Tools section, dan op de knop Open Uninstall Manager en als laatse op de knop Save.
     

Deel Deze Pagina