leootje
Enthousiast
- Lid geworden
- 16 jan 2007
- Berichten
- 2.430
- Waarderingsscore
- 0
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:29:43, on 27-12-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\ati2evxx.exe
c:\windows\explorer.exe
c:\windows\system32\spoolsv.exe
c:\program files\avira\antivir desktop\sched.exe
c:\windows\soundman.exe
c:\program files\avira\antivir desktop\avgnt.exe
c:\program files\ati technologies\ati.ace\core-static\mom.exe
c:\windows\system32\ctfmon.exe
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files\ati technologies\ati.ace\core-static\ccc.exe
c:\program files\a-squared free\a2service.exe
c:\program files\avira\antivir desktop\avguard.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\uphclean\uphclean.exe
c:\program files\messenger\msmsgs.exe
c:\windows\system32\rdshost.exe
c:\windows\system32\sessmgr.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = www.google.com
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = about:blank
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o4 - hklm\..\run: [soundman] soundman.exe
o4 - hklm\..\run: [startccc] c:\program files\ati technologies\ati.ace\core-static\clistart.exe
o4 - hklm\..\run: [avgnt] c:\program files\avira\antivir desktop\avgnt.exe /min
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [msmsgs] c:\program files\messenger\msmsgs.exe /background
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-20\..\runonce: [showdeskfix] regsvr32 /s /n /i:u shell32 (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\s-1-5-18\..\runonce: [showdeskfix] regsvr32 /s /n /i:u shell32 (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - hkus\.default\..\runonce: [showdeskfix] regsvr32 /s /n /i:u shell32 (user 'default user')
o8 - extra context menu item: google sidewiki... - res://c:\program files\google\google toolbar\component\googletoolbardynamic_mui_en_60d6097707281e79.dll/cmsidewiki.html
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\jp2iexp.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\jp2iexp.dll
o9 - extra button: ms-kb - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - [noparse]http://support.microsoft.com/default.aspx?scid=fh;en-us;kbhowto[/noparse] (file missing)
o9 - extra 'tools' menuitem: ms-kb - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - [noparse]http://support.microsoft.com/default.aspx?scid=fh;en-us;kbhowto[/noparse] (file missing)
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o23 - service: a-squared free service (a2free) - emsi software gmbh - c:\program files\a-squared free\a2service.exe
o23 - service: avira antivir scheduler (antivirschedulerservice) - avira gmbh - c:\program files\avira\antivir desktop\sched.exe
o23 - service: avira antivir guard (antivirservice) - avira gmbh - c:\program files\avira\antivir desktop\avguard.exe
o23 - service: ati hotkey poller - ati technologies inc. - c:\windows\system32\ati2evxx.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
--
end of file - 5763 bytes
[/hjt]
xp en vista enterprice????
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:29:43, on 27-12-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\ati2evxx.exe
c:\windows\explorer.exe
c:\windows\system32\spoolsv.exe
c:\program files\avira\antivir desktop\sched.exe
c:\windows\soundman.exe
c:\program files\avira\antivir desktop\avgnt.exe
c:\program files\ati technologies\ati.ace\core-static\mom.exe
c:\windows\system32\ctfmon.exe
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files\ati technologies\ati.ace\core-static\ccc.exe
c:\program files\a-squared free\a2service.exe
c:\program files\avira\antivir desktop\avguard.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\uphclean\uphclean.exe
c:\program files\messenger\msmsgs.exe
c:\windows\system32\rdshost.exe
c:\windows\system32\sessmgr.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = www.google.com
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = about:blank
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o4 - hklm\..\run: [soundman] soundman.exe
o4 - hklm\..\run: [startccc] c:\program files\ati technologies\ati.ace\core-static\clistart.exe
o4 - hklm\..\run: [avgnt] c:\program files\avira\antivir desktop\avgnt.exe /min
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [msmsgs] c:\program files\messenger\msmsgs.exe /background
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-20\..\runonce: [showdeskfix] regsvr32 /s /n /i:u shell32 (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\s-1-5-18\..\runonce: [showdeskfix] regsvr32 /s /n /i:u shell32 (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - hkus\.default\..\runonce: [showdeskfix] regsvr32 /s /n /i:u shell32 (user 'default user')
o8 - extra context menu item: google sidewiki... - res://c:\program files\google\google toolbar\component\googletoolbardynamic_mui_en_60d6097707281e79.dll/cmsidewiki.html
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\jp2iexp.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\jp2iexp.dll
o9 - extra button: ms-kb - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - [noparse]http://support.microsoft.com/default.aspx?scid=fh;en-us;kbhowto[/noparse] (file missing)
o9 - extra 'tools' menuitem: ms-kb - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - [noparse]http://support.microsoft.com/default.aspx?scid=fh;en-us;kbhowto[/noparse] (file missing)
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o23 - service: a-squared free service (a2free) - emsi software gmbh - c:\program files\a-squared free\a2service.exe
o23 - service: avira antivir scheduler (antivirschedulerservice) - avira gmbh - c:\program files\avira\antivir desktop\sched.exe
o23 - service: avira antivir guard (antivirservice) - avira gmbh - c:\program files\avira\antivir desktop\avguard.exe
o23 - service: ati hotkey poller - ati technologies inc. - c:\windows\system32\ati2evxx.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
--
end of file - 5763 bytes
[/hjt]
xp en vista enterprice????