leootje
Enthousiast
- Lid geworden
- 16 jan 2007
- Berichten
- 2.430
- Waarderingsscore
- 0
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:45:59, on 5-12-2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
c:\windows\system32\taskhost.exe
c:\windows\system32\rdpclip.exe
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\program files\sigmatel\c-major audio\stacmon.exe
c:\program files\avg\avg2013\avgui.exe
c:\program files\canon\myprinter\bjmyprt.exe
c:\program files\common files\java\java update\jusched.exe
c:\windows\system32\searchprotocolhost.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\macromed\flash\flashutil32_11_9_900_152_activex.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\searchfilterhost.exe
c:\users\veronica\desktop\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]https://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
r3 - urlsearchhook: ytnavassistplugin class - {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn35\yt.dll
o2 - bho: canon easy-webprint ex bho - {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o3 - toolbar: canon easy-webprint ex - {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
o4 - hklm\..\run: [sigmatel stacmon] c:\program files\sigmatel\c-major audio\stacmon.exe
o4 - hklm\..\run: [avg_ui] c:\program files\avg\avg2013\avgui.exe /trayonly
o4 - hklm\..\run: [adobe arm] c:\program files\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [canonmyprinter] c:\program files\canon\myprinter\bjmyprt.exe /logon
o4 - hklm\..\run: [canonsolutionmenu] c:\program files\canon\solutionmenu\cnslmain.exe /logon
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\common files\java\java update\jusched.exe
o11 - options group: [accelerated_graphics] accelerated graphics
o23 - service: adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files\common files\adobe\arm\1.0\armsvc.exe
o23 - service: adobe flash player update service (adobeflashplayerupdatesvc) - adobe systems incorporated - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
o23 - service: ati hotkey poller - ati technologies inc. - c:\windows\system32\ati2evxx.exe
o23 - service: avg firewall (avgfws) - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgfws.exe
o23 - service: avgidsagent - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgidsagent.exe
o23 - service: avg watchdog (avgwd) - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgwdsvc.exe
o23 - service: google update-service (gupdate) (gupdate) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: canon inkjet printer/scanner/fax extended survey program (ijplmsvc) - unknown owner - c:\program files\canon\ijplm\ijplmsvc.exe
o23 - service: pevsystemstart - unknown owner - c:\combofix\pev.3xe
o23 - service: smartlinkservice (slservice) - - c:\windows\system32\slserv.exe
o23 - service: yahoo! updater (yahooauservice) - yahoo! inc. - c:\program files\yahoo!\softwareupdate\yahooauservice.exe
--
end of file - 4600 bytes
[/hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:45:59, on 5-12-2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
c:\windows\system32\taskhost.exe
c:\windows\system32\rdpclip.exe
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\program files\sigmatel\c-major audio\stacmon.exe
c:\program files\avg\avg2013\avgui.exe
c:\program files\canon\myprinter\bjmyprt.exe
c:\program files\common files\java\java update\jusched.exe
c:\windows\system32\searchprotocolhost.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\macromed\flash\flashutil32_11_9_900_152_activex.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\searchfilterhost.exe
c:\users\veronica\desktop\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]https://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
r3 - urlsearchhook: ytnavassistplugin class - {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn35\yt.dll
o2 - bho: canon easy-webprint ex bho - {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o3 - toolbar: canon easy-webprint ex - {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
o4 - hklm\..\run: [sigmatel stacmon] c:\program files\sigmatel\c-major audio\stacmon.exe
o4 - hklm\..\run: [avg_ui] c:\program files\avg\avg2013\avgui.exe /trayonly
o4 - hklm\..\run: [adobe arm] c:\program files\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [canonmyprinter] c:\program files\canon\myprinter\bjmyprt.exe /logon
o4 - hklm\..\run: [canonsolutionmenu] c:\program files\canon\solutionmenu\cnslmain.exe /logon
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\common files\java\java update\jusched.exe
o11 - options group: [accelerated_graphics] accelerated graphics
o23 - service: adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files\common files\adobe\arm\1.0\armsvc.exe
o23 - service: adobe flash player update service (adobeflashplayerupdatesvc) - adobe systems incorporated - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
o23 - service: ati hotkey poller - ati technologies inc. - c:\windows\system32\ati2evxx.exe
o23 - service: avg firewall (avgfws) - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgfws.exe
o23 - service: avgidsagent - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgidsagent.exe
o23 - service: avg watchdog (avgwd) - avg technologies cz, s.r.o. - c:\program files\avg\avg2013\avgwdsvc.exe
o23 - service: google update-service (gupdate) (gupdate) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: canon inkjet printer/scanner/fax extended survey program (ijplmsvc) - unknown owner - c:\program files\canon\ijplm\ijplmsvc.exe
o23 - service: pevsystemstart - unknown owner - c:\combofix\pev.3xe
o23 - service: smartlinkservice (slservice) - - c:\windows\system32\slserv.exe
o23 - service: yahoo! updater (yahooauservice) - yahoo! inc. - c:\program files\yahoo!\softwareupdate\yahooauservice.exe
--
end of file - 4600 bytes
[/hjt]