Nieuw Hijackthis logfile
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:56, on 15-4-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
I:\Program Files\Analog Devices\SoundMAX\Smax4.exe
J:\Program Files\InkSaver\InkSaver.exe
I:\Program Files\Microsoft IntelliType Pro\itype.exe
I:\Program Files\Eset\nod32kui.exe
I:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
J:\Program Files\NetMeter\NetMeter.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Messenger\msmsgs.exe
I:\Program Files\Spamihilator\spamihilator.exe
J:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
J:\bin\jqs.exe
I:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
I:\Program Files\Eset\nod32krn.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
j:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnederland.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - J:\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: I:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: “I:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray
O4 - HKLM\..\Run: J:\Program Files\InkSaver\InkSaver.exe hide
O4 - HKLM\..\Run: “I:\Program Files\Microsoft IntelliType Pro\itype.exe”
O4 - HKLM\..\Run: “I:\Program Files\Eset\nod32kui.exe” /WAITSERVICE
O4 - HKLM\..\Run: “I:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: “I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKCU\..\Run: I:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - HKCU\..\Run: J:\Program Files\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: “I:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKUS\S-1-5-19\..\Run: I:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)
O4 - HKUS\S-1-5-19\..\RunOnce: regsvr32 /s /n /i:u shell32 (User ‘Lokale service’)
O4 - HKUS\S-1-5-20\..\Run: I:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-20\..\RunOnce: regsvr32 /s /n /i:u shell32 (User ‘Netwerkservice’)
O4 - HKUS\S-1-5-18\..\Run: I:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\RunOnce: regsvr32 /s /n /i:u shell32 (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: I:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - HKUS\.DEFAULT\..\RunOnce: regsvr32 /s /n /i:u shell32 (User ‘Default user’)
O4 - Startup: Spamihilator.lnk = I:\Program Files\Spamihilator\spamihilator.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://I:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://J:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file:///H:/components/hidinputmonitorx.ocx
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file:///H:/components/wmvhdrating.ocx
O16 - DPF: {A57B79D8-9501-42B7-BA9B-B961454712F2} (WLANinfo.WLANX) - https://www.jiwire.com/activeX/wlaninfo.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
O20 - Winlogon Notify: !SASWinLogon - J:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - J:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - J:\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - J:\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - I:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - I:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - I:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - I:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - j:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
–
End of file - 8882 bytes
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
