logje nazien

• 

  kok

  03-09-2010 20:47

  Allereerst,sorryPiet, voor de vekeerde hijjackversie,er stonden er twee via die link.

  Ik heb dus last van,vartlopende pagina''''s en progamma''''s die niet reageren.en dus beindigd moeten worden,

  Graag wil ik dat er riemand naar mn logs kijkt.

  Alvast vriendelijk bedankt

  kok

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 20:26:57, on 3-9-2010

  Platform: Windows XP SP3 (WinNT 5.01.2600)

  MSIE: Internet Explorer v8.00 (8.00.6001.18702)

  Boot mode: Normal

  Running processes:

  C:\WINDOWS\System32\smss.exe

  C:\WINDOWS\system32\csrss.exe

  C:\WINDOWS\SYSTEM32\winlogon.exe

  C:\WINDOWS\system32\services.exe

  C:\WINDOWS\system32\lsass.exe

  C:\WINDOWS\system32\svchost.exe

  C:\WINDOWS\system32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\svchost.exe

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

  C:\WINDOWS\system32\spoolsv.exe

  C:\WINDOWS\Explorer.EXE

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe

  C:\Program Files\PC Veilig\Common\FSMA32.EXE

  C:\Program Files\PC Veilig\Anti-Virus\FSGK32.EXE

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\PC Veilig\Common\FSHDLL32.EXE

  C:\Program Files\IObit\IObit Security 360\IS360srv.exe

  C:\Program Files\Java\jre6\bin\jqs.exe

  C:\Program Files\Common Files\LightScribe\LSSrvc.exe

  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\nvsvc32.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

  C:\WINDOWS\RTHDCPL.EXE

  C:\Program Files\PC Veilig\Common\FSM32.EXE

  C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

  C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

  C:\WINDOWS\system32\rundll32.exe

  C:\Program Files\IObit\IObit Security 360\IS360tray.exe

  C:\Program Files\Common Files\Java\Java Update\jusched.exe

  C:\WINDOWS\system32\ctfmon.exe

  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

  C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

  C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe

  C:\Program Files\Siemens\Gigaset USB Adapter 108\OdHost.exe

  C:\WINDOWS\system32\wbem\unsecapp.exe

  C:\WINDOWS\system32\wbem\wmiprvse.exe

  C:\WINDOWS\system32\svchost.exe

  C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe

  C:\Program Files\PC Veilig\Anti-Virus\fssm32.exe

  C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe

  C:\WINDOWS\System32\alg.exe

  C:\Program Files\PC Veilig\Anti-Virus\fsav32.exe

  C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

  C:\WINDOWS\system32\msiexec.exe

  C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

  C:\WINDOWS\system32\wbem\wmiprvse.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

  O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

  O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\PC Veilig\NRS\iescript\baselitmus.dll

  O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

  O4 - HKLM\..\Run: RTHDCPL.EXE

  O4 - HKLM\..\Run: ALCMTR.EXE

  O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

  O4 - HKLM\..\Run: nwiz.exe /installquiet /keeploaded /nodetect

  O4 - HKLM\..\Run: “C:\Program Files\PC Veilig\Common\FSM32.EXE” /splash

  O4 - HKLM\..\Run: “C:\Program Files\PC Veilig\FSGUI\TNBUtil.exe” /CHECKALL /WAITFORSW

  O4 - HKLM\..\Run: “C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe” /autorun

  O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

  O4 - HKLM\..\Run: “C:\Program Files\IObit\IObit Security 360\IS360tray.exe” /autostart

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe”

  O4 - HKLM\..\RunOnce: cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQ“&”inst=NwA3AC0AMwA5ADgA“&”prod=90“&”ver=9.0.851

  O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

  O4 - HKCU\..\Run: “C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe” ASO-616B5711-6DAE-4795-A05F-39A1E5104020

  O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”

  O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”

  O4 - HKCU\..\Run: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

  O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)

  O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)

  O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

  O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

  O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

  O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

  O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

  O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab

  O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

  O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab

  O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

  O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

  O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

  O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

  O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

  O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

  O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\PC Veilig\Anti-Virus\fsgk32st.exe

  O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\PC Veilig\FWES\Program\fsdfwd.exe

  O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\PC Veilig\Common\FSMA32.EXE

  O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\PC Veilig\ORSP Client\fsorsp.exe

  O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

  O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

  –

  End of file - 12112 bytes

  Malwarebytes' Anti-Malware 1.46

  www.malwarebytes.org

  Databaseversie: 4528

  Windows 5.1.2600 Service Pack 3

  Internet Explorer 8.0.6001.18702

  3-9-2010 20:34:09

  mbam-log-2010-09-03 (20-34-09).txt

  Scantype: Snelle scan

  Objecten gescand: 131621

  Verstreken tijd: 5 minuut/minuten, 35 seconde(n)

  Geheugenprocessen geïnfecteerd: 0

  Geheugenmodulen geïnfecteerd: 0

  Registersleutels geïnfecteerd: 0

  Registerwaarden geïnfecteerd: 0

  Registerdata geïnfecteerd: 0

  Mappen geïnfecteerd: 0

  Bestanden geïnfecteerd: 0

  Geheugenprocessen geïnfecteerd:

  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen geïnfecteerd:

  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels geïnfecteerd:

  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden geïnfecteerd:

  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata geïnfecteerd:

  (Geen kwaadaardige objecten gedetecteerd)

  Mappen geïnfecteerd:

  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden geïnfecteerd:

  (Geen kwaadaardige objecten gedetecteerd)

  Rapporteren
• 

  fazantje

  03-09-2010 20:58

  Hoi Kok,

  Ik zie zo geen bijzonderheden in jou logjes.

  Heb je het schoonmaakplan al eens uitgevoerd:S:

  Verwijder wel even zoals Argus al zei: Obit Security 360

  Ook Ad-aware van lavasoft verwijderen want deze vertraagd ook enorm.

  http://www.virushelp.nl/onderhoud.htm

  Laat daarna eens weten hoe het dan is.

  Succes,

  Huib:)

  

  Rapporteren
• 

  kok

  12-09-2010 13:46

  Alles lijkt weer prima te gaan

  Bedankt voor je hulp Huib

  Rapporteren