internet traag

mar

02-12-2010 08:34

Goedemorgen
Het internet is bij ons soms snel soms traag paginas worden veel niet geladen.
Het kan aan xmxnet liggen maar het lijk dat er op de pc iets tegen gehouden wordt.
Dit is al ruim 2 weken zo.
Misschien kan u ons tips geven of eventueel het probleem/oplossing vinden.
Kan het ook aan de pc liggen we hebben hem bijna 4 jaar. we hebben intel core 2 e6300 1,86 ghz 1066mhz-2 mb cache socket 775 duo systeem en ecs 945g moederbord socket 775
Maar misschien heeft dit er niet mee te maken.
Ik heb een hijak loge geplaats, maar misschien wilt u nog meer.
Misschien zit ik hiet verkeerd met mijn vraag maar ik hoop dat u me kunt helpen
mvg mar
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:26:21, on 2-12-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\System32\audiohd.exe
C:\Windows\System32\audiohu.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\hansenmarjo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\Users\hansenmarjo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hansenmarjo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hansenmarjo\AppData\Local\Google\Chrome\Application\chrome.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
E:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: “C:\Program Files\McAfee.com\Agent\mcagent.exe” /runkey
O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: C:\Users\HANSEN~1\AppData\Local\Temp\G0L3ZDfSpRqP.exe
O4 - HKLM\..\Run: “C:\Windows\system32\audiohd.exe”
O4 - HKLM\..\Run: “C:\Windows\system32\audiohu.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Users\HANSEN~1\AppData\Local\Temp\G0L3ZDfSpRqP.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: “C:\Program Files\Common Files\wadhost.exe”
O4 - HKLM\..\Policies\Explorer\Run: “C:\Program Files\Common Files\WUDHost.exe”
O4 - Startup: Dropbox.lnk = hansenmarjo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\hansenmarjo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
–
End of file - 7953 bytes
fazantje

02-12-2010 09:06

Hoi Marjo,
Dit is een andere computer dan 6 weken geleden toch:S
Zou je even de stappen willen uitvoeren en daarna de nieuwe logjes plaatsen:
http://antivirus.startpagina.nl/prikbord/4625317/voer-dit-eerst-uit-voordat-je-de-logjes-plaatst!!#msg-4625317
Succes,
Huib;)
mar

02-12-2010 09:55

Hoi
Ja dat klopt
die was van mijn zoon.
Hij heeft alles eraf gehaald en nu draait het weer als een trein
bedankt
Ik ben nu bezig te scannen
gr mar
Argus

02-12-2010 10:42

Hoi,hmjde3
Wil je deze eens bij VirusTotal laten onderzoeken
C:\Users\HANSEN~1\AppData\Local\Temp\G0L3ZDfSpRqP.exe
Dit is een verborgen bestand
mar

02-12-2010 12:36

Hoi
Wil ik wel doen maar het geeft aan dat de pc niet meer kan werken en dat wil ik eigenlijk ook niet.
Wat moet ik doen
alvast bedankt
fazantje

02-12-2010 12:51

Hoi Marjo,
Tegen wie heb je het:S
Groetjes Huib;)
mar

02-12-2010 12:57

hoi
sorry maar argus heeft gereageerd en daarop heb ik geantwoord
sorry voor de verwarring ben nog steeds aan het scannen.
bedankt voor je reactie
gr mar
mar

02-12-2010 15:56

Goedemiddag
Het scannen is gebeurd ook http://onecare.live.com/site/nl-NL/center/whatsnew.htm deze vond veel had 1 iets niet kunnen verwijderen stond niet bij wat.
Hopelijk heeft u hier wat aan
alvast bedankt voor het mee denken
gr mar
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:51:54, on 2-12-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\hansenmarjo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
E:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: “C:\Program Files\McAfee.com\Agent\mcagent.exe” /runkey
O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: C:\Users\HANSEN~1\AppData\Local\Temp\G0L3ZDfSpRqP.exe
O4 - HKLM\..\Run: “C:\Windows\system32\audiohu.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\RunOnce: e:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Users\HANSEN~1\AppData\Local\Temp\G0L3ZDfSpRqP.exe
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: “C:\Program Files\Common Files\wadhost.exe”
O4 - Startup: Dropbox.lnk = hansenmarjo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\hansenmarjo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
–
End of file - 7725 bytes
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Databaseversie: 5214
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
2-12-2010 15:51:28
mbam-log-2010-12-02 (15-51-28).txt
Scantype: Volledige scan (C:\|D:\|E:\|)
Objecten gescand: 370741
Verstreken tijd: 1 uur/uren, 40 minuut/minuten, 34 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
fazantje

02-12-2010 17:44

Hoi marjo,
Laat combofix eens draaien:
Download Combofix naar je bureaublad:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,
want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt
van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Post het logje van ComboFix samen met een nieuw HijackThis logje, en vertel hoe het met jou probleem is.
Deze scan kan een poosje duren, dus denk niet van hij zit vast.
Succes,
Huib;)
mar

02-12-2010 18:19

goedemiddag
Hier zijn de gevraagde logjes
Het internet lijkt wer sneller dan eerst.
Kan u me vertellen wat er aan de hand was zodat ik de volgende keer zelf kan oplossen
alvast bedankt
ComboFix 10-12-01.01 - hansenmarjo 02-12-2010 17:53:01.11.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2047.1012
Gestart vanuit: c:\users\hansenmarjo\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Aanwezig AV is actief
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\HANSEN~1\AppData\Local\Temp\ppcrlui_2896_2
c:\users\hansenmarjo\AppData\Local\temp\ppcrlui_2896_2
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-11-02 to 2010-12-02 ))))))))))))))))))))))))))))))
.
2010-12-02 17:01 . 2010-12-02 17:01 ——– d—–w- c:\users\Public\AppData\Local\temp
2010-12-02 17:01 . 2010-12-02 17:01 ——– d—–w- c:\users\Default\AppData\Local\temp
2010-11-28 11:16 . 2010-11-28 11:16 ——– d—–w- c:\program files\Conduit
2010-11-28 11:16 . 2010-11-28 11:16 ——– d—–w- c:\users\hansenmarjo\AppData\Roaming\DVDVideoSoftIEHelpers
2010-11-28 11:16 . 2010-11-28 11:16 ——– d—–w- c:\program files\DVDVideoSoft
2010-11-28 11:15 . 2010-11-28 11:16 ——– d—–w- c:\program files\Common Files\DVDVideoSoft
2010-11-24 06:44 . 2010-10-19 04:27 7680 —-a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-13 08:21 . 2010-11-13 08:21 43008 —h–w- c:\windows\system32\audiohu.exe
2010-11-13 08:21 . 2010-11-13 08:21 43008 —h–w- c:\program files\Common Files\wadhost.exe
2010-11-13 08:21 . 2010-11-13 08:21 43008 —h–w- c:\users\hansenmarjo\AppData\Roaming\G0L3ZDfSpRqP.exe
2010-11-12 18:13 . 2010-11-19 09:22 ——– d—–w- c:\users\hansenmarjo\AppData\Roaming\vlc
2010-11-10 17:52 . 2010-11-10 17:52 ——– d—–w- c:\users\hansenmarjo\AppData\Roaming\Mystery of Mortlake Mansion
2010-11-10 06:09 . 2010-10-07 11:37 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-11-06 10:37 . 2010-11-06 10:37 103864 —-a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-03 13:10 . 2010-11-03 13:10 ——– d—–w- c:\users\hansenmarjo\AppData\Roaming\SUPERAntiSpyware.com
2010-11-03 13:10 . 2010-11-03 13:10 ——– d—–w- c:\programdata\SUPERAntiSpyware.com
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 16:42 . 2010-06-01 07:17 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 16:42 . 2010-06-01 07:16 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
2010-10-13 07:16 . 2010-02-05 16:25 11776 —-a-w- c:\windows\system32\drivers\rasacd.sys
2010-09-15 03:50 . 2010-05-17 08:33 472808 —-a-w- c:\windows\system32\deployJava1.dll
2010-09-13 13:56 . 2010-10-13 05:21 8147456 —-a-w- c:\windows\system32\wmploc.DLL
2010-09-08 06:01 . 2010-10-13 05:20 916480 —-a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57 . 2010-10-13 05:20 43520 —-a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57 . 2010-10-13 05:20 1469440 —-a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56 . 2010-10-13 05:20 71680 —-a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56 . 2010-10-13 05:20 109056 —-a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04 . 2010-10-13 05:20 385024 —-a-w- c:\windows\system32\html.iec
2010-09-08 04:26 . 2010-10-13 05:20 133632 —-a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25 . 2010-10-13 05:20 1638912 —-a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20 . 2010-10-13 05:21 125952 —-a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19 . 2010-10-13 05:21 17920 —-a-w- c:\windows\system32\netevent.dll
2010-09-06 13:45 . 2010-10-13 05:21 304128 —-a-w- c:\windows\system32\drivers\srv.sys
2010-09-06 13:45 . 2010-10-13 05:21 145408 —-a-w- c:\windows\system32\drivers\srv2.sys
2010-09-06 13:45 . 2010-10-13 05:21 102400 —-a-w- c:\windows\system32\drivers\srvnet.sys
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
@=“{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”
2009-12-09 01:19 94208 —-a-w- c:\users\hansenmarjo\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
@=“{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”
2009-12-09 01:19 94208 —-a-w- c:\users\hansenmarjo\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
@=“{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”
2009-12-09 01:19 94208 —-a-w- c:\users\hansenmarjo\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
“msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe”
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe”
“mcagent_exe”=“c:\program files\McAfee.com\Agent\mcagent.exe”
“hpqSRMon”=“c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“Adobe Reader Speed Launcher”=“e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“Windows Network Component”=“c:\program files\Common Files\wadhost.exe”
c:\users\hansenmarjo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\hansenmarjo\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“EnableLUA”= 0 (0x0)
@=“”
@=“”
“Google Update”=“c:\users\hansenmarjo\AppData\Local\Google\Update\GoogleUpdate.exe” /c
“Adobe Reader Speed Launcher”=“e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“HP Software Update”=c:\program files\HP\HP Software Update\HPWuSchd2.exe
“DisableMonitoring”=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Belkin\F5D7000v8\jswpsapi.exe
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys
S1 SASDIFSV;SASDIFSV;d:\program files\Nieuwe map\SASDIFSV.SYS
S1 SASKUTIL;SASKUTIL;d:\program files\Nieuwe map\SASKUTIL.SYS
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe
S3 JSWSCIMD;jswscimd Service;c:\windows\system32\DRIVERS\jswscimd.sys
S3 RTL85n86;Belkin Wireless G Notebook Card Service v8;c:\windows\system32\DRIVERS\RTL85n86.sys
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de ‘Gedeelde Taken’ map
2010-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
2010-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
2010-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1071820252-2080101743-2187659691-1000Core.job
- c:\users\hansenmarjo\AppData\Local\Google\Update\GoogleUpdate.exe
2010-12-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1071820252-2080101743-2187659691-1000UA.job
- c:\users\hansenmarjo\AppData\Local\Google\Update\GoogleUpdate.exe
2010-07-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe
2010-02-03 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe
2010-12-02 c:\windows\Tasks\User_Feed_Synchronization-{DC93F4AA-3005-4D9D-8078-F8C80332659F}.job
- c:\windows\system32\msfeedssync.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.nl/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\hansenmarjo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl
FF - prefs.js: keyword.URL -
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - component: c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
FF - component: c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
FF - component: c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\users\hansenmarjo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: d:\program files\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: d:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: d:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: d:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: d:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: d:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Extension: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\McAfee\SiteAdvisor
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Extension: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Extension: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Extension: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - c:\users\hansenmarjo\AppData\Roaming\Mozilla\Firefox\Profiles\58qnie63.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Extension: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-02 18:01
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
c:\users\hansenmarjo\AppData\Roaming\GrabIt\Articles\alt.binaries.erotica\4cd2c063$0$12551$c3e8da3$fb483528@news.astraweb.com
c:\users\hansenmarjo\AppData\Roaming\GrabIt\Temp\Greetje27-Anni mature.nl.part21.rar 9600000 bytes
c:\users\hansenmarjo\AppData\Roaming\GrabIt\Temp\Greetje27-Anni mature.nl.part23.rar 6528000 bytes
Scan succesvol afgerond
verborgen bestanden: 3
**************************************************************************
“ImagePath”=“System32\DRIVERS\rasacd.sy@”
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
Voltooingstijd: 2010-12-02 18:05:57
ComboFix-quarantined-files.txt 2010-12-02 17:05
ComboFix2.txt 2010-10-20 14:57
Pre-Run: 52.628.537.344 bytes beschikbaar
Post-Run: 52.726.706.176 bytes beschikbaar
- - End Of File - - E2E34B0DAB33A5A329026BBAB73A2BDD
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:16:35, on 2-12-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\hansenmarjo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\GrabIt\GrabIt.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Users\hansenmarjo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hansenmarjo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\hansenmarjo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\notepad.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
E:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files\McAfee.com\Agent\mcagent.exe” /runkey
O4 - HKLM\..\Run: C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: “C:\Program Files\Common Files\wadhost.exe”
O4 - Startup: Dropbox.lnk = hansenmarjo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\hansenmarjo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Belkin\F5D7000v8\jswpsapi.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
–
End of file - 7400 bytes

internet traag

mar

fazantje

mar

Argus

mar

fazantje

mar

mar

fazantje

mar