Af en toe niet de gewenste site maar iets vreemds

Op zich werkt de pc goed maar af en toe komt niet de site die ik vanuit de favoriten oproep of de link die op een pagina aangegeven is maar iets waar ik niet om gevraagd heb. Het gaat om vulgaire sexsites maar ook om bivoorbeeld een site waar je feestspullen kunt kopen. Hier heb ik een logje.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:41:46, on 18-3-2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\PC Speed Up\PCSUService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\WINDOWS\system32\Rundll32.exe

C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

C:\Program Files\Spamihilator\spamihilator.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\WINDOWS\vsnpstd.exe

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Ask.com\Updater\Updater.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

C:\Program Files\AVG\AVG2012\avgemcx.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\wincmd\WINCMD32.EXE

c:\download\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://nl.woofi.info

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ijshockey.com/index/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.devicedoctor.com/driver.php?url=http%3A%2F%2Fmirror1.devicedoctor.com%2Fdownload%2Fdrivers%2F917a15ff89ea19371f9c2e2871f38a86%2F191.07_desktop_winxp_32bit_english_whql.exe&device_name=NVIDIA+GeForce+8400+GS&size=86453576&filename=191.07_desktop_winxp_32bit_english_whql.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll

O4 - HKLM\..\Run: C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install

O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: “C:\Program Files\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe” -startup

O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2012\avgtray.exe”

O4 - HKLM\..\Run: Rundll32 P17.dll,P17Helper

O4 - HKLM\..\Run: “C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe” -startup

O4 - HKLM\..\Run: C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

O4 - HKLM\..\Run: “C:\Program Files\Spamihilator\spamihilator.exe”

O4 - HKLM\..\Run: C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: C:\PROGRA~1\MAGIX\VIDEO_~1\TrayServer.exe

O4 - HKLM\..\Run: “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”

O4 - HKLM\..\Run: C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

O4 - HKLM\..\Run: “C:\Program Files\AVG Secure Search\vprot.exe”

O4 - HKLM\..\Run: %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: “C:\Program Files\Ask.com\Updater\Updater.exe”

O4 - HKLM\..\Run: “C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe” /PROMPT /CMPID=roc_dec12

O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”

O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerDVD\Language\Language.exe”

O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”

O4 - HKCU\..\Run: “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”

O4 - HKCU\..\Run: “C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe” /Startup

O4 - HKCU\..\Run: C:\Program Files\PC Speed Up\PCSpeedUp.lnk

O4 - HKUS\S-1-5-19\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Lokale service’)

O4 - HKUS\S-1-5-19\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Lokale service’)

O4 - HKUS\S-1-5-20\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Netwerkservice’)

O4 - HKUS\S-1-5-20\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Netwerkservice’)

O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS\S-1-5-18\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)

O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O4 - HKUS\.DEFAULT\..\RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)

O4 - Startup: Mediacontrole PMB.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\PC Speed Up\PCSUService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

–

End of file - 12390 bytes

sipke

Ben

Jos H