Anoniem2 Geplaatst: 20 februari 2010 Delen Geplaatst: 20 februari 2010 Logfile of Trend Micro HijackThis v2.0.2\r\nScan saved at 17:41:42 PM, on 2/20/2010\r\nPlatform: Windows Vista SP2 (WinNT 6.00.1906)\r\nMSIE: Internet Explorer v8.00 (8.00.6001.18882)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\Windows\\system32\\Dwm.exe\r\nC:\\Windows\\system32\\taskeng.exe\r\nC:\\Program Files\\Samsung\\EBM\\EasyBatteryMgr3.exe\r\nC:\\Windows\\Explorer.EXE\r\nC:\\Program Files\\Samsung\\Easy Display Manager\\dmhkcore.exe\r\nC:\\Program Files\\ESET\\ESET NOD32 Antivirus\\egui.exe\r\nC:\\Program Files\\Windows Media Player\\wmpnscfg.exe\r\nC:\\Users\\Jeroen\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Users\\Jeroen\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Program Files\\Malwarebytes\' Anti-Malwaree\\mbam.exe\r\nC:\\Users\\Jeroen\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Users\\Jeroen\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Windows\\system32\\SearchFilterHost.exe\r\nC:\\Users\\Jeroen\\Documents\\Downloads\\HijackThis.exe\r\n\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant = \r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch = \r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nO1 - Hosts: ::1 localhost\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG\\AVG9\\avgssie.dll (file missing)\r\nO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)\r\nO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\\Program Files\\Microsoft Office\\Office12\\GrooveShellExtensions.dll\r\nO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll\r\nO4 - HKLM\\..\\Run: [egui] \"C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\egui.exe\" /hide /waitservice\r\nO4 - HKLM\\..\\RunOnce: [Malwarebytes\' Anti-Malware] C:\\Program Files\\Malwarebytes\' Anti-Malwaree\\mbamgui.exe /install /silent\r\nO4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETWORK SERVICE\')\r\nO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office12\\EXCEL.EXE/3000\r\nO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll\r\nO9 - Extra \'Tools\' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~2\\Office12\\ONBttnIE.dll\r\nO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\Office12\\REFIEBAR.DLL\r\nO13 - Gopher Prefix: \r\nO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - [url]http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab[/url]\r\nO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [url]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/url]\r\nO16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - [url]http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab[/url]\r\nO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\\Program Files\\Microsoft Office\\Office12\\GrooveSystemServices.dll\r\nO23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\\Windows\\system32\\Ati2evxx.exe\r\nO23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\\Dragon Age\\bin_ship\\DAUpdaterSvc.Service.exe\r\nO23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\EHttpSrv.exe\r\nO23 - Service: ESET Service (ekrn) - ESET - C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\ekrn.exe\r\nO23 - Service: Message Queuing Service (MSMQSVC) - Unknown owner - C:\\Windows\\system32\\mqsv32.exe (file missing)\r\n\r\n--\r\nEnd of file - 4675 bytes\r\n\r\n\r\n\r\n\r\nIk begin wanhopig te worden, kan iemand hier chocola van maken? :( Quote Link naar reactie
0 Anoniem2 Geplaatst: 20 februari 2010 Auteur Delen Geplaatst: 20 februari 2010 heeeuu , waar word je wanhopig van . :confused: Quote Link naar reactie
0 Anoniem2 Geplaatst: 20 februari 2010 Auteur Delen Geplaatst: 20 februari 2010 [QUOTE=tjoekse;513925]heeeuu , waar word je wanhopig van . :confused:[/QUOTE]\n\nHet feit dat er nog steeds programma\'s zijn die bijv. \"msnmsgr .exe\" heten. Dat hoort toch niet? ;p\n\nEDIT:\ndat er dus 7 spaties achter msnmsgr en voor de .exe staan. Quote Link naar reactie
Vraag
Anoniem2
Link naar reactie
2 antwoorden op deze vraag
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen