Ga naar inhoud
  • 0

Hijackthis ajaxh00lig4n


Anoniem2

Vraag

Heb al gescant met malwarebytes, die heeft er wel wat uitgehaald. Maar omdat ik nog niet helemaal zeker ervan ben hier een logje :\r\n\r\n[code]Logfile of Trend Micro HijackThis v2.0.4\r\nScan saved at 13:40:11, on 6-9-2012\r\nPlatform: Windows Vista SP2 (WinNT 6.00.1906)\r\nMSIE: Internet Explorer v9.00 (9.00.8112.16448)\r\nBoot mode: Normal\r\n\r\nRunning processes:\r\nC:\\Windows\\system32\\taskeng.exe\r\nC:\\Windows\\system32\\Dwm.exe\r\nC:\\Windows\\Explorer.EXE\r\nC:\\Windows\\System32\\rundll32.exe\r\nC:\\Program Files\\Microsoft Xbox 360 Accessories\\XBoxStat.exe\r\nC:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\r\nC:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe\r\nC:\\Program Files\\Comodo\\COMODO Internet Security\\cfp.exe\r\nC:\\Program Files\\Steam\\Steam.exe\r\nC:\\Program Files\\Creative\\Shared Files\\CTSched.exe\r\nC:\\Program Files\\ATI Technologies\\HydraVision\\HydraDM.exe\r\nC:\\Program Files\\Windows Media Player\\wmpnscfg.exe\r\nC:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\MOM.exe\r\nC:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CCC.exe\r\nC:\\Program Files\\BitTorrent\\BitTorrent.exe\r\nC:\\Program Files\\Malwarebytes\' Anti-Malware\\mbam.exe\r\nC:\\Users\\Gerco\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Users\\Gerco\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Users\\Gerco\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Users\\Gerco\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Users\\Gerco\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe\r\nC:\\Program Files\\Trend Micro\\HiJackThis\\HiJackThis.exe\r\nC:\\Windows\\system32\\SearchFilterHost.exe\r\n\r\nR1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.tribalwars.nl/\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157\r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant = \r\nR0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch = \r\nR1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyServer = :80\r\nR0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = \r\nR3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\\Program Files\\Freecorder\\prxtbFree.dll\r\nR3 - URLSearchHook: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\\Program Files\\BittorrentBar_NL\\prxtbBitt.dll (file missing)\r\nO1 - Hosts: ::1 localhost\r\nO2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\\Users\\Gerco\\AppData\\Roaming\\Complitly\\Complitly.dll\r\nO2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\\Program Files\\Freecorder\\prxtbFree.dll\r\nO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll\r\nO2 - BHO: BittorrentBar_NL - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\\Program Files\\BittorrentBar_NL\\prxtbBitt.dll (file missing)\r\nO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)\r\nO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\\PROGRA~1\\MICROS~3\\Office14\\GROOVEEX.DLL\r\nO2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Oracle\\JavaFX 2.1 Runtime\\bin\\ssv.dll\r\nO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll\r\nO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\\PROGRA~1\\MICROS~3\\Office14\\URLREDIR.DLL\r\nO2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll (file missing)\r\nO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Oracle\\JavaFX 2.1 Runtime\\bin\\jp2ssv.dll\r\nO2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\\Program Files\\Hotspot Shield\\HssIE\\HssIE.dll\r\nO2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\\Program Files\\DealBulldog Toolbar\\tbcore3.dll (file missing)\r\nO3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\\Program Files\\Ask.com\\GenericAskToolbar.dll (file missing)\r\nO3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\\Program Files\\Freecorder\\prxtbFree.dll\r\nO3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\\Program Files\\DealBulldog Toolbar\\tbcore3.dll (file missing)\r\nO3 - Toolbar: BittorrentBar_NL Toolbar - {2d8d9acc-f6d7-4362-8876-a275ca929591} - C:\\Program Files\\BittorrentBar_NL\\prxtbBitt.dll (file missing)\r\nO4 - HKLM\\..\\Run: [SPIRunE] Rundll32 SPIRunE.dll,RunDLLEntry\r\nO4 - HKLM\\..\\Run: [XboxStat] \"C:\\Program Files\\Microsoft Xbox 360 Accessories\\XboxStat.exe\" silentrun\r\nO4 - HKLM\\..\\Run: [BCSSync] \"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices\r\nO4 - HKLM\\..\\Run: [JMB36X IDE Setup] C:\\Windows\\RaidTool\\xInsIDE.exe\r\nO4 - HKLM\\..\\Run: [StartCCC] \"C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun\r\nO4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"\r\nO4 - HKLM\\..\\Run: [LogMeIn Hamachi Ui] \"C:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start\r\nO4 - HKLM\\..\\Run: [COMODO] C:\\Program Files\\COMODO\\COMODO GeekBuddy\\CLPSLA.exe\r\nO4 - HKLM\\..\\Run: [CPA] C:\\Program Files\\COMODO\\COMODO GeekBuddy\\VALA.exe\r\nO4 - HKLM\\..\\Run: [COMODO Internet Security] \"C:\\Program Files\\COMODO\\COMODO Internet Security\\cfp.exe\" -h\r\nO4 - HKCU\\..\\Run: [Steam] \"C:\\Program Files\\Steam\\steam.exe\" -silent\r\nO4 - HKCU\\..\\Run: [CreativeTaskScheduler] \"C:\\Program Files\\Creative\\Shared Files\\CTSched.exe\" /logon\r\nO4 - HKCU\\..\\Run: [HydraVisionDesktopManager] \"C:\\Program Files\\ATI Technologies\\HydraVision\\HydraDM.exe\"\r\nO4 - HKCU\\..\\Run: [BitTorrent] \"C:\\Program Files\\BitTorrent\\BitTorrent.exe\" /MINIMIZED\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOCAL SERVICE\')\r\nO4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETWORK SERVICE\')\r\nO8 - Extra context menu item: &Verzenden naar OneNote - res://C:\\PROGRA~1\\MICROS~3\\Office14\\ONBttnIE.dll/105\r\nO8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\\PROGRA~1\\MICROS~3\\Office14\\EXCEL.EXE/3000\r\nO9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files\\Microsoft Office\\Office14\\ONBttnIE.dll\r\nO9 - Extra \'Tools\' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files\\Microsoft Office\\Office14\\ONBttnIE.dll\r\nO9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll\r\nO9 - Extra \'Tools\' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll\r\nO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics\r\nO15 - Trusted IP range: http://192.168.2.254\r\nO15 - ESC Trusted IP range: http://192.168.2.254\r\nO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab\r\nO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL\r\nO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\\Program Files\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLMF.DLL\r\nO20 - AppInit_DLLs: C:\\Windows\\system32\\guard32.dll\r\nO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\Windows\\system32\\browseui.dll\r\nO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe\r\nO23 - Service: AMD External Events Utility - AMD - C:\\Windows\\system32\\atiesrxx.exe\r\nO23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\\Program Files\\COMODO\\COMODO GeekBuddy\\CLPSLS.exe\r\nO23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\\Program Files\\COMODO\\COMODO Internet Security\\cmdagent.exe\r\nO23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\\Program Files\\Creative\\Shared Files\\CTAudSvc.exe\r\nO23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\\Program Files\\Comodo\\Dragon\\dragon_updater.exe\r\nO23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe\r\nO23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\\Program Files\\LogMeIn Hamachi\\hamachi-2.exe\r\nO23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\\Program Files\\Hotspot Shield\\bin\\openvpnas.exe\r\nO23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\\Program Files\\Hotspot Shield\\bin\\hsswd.exe\r\nO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe\r\nO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\\Program Files\\Mozilla Maintenance Service\\maintenanceservice.exe\r\nO23 - Service: PnkBstrA - Unknown owner - C:\\Windows\\system32\\PnkBstrA.exe\r\nO23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\\Program Files\\CyberLink\\Shared files\\RichVideo.exe\r\nO23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\\Program Files\\Sandboxie\\SbieSvc.exe\r\nO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\\Program Files\\Skype\\Updater\\Updater.exe\r\nO23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files\\Common Files\\Steam\\SteamService.exe\r\nO23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\\Program Files\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe\r\nO23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe\r\nO23 - Service: TomTomHOMEService - TomTom - C:\\Program Files\\TomTom HOME 2\\TomTomHOMEService.exe\r\nO23 - Service: TunngleService - Tunngle.net GmbH - C:\\Program Files\\Tunngle\\TnglCtrl.exe\r\n\r\n--\r\nEnd of file - 10723 bytes\r\n[/code]
Link naar reactie

2 antwoorden op deze vraag

Aanbevolen berichten

Om een reactie te plaatsen, moet je eerst inloggen

Gast
Antwoord op deze vraag...

×   Geplakt als verrijkte tekst.   Herstel opmaak

  Er zijn maximaal 75 emoji toegestaan.

×   Je link werd automatisch ingevoegd.   Tonen als normale link

×   Je vorige inhoud werd hersteld.   Leeg de tekstverwerker

×   Je kunt afbeeldingen niet direct plakken. Upload of voeg afbeeldingen vanaf een URL in

  • Populaire leden

    Er is nog niemand die deze week reputatie heeft ontvangen.

  • Leden

    Geen leden om te tonen

×
×
  • Nieuwe aanmaken...