Mededeling

Collapse
No announcement yet.

heb virus

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • heb virus

    ik schrijf namens mijn vader, volgens mij heeft mijn vader virus in zijn computer hij loopt steeds vast of hij komt er niet op de pagina waar hij wilt zijn, en steeds komt er overal reclame mijn vader heeft eset ,,,die heb ik vanmiddag gescand maar iets houd weer de scan tegen hier heb je een hijackthis van zijn computer
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:00:12, on 2-11-2014
    Platform: Unknown Windows (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v11.0 (11.00.9600.17344)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Ares\Ares.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Windows\System32\spool\drivers\w32x86\3\E_FATIEDE.EXE
    C:\Program Files\eMule\emule.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
    C:\Users\m\Downloads\HiJackThis_2.0.4_universal.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type...1TXXXX9SZ1Y11T
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDWEg82mkVRfQOyE5-aY_U0fRoBy7tem3CaudTmqnXNV6ELk-BAZOmArxR_8DGiQKdan8PcCugGfufT38L_nFk0TRohBz7FQ_ZYqdl1Sk6nSJcKp1h6nebFzwocIiLPn3HrmCZ2BT7xRGHm6NTZ4g _JPE09pRpUxzVCOiDz4M5d5IPptSQ,,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDWEg82mkVRfQOyE5-aY_U0fRoBy7tem3CaudTmqnXNV6ELk-BAZOmArxR_8DGiQKdan8PcCugGfufT38L_nFk0TRohBz7FQ_ZYqdl1Sk6nSJcKp1h6nebFzwocIiLPn3HrmCZ2BT7xRGHm6NTZ4g _JPE09pRpUxzVCOiDz4M5d5IPptSQ,,&q={searchTerms}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com/?pr=vmn&id=my..._5108&src=5108
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type...1TXXXX9SZ1Y11T
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1406134270&from=tugs&uid=ST3320813AS_9SZ1Y11TXXXX9SZ1Y11T&q={searchTerms}
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1406134270&from=tugs&uid=ST3320813AS_9SZ1Y11TXXXX9SZ1Y11T&q={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type...1TXXXX9SZ1Y11T
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDWEg82mkVRfQOyE5-aY_U0fRoBy7tem3CaudTmqnXNV6ELk-BAZOmArxR_8DGiQKdan8PcCugGfufT38L_nFk0TRohBz7FQ_ZYqdl1Sk6nSJcKp1h6nebFzwocIiLPn3HrmCZ2BT7xRGHm6NTZ4g _JPE09pRpUxzVCOiDz4M5d5IPptSQ,,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK217RbjR1YFa37oBy_U-nTnTbDWEg82mkVRfQOyE5-aY_U0fRoBy7tem3CaudTmqnXNV6ELk-BAZOmArxR_8DGiQKdan8PcCugGfufT38L_nFk0TRohBz7FQ_ZYqdl1Sk6nSJcKp1h6nebFzwocIiLPn3HrmCZ2BT7xRGHm6NTZ4g _JPE09pRpUxzVCOiDz4M5d5IPptSQ,,&q={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: CrossriderApp0059599 - {11111111-1111-1111-1111-110511951199} - C:\Program Files\video MediaPlay-Air\video MediaPlay-Air-bho.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [AnyProtect Scanner] "C:\Program Files\AnyProtectEx\AnyProtect.exe"
    O4 - HKLM\..\Run: [AnyProtect Tray] "C:\Program Files\AnyProtectEx\AnyProtectTrayIcon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [EPSON SX100 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_S1F1B.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{464D4205-69DC-4701-B0B2-6813B4DF1B8A}: NameServer = 5.79.84.141,8.38.77.107
    O17 - HKLM\System\CS1\Services\Tcpip\..\{464D4205-69DC-4701-B0B2-6813B4DF1B8A}: NameServer = 5.79.84.141,8.38.77.107
    O17 - HKLM\System\CS2\Services\Tcpip\..\{464D4205-69DC-4701-B0B2-6813B4DF1B8A}: NameServer = 5.79.84.141,8.38.77.107
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
    O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    O23 - Service: FastPlayer Updater Service (FastPlayerUpdaterService) - Unknown owner - C:\Program Files\FastPlayer\FastPlayerUpdaterService.exe
    O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
    O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: IePlugin Services (IePluginServices) - Unknown owner - C:\ProgramData\IePluginServices\PluginService.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
    O23 - Service: Update EnterDigital - Unknown owner - C:\Program Files\EnterDigital\updateEnterDigital.exe
    O23 - Service: Update findopolis - Unknown owner - C:\Program Files\findopolis\updatefindopolis.exe (file missing)
    O23 - Service: Update trolatunt - Unknown owner - C:\Program Files\trolatunt\updatetrolatunt.exe (file missing)
    O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

    --
    End of file - 7945 bytes


    hoop dat jullie kan zien wat het kan zijn
    groetjes yoli

  • #2
    Hoi yoli

    De eerste stap is het uitvoeren van deze richtlijn: !!! BELANGRIJK !!!: Lees dit eerst voor je een bericht plaatst!

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Wil het lukken?
      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

      Comment


      • #4
        Bij gebrek aan feedback zet ik dit topic op opgelost.

        Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
        Dit is gedaan om het forum netjes en overzichtelijk te houden.

        Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.


        Emphyrio
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment

        Sorry, you are not authorized to view this page
        Working...
        X