Hoi,
IE lijkt gehackt : opent met
http://qtipr.com/Hoop dat jullie kunnen helpen.
Kreeg wel een waarschuwing, nl dat 'your system denied write acces to the Host files...'
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:34:08, on 22-2-2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Paul\AppData\Roaming\com\comrepl.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Paul\AppData\Local\Microsoft\Windows\INetCache\IE\X00WLN7H\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/p/?LinkId=255141R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/p/?LinkId=255141R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKCU\..\Run: [9e290b02-86c8-4e49-a520-8371a93c6e17] "C:\Program Files\GJ3QDPMTE4\4WNU0XSKU.exe"
O4 - HKCU\..\Run: [baa92820-cdb9-4b61-a185-7f0722bdd16f] "C:\Program Files\547I1E6AWK\NI2W8L7T8.exe"
O4 - HKCU\..\Run: [comrepl] C:\Users\Paul\AppData\Roaming\com\comrepl.exe
O4 - HKCU\..\Run: [msiql] C:\Users\Paul\AppData\Local\Temp\00013778\msiql.exe /RUNNING
O4 - HKCU\..\Run: [c8b0d82e-4ae9-40e0-88b9-186afe029de7] "C:\Program Files (x86)\BeCleaner\1GNR2.exe"
O4 - HKCU\..\Run: [3a922a98-a358-4345-8e1c-599ccca9f52e] "C:\Program Files\Z187U5SD6A\UIGWHGVNG.exe"
O4 - HKCU\..\Run: [70c4a0d3-8b1b-41e9-afae-86c705478fbe] "C:\Program Files\39ZZKUXJKC\1DUIQRAGD.exe"
O4 - HKCU\..\Run: [5b1102c9-79a3-41b8-8a5c-14fadf153e82] "C:\Program Files\MR1Q07DOQI\I826G9LAI.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoogleChromeUpService - Unknown owner - C:\ProgramData\service.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MaohaWiFiService (MaohaWifiSvr) -
- C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)