Het is toch om te janken hé. Na een crash van enkele weken geleden heb ik me uiteindelijk een nieuwe PC aangeschaft... Knal, kaboem ik heb al een virus te pakken... ligt aan mezelf want ik wou iets doen zonder mijn virusscanner en dan loop je risico's. Al vanalles geprobeerd maar niet weg te krijgen, graag dus enige hulp van de kenners.
Volgens mijn F-secure heb ik TROJAN.WIN32.BHO.hki virus te pakken... (mijn Engels is niet genoeg om het probleem opgelost te krijgen dus met de info op die site ben ik niks)
Hieronder mijn HJ logje... op voorhand al bedankt hé mensen en euh, 'k zal het nooit meer doen.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:36:31, on 27/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Telenet Security Pack\Common\FSM32.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe
C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE
C:\Program Files\Telenet Security Pack\Anti-Virus\FSGK32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Telenet Security Pack\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Telenet Security Pack\Common\FCH32.EXE
C:\Program Files\Telenet Security Pack\Common\FAMEH32.EXE
C:\Program Files\Telenet Security Pack\Anti-Virus\fsqh.exe
C:\Program Files\Telenet Security Pack\FSPC\fspc.exe
C:\Program Files\Telenet Security Pack\FSAUA\program\fsaua.exe
C:\Program Files\Telenet Security Pack\Anti-Virus\fssm32.exe
C:\Program Files\Telenet Security Pack\FSGUI\fsguidll.exe
C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe
C:\Program Files\Telenet Security Pack\FSAUA\program\fsus.exe
C:\Program Files\Telenet Security Pack\Anti-Virus\fsav32.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Telenet Security Pack\FSGUI\fsavgui.exe
C:\Program Files\Telenet Security Pack\FSGUI\scanwizard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [1cdd5c62] rundll32.exe "C:\WINDOWS\system32\qvyvoylg.dll",b
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ouderlijk... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Security Pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Ouderlijk... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PDF Suite - {EE8D6672-6616-43E6-B42D-2EEBE3A090A7} - C:\Program Files\PDF Suite\IE_Plugin.dll (HKCU)
O9 - Extra 'Tools' menuitem: Convert with PDF Suite - {EE8D6672-6616-43E6-B42D-2EEBE3A090A7} - C:\Program Files\PDF Suite\IE_Plugin.dll (HKCU)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O20 - AppInit_DLLs: lyzcaz.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6039 bytes
Favorieten/bladwijzers