Geachte, Vermoedelijk heb ik hetzelfde probleem als "PYTO" dd 28.08 - 23.11h. All Programs, Search, Control Panel etc. zijn verdwenen alsook een heleboel shortcuts op mijn bureaublad. In "explore" zijn een paar zaken van plaats verwisseld. Ik zend mijn Hijack mee.van harte dank bij voorbaat voor alle hulp. Sabrick. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:58: VIRUS ALERT!, on 30/08/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\No-IP\DUC20.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe C:\WINDOWS\system32\msupdte.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Last.fm\LastFMHelper.exe C:\Program Files\No-IP\DUC20.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Documents and Settings\Patrick\Local Settings\Temporary Internet Files\Content.IE5\VU0P9OH2\PCPC_Setup_Free_nl[1].exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\Iexplore.exe C:\Program Files\Hijack This\abc.bat.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: D - {65EF83AC-913E-32D3-801E-F1FE6BE75368} - C:\WINDOWS\system32\mmx68862.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL O2 - BHO: (no name) - {8300A594-450D-4E2D-85E9-7E184C73B189} - (no file) O2 - BHO: QXK Olive - {880EE8C3-567E-400C-BB14-33957137979B} - C:\WINDOWS\rodqgpvlvoq.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: qalkfxor - {E8B91C06-BB8F-49D6-A79B-9DA8652E7BC9} - C:\WINDOWS\qalkfxor.dll O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Camera Detector] "C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE" -autorun O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PCPrivacyCleaner] C:\Program Files\PCPrivacyCleaner\pcpc.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKCU\..\Run: [Run] "C:\Documents and Settings\Patrick\Application Data\Adobe\Manager.exe" O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?cc9ff6f33d154d25b472926c963d2c91 O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?cc9ff6f33d154d25b472926c963d2c91 O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O20 - Winlogon Notify: ejqlldzv - ejqlldzv.dll (file missing) O20 - Winlogon Notify: qomkkkl - qomkkkl.dll (file missing) O20 - Winlogon Notify: vufhkboe - vufhkboe.dll (file missing) O20 - Winlogon Notify: winopn32 - winopn32.dll (file missing) O21 - SSODL: rqbmvpso - {87EA57BA-4A17-4252-930C-7581CC391F4B} - C:\WINDOWS\rqbmvpso.dll O21 - SSODL: pdoskegl - {CAD60C09-C05C-44DC-92FE-10FCF186BBAA} - C:\WINDOWS\pdoskegl.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe -- End of file - 9666 bytes
Favorieten/bladwijzers