leonslijpen
Junior lid
- Lid geworden
- 4 okt 2011
- Berichten
- 48
- Waarderingsscore
- 0
[hjt]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:38, on 16-10-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\program files\windows defender\msmpeng.exe
c:\windows\system32\svchost.exe
c:\program files\alwil software\avast5\avastsvc.exe
c:\windows\explorer.exe
c:\program files\windows defender\msascui.exe
c:\windows\soundman.exe
c:\program files\medion\powervcr ii\agent.exe
c:\program files\onlineassistent\onlineassistent.exe
c:\program files\common files\java\java update\jusched.exe
c:\program files\malwarebytes' anti-malware\mbamgui.exe
c:\program files\alwil software\avast5\avastui.exe
c:\windows\system32\ctfmon.exe
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files\spybot - search & destroy\teatimer.exe
c:\windows\system32\spoolsv.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\malwarebytes' anti-malware\mbamservice.exe
c:\program files\common files\motive\mccicmservice.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\svchost.exe
c:\windows\system32\wuauclt.exe
c:\program files\microsoft activesync\wcescomm.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\uniblue\registrybooster\registrybooster.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.nieuws.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = ${url_searchpage}
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://www.nieuws.nl[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,startpagina = file:///c:/program%20files/nieuw2/portal/portal.html
r0 - hkcu\software\microsoft\internet explorer\main,local page =
r0 - hklm\software\microsoft\internet explorer\main,local page =
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyserver = proxy:8080
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
r3 - urlsearchhook: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
o2 - bho: (no name) - {02478d38-c3f9-4efb-9b51-7695eca05670} - (no file)
o2 - bho: adobe pdf reader help bij koppelingen - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: mediabar - {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\bearsharemediabardx.dll
o2 - bho: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
o2 - bho: conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\conduitengine.dll
o2 - bho: (no name) - {3f3af2e0-21cd-4bba-a068-f27de338e51e} - (no file)
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\sdhelper.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: (no name) - {ef99bd32-c1fb-11d2-892f-0090271d4f88} - (no file)
o3 - toolbar: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
o3 - toolbar: conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\conduitengine.dll
o3 - toolbar: mediabar - {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\bearsharemediabardx.dll
o3 - toolbar: (no name) - {f18d4965-532f-4907-a55f-7406218bf861} - (no file)
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o4 - hklm\..\run: [windows defender] c:\program files\windows defender\msascui.exe -hide
o4 - hklm\..\run: [soundman] soundman.exe
o4 - hklm\..\run: [remote_agent] c:\program files\medion\powervcr ii\remoteagent.exe
o4 - hklm\..\run: [pdfm] c:\program files\osirius\pdf maker\pdfmload.exe
o4 - hklm\..\run: [nwiz] nwiz.exe /install
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nerocheck] c:\windows\system32\\nerocheck.exe
o4 - hklm\..\run: [agent] c:\program files\medion\powervcr ii\agent.exe
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 8.0\reader\reader_sl.exe
o4 - hklm\..\run: [onlineassistent_mccitrayapp] c:\program files\onlineassistent\onlineassistent.exe
o4 - hklm\..\run: [quicktime task] c:\program files\quicktime\qttask.exe -atboottime
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\common files\java\java update\jusched.exe
o4 - hklm\..\run: [malwarebytes' anti-malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /starttray
o4 - hklm\..\run: [avast] c:\program files\alwil software\avast5\avastui.exe /nogui
o4 - hklm\..\run: [avast5] c:\program files\alwil software\avast5\avastui.exe /nogui
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [ccleaner] c:\program files\ccleaner\ccleaner.exe /auto
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [spybotsd teatimer] c:\program files\spybot - search & destroy\teatimer.exe
o4 - hkcu\..\run: [uniblue registrybooster 2009] c:\program files\uniblue\registrybooster\registrybooster.exe /s
o4 - hkcu\..\runonce: [shockwave updater] c:\windows\system32\adobe\shockw~1\swhelp~1.exe -update -1100429 -mozilla/4.0 (compatible; msie 7.0; windows nt 5.1; trident/4.0; athome033; funwebproducts; .net clr 1.0.3705; zango 10.0.341.0; .net clr 2.0.50727; .net clr 3.0.4506.2152; .net clr 3.5.30729; srs_it_e8790574b676595031a992)
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\s-1-5-18\..\runonce: [sruuninstall] c:\windows\system32\msiexec.exe /l*v c:\windows\temp\snd532unin.txt /x {6af90ef6-f7f9-466c-99f4-1774826fbb40} /qn reboot=reallysuppress (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - hkus\.default\..\runonce: [sruuninstall] c:\windows\system32\msiexec.exe /l*v c:\windows\temp\snd532unin.txt /x {6af90ef6-f7f9-466c-99f4-1774826fbb40} /qn reboot=reallysuppress (user 'default user')
o8 - extra context menu item: add to windows &live favorites - [noparse]http://favorites.live.com/quickadd.aspx[/noparse]
o8 - extra context menu item: google sidewiki... - res://c:\program files\google\google toolbar\component\googletoolbardynamic_mui_en_70c5b381380db17f.dll/cmsidewiki.html
o9 - extra button: create mobile favorite - {2eaf5bb1-070f-11d3-9307-00c04fae2d4f} - c:\program files\microsoft activesync\inetrepl.dll
o9 - extra button: (no name) - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\program files\microsoft activesync\inetrepl.dll
o9 - extra 'tools' menuitem: create mobile favorite... - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\program files\microsoft activesync\inetrepl.dll
o9 - extra button: onderzoek - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~4\office11\refiebar.dll
o9 - extra button: (no name) - {cd67f990-d8e9-11d2-98fe-00c0f0318afe} - (no file)
o9 - extra button: kvk - {cea35e49-7296-42ff-99ea-8392cacbb7ac} - c:\windows\system32\shdocvw.dll
o9 - extra 'tools' menuitem: kvk toolbar - {cea35e49-7296-42ff-99ea-8392cacbb7ac} - c:\windows\system32\shdocvw.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search & destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o14 - iereset.inf: start_page_url=[noparse]http://start.home.nl/[/noparse]
o15 - trusted zone: [noparse]http://ponltbc.onl.motive.com[/noparse]
o16 - dpf: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} (quicktime plugin control) - [noparse]http://appldnld.apple.com.edgesuite.net/content.info.apple.com/quicktime/qtactivex/qtplugin.cab[/noparse]
o16 - dpf: {2bc66f54-93a8-11d3-beb6-00105aa9b6ae} (symantec antivirus scanner) - [noparse]http://security.symantec.com/sscv6/sharedcontent/vc/bin/avsniff.cab[/noparse]
o16 - dpf: {31b7eb4e-8b4b-11d1-a789-00a0cc6651a8} (cult3d activex player) - [noparse]http://www.cult3d.com/download/cult.cab[/noparse]
o16 - dpf: {4b54a9de-ef1c-4ebe-a328-7c28ea3b433a} (bitdefender quickscan control) - [noparse]http://quickscan.bitdefender.com/qsax/qsax.cab[/noparse]
o16 - dpf: {644e432f-49d3-41a1-8dd5-e099162eeec5} (symantec rufsi utility class) - [noparse]http://security.symantec.com/sscv6/sharedcontent/common/bin/cabsa.cab[/noparse]
o16 - dpf: {6f15128c-e66a-490c-b848-5000b5abeeac} (hp download manager) - [noparse]https://h20436.www2.hp.com/ediags/dex/secure/hpdexaxo.cab[/noparse]
o16 - dpf: {73ecb3aa-4717-450c-a2ab-d00dad9ee203} (gmnrev class) - [noparse]http://h20270.www2.hp.com/ediags/gmn2/install/hpproductdetection2.cab[/noparse]
o16 - dpf: {b7d07999-2adb-4aeb-997e-f61cb7b2e2cd} (tseasyinstallx control) - [noparse]http://www.trendsecure.com/easy_install/_activex/nl/tseasyinstallx.cab[/noparse]
o16 - dpf: {c4925e65-7a1e-11d2-8bb4-00a0c9cc72c3} (virtools webplayer class) - [noparse]http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/install3.0/installer.exe[/noparse]
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - [noparse]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/noparse]
o16 - dpf: {deb21ad3-fda4-42f6-b57d-ee696a675ee8} (ipsuploader control) - [noparse]http://as.photoprintit.de/ips-opdata/74914090/activex/ipsuploader.cab[/noparse]
o16 - dpf: {fe0bd779-44ee-4a4b-aa2e-743c63f2e5e6} (iwinampactivex class) - [noparse]http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab[/noparse]
o22 - sharedtaskscheduler: preloader van browseui - {438755c2-a8ba-11d1-b96b-00a0c90312e1} - c:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: cache-daemon voor onderdeelcategorien - {8c7461ef-2b13-11d2-be35-3078302c2030} - c:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)
o23 - service: ad-aware 2007 service (aawservice) - unknown owner - c:\program files\lavasoft\ad-aware 2007\aawservice.exe (file missing)
o23 - service: avast! antivirus - avast software - c:\program files\alwil software\avast5\avastsvc.exe
o23 - service: googledesktopmanager - unknown owner - c:\program files\google\google desktop search\googledesktop.exe
o23 - service: google update service (gupdate1c987b66c260b40) (gupdate1c987b66c260b40) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: mbamservice - malwarebytes corporation - c:\program files\malwarebytes' anti-malware\mbamservice.exe
o23 - service: mccicmservice - motive communications, inc. - c:\program files\common files\motive\mccicmservice.exe
o23 - service: nvidia driver helper service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
o24 - desktop component 0: (no name) - [noparse]http://www.hetnet.nl/images/modules/eflx2qlp.gif[/noparse]
--
end of file - 12864 bytes
[/hjt]
Sinds 30 september ernstige problemen na het starten van de pc
menu start was ineens leeg
alle programma's leeg
systeemherstel werkt niet meer
Bureaublad leeg.
pc laten scannen met AVAST waarbij ik zag dat het er wel nog allemaal opstond maar ergens verborgen was.
Na op goed geluk van alles uitproberen ( ik ben maar een leek op pc gebied)
heb ik de voor mij belangrijke bestanden kunnen terughalen door rechts te klikken op het lege bestand en dan verborgen uit te vinken.
Het bureaublad heb ik terug maar de koppelingen staan er nu half doorzichtig op.
Ik kom nu niet meer verder,
menu start nog leeg
alle programma's nog leeg
systeemherstel werkt niet
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:38, on 16-10-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\program files\windows defender\msmpeng.exe
c:\windows\system32\svchost.exe
c:\program files\alwil software\avast5\avastsvc.exe
c:\windows\explorer.exe
c:\program files\windows defender\msascui.exe
c:\windows\soundman.exe
c:\program files\medion\powervcr ii\agent.exe
c:\program files\onlineassistent\onlineassistent.exe
c:\program files\common files\java\java update\jusched.exe
c:\program files\malwarebytes' anti-malware\mbamgui.exe
c:\program files\alwil software\avast5\avastui.exe
c:\windows\system32\ctfmon.exe
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files\spybot - search & destroy\teatimer.exe
c:\windows\system32\spoolsv.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\malwarebytes' anti-malware\mbamservice.exe
c:\program files\common files\motive\mccicmservice.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\svchost.exe
c:\windows\system32\wuauclt.exe
c:\program files\microsoft activesync\wcescomm.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\uniblue\registrybooster\registrybooster.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.nieuws.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = ${url_searchpage}
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://www.nieuws.nl[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,startpagina = file:///c:/program%20files/nieuw2/portal/portal.html
r0 - hkcu\software\microsoft\internet explorer\main,local page =
r0 - hklm\software\microsoft\internet explorer\main,local page =
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyserver = proxy:8080
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
r3 - urlsearchhook: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
o2 - bho: (no name) - {02478d38-c3f9-4efb-9b51-7695eca05670} - (no file)
o2 - bho: adobe pdf reader help bij koppelingen - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: mediabar - {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\bearsharemediabardx.dll
o2 - bho: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
o2 - bho: conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\conduitengine.dll
o2 - bho: (no name) - {3f3af2e0-21cd-4bba-a068-f27de338e51e} - (no file)
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\sdhelper.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: (no name) - {ef99bd32-c1fb-11d2-892f-0090271d4f88} - (no file)
o3 - toolbar: p2p energy toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - (no file)
o3 - toolbar: conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\conduitengine.dll
o3 - toolbar: mediabar - {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\bearsharemediabardx.dll
o3 - toolbar: (no name) - {f18d4965-532f-4907-a55f-7406218bf861} - (no file)
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o4 - hklm\..\run: [windows defender] c:\program files\windows defender\msascui.exe -hide
o4 - hklm\..\run: [soundman] soundman.exe
o4 - hklm\..\run: [remote_agent] c:\program files\medion\powervcr ii\remoteagent.exe
o4 - hklm\..\run: [pdfm] c:\program files\osirius\pdf maker\pdfmload.exe
o4 - hklm\..\run: [nwiz] nwiz.exe /install
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nerocheck] c:\windows\system32\\nerocheck.exe
o4 - hklm\..\run: [agent] c:\program files\medion\powervcr ii\agent.exe
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 8.0\reader\reader_sl.exe
o4 - hklm\..\run: [onlineassistent_mccitrayapp] c:\program files\onlineassistent\onlineassistent.exe
o4 - hklm\..\run: [quicktime task] c:\program files\quicktime\qttask.exe -atboottime
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\common files\java\java update\jusched.exe
o4 - hklm\..\run: [malwarebytes' anti-malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /starttray
o4 - hklm\..\run: [avast] c:\program files\alwil software\avast5\avastui.exe /nogui
o4 - hklm\..\run: [avast5] c:\program files\alwil software\avast5\avastui.exe /nogui
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [ccleaner] c:\program files\ccleaner\ccleaner.exe /auto
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [spybotsd teatimer] c:\program files\spybot - search & destroy\teatimer.exe
o4 - hkcu\..\run: [uniblue registrybooster 2009] c:\program files\uniblue\registrybooster\registrybooster.exe /s
o4 - hkcu\..\runonce: [shockwave updater] c:\windows\system32\adobe\shockw~1\swhelp~1.exe -update -1100429 -mozilla/4.0 (compatible; msie 7.0; windows nt 5.1; trident/4.0; athome033; funwebproducts; .net clr 1.0.3705; zango 10.0.341.0; .net clr 2.0.50727; .net clr 3.0.4506.2152; .net clr 3.5.30729; srs_it_e8790574b676595031a992)
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\s-1-5-18\..\runonce: [sruuninstall] c:\windows\system32\msiexec.exe /l*v c:\windows\temp\snd532unin.txt /x {6af90ef6-f7f9-466c-99f4-1774826fbb40} /qn reboot=reallysuppress (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - hkus\.default\..\runonce: [sruuninstall] c:\windows\system32\msiexec.exe /l*v c:\windows\temp\snd532unin.txt /x {6af90ef6-f7f9-466c-99f4-1774826fbb40} /qn reboot=reallysuppress (user 'default user')
o8 - extra context menu item: add to windows &live favorites - [noparse]http://favorites.live.com/quickadd.aspx[/noparse]
o8 - extra context menu item: google sidewiki... - res://c:\program files\google\google toolbar\component\googletoolbardynamic_mui_en_70c5b381380db17f.dll/cmsidewiki.html
o9 - extra button: create mobile favorite - {2eaf5bb1-070f-11d3-9307-00c04fae2d4f} - c:\program files\microsoft activesync\inetrepl.dll
o9 - extra button: (no name) - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\program files\microsoft activesync\inetrepl.dll
o9 - extra 'tools' menuitem: create mobile favorite... - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\program files\microsoft activesync\inetrepl.dll
o9 - extra button: onderzoek - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~4\office11\refiebar.dll
o9 - extra button: (no name) - {cd67f990-d8e9-11d2-98fe-00c0f0318afe} - (no file)
o9 - extra button: kvk - {cea35e49-7296-42ff-99ea-8392cacbb7ac} - c:\windows\system32\shdocvw.dll
o9 - extra 'tools' menuitem: kvk toolbar - {cea35e49-7296-42ff-99ea-8392cacbb7ac} - c:\windows\system32\shdocvw.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search & destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o14 - iereset.inf: start_page_url=[noparse]http://start.home.nl/[/noparse]
o15 - trusted zone: [noparse]http://ponltbc.onl.motive.com[/noparse]
o16 - dpf: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} (quicktime plugin control) - [noparse]http://appldnld.apple.com.edgesuite.net/content.info.apple.com/quicktime/qtactivex/qtplugin.cab[/noparse]
o16 - dpf: {2bc66f54-93a8-11d3-beb6-00105aa9b6ae} (symantec antivirus scanner) - [noparse]http://security.symantec.com/sscv6/sharedcontent/vc/bin/avsniff.cab[/noparse]
o16 - dpf: {31b7eb4e-8b4b-11d1-a789-00a0cc6651a8} (cult3d activex player) - [noparse]http://www.cult3d.com/download/cult.cab[/noparse]
o16 - dpf: {4b54a9de-ef1c-4ebe-a328-7c28ea3b433a} (bitdefender quickscan control) - [noparse]http://quickscan.bitdefender.com/qsax/qsax.cab[/noparse]
o16 - dpf: {644e432f-49d3-41a1-8dd5-e099162eeec5} (symantec rufsi utility class) - [noparse]http://security.symantec.com/sscv6/sharedcontent/common/bin/cabsa.cab[/noparse]
o16 - dpf: {6f15128c-e66a-490c-b848-5000b5abeeac} (hp download manager) - [noparse]https://h20436.www2.hp.com/ediags/dex/secure/hpdexaxo.cab[/noparse]
o16 - dpf: {73ecb3aa-4717-450c-a2ab-d00dad9ee203} (gmnrev class) - [noparse]http://h20270.www2.hp.com/ediags/gmn2/install/hpproductdetection2.cab[/noparse]
o16 - dpf: {b7d07999-2adb-4aeb-997e-f61cb7b2e2cd} (tseasyinstallx control) - [noparse]http://www.trendsecure.com/easy_install/_activex/nl/tseasyinstallx.cab[/noparse]
o16 - dpf: {c4925e65-7a1e-11d2-8bb4-00a0c9cc72c3} (virtools webplayer class) - [noparse]http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/install3.0/installer.exe[/noparse]
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - [noparse]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/noparse]
o16 - dpf: {deb21ad3-fda4-42f6-b57d-ee696a675ee8} (ipsuploader control) - [noparse]http://as.photoprintit.de/ips-opdata/74914090/activex/ipsuploader.cab[/noparse]
o16 - dpf: {fe0bd779-44ee-4a4b-aa2e-743c63f2e5e6} (iwinampactivex class) - [noparse]http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab[/noparse]
o22 - sharedtaskscheduler: preloader van browseui - {438755c2-a8ba-11d1-b96b-00a0c90312e1} - c:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: cache-daemon voor onderdeelcategorien - {8c7461ef-2b13-11d2-be35-3078302c2030} - c:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)
o23 - service: ad-aware 2007 service (aawservice) - unknown owner - c:\program files\lavasoft\ad-aware 2007\aawservice.exe (file missing)
o23 - service: avast! antivirus - avast software - c:\program files\alwil software\avast5\avastsvc.exe
o23 - service: googledesktopmanager - unknown owner - c:\program files\google\google desktop search\googledesktop.exe
o23 - service: google update service (gupdate1c987b66c260b40) (gupdate1c987b66c260b40) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: mbamservice - malwarebytes corporation - c:\program files\malwarebytes' anti-malware\mbamservice.exe
o23 - service: mccicmservice - motive communications, inc. - c:\program files\common files\motive\mccicmservice.exe
o23 - service: nvidia driver helper service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
o24 - desktop component 0: (no name) - [noparse]http://www.hetnet.nl/images/modules/eflx2qlp.gif[/noparse]
--
end of file - 12864 bytes
[/hjt]
Sinds 30 september ernstige problemen na het starten van de pc
menu start was ineens leeg
alle programma's leeg
systeemherstel werkt niet meer
Bureaublad leeg.
pc laten scannen met AVAST waarbij ik zag dat het er wel nog allemaal opstond maar ergens verborgen was.
Na op goed geluk van alles uitproberen ( ik ben maar een leek op pc gebied)
heb ik de voor mij belangrijke bestanden kunnen terughalen door rechts te klikken op het lege bestand en dan verborgen uit te vinken.
Het bureaublad heb ik terug maar de koppelingen staan er nu half doorzichtig op.
Ik kom nu niet meer verder,
menu start nog leeg
alle programma's nog leeg
systeemherstel werkt niet