Ga naar inhoud

kan niets downloaden en ik schijn veel systeemfouten te hebben vlg registerbooster


Qmeij

Aanbevolen berichten

Ik begrijp er niets van, ik krijg steeds deze berichten, dat de pagina niet meer te herstellen is etc... zie ook hierboven.

res://ieframe.dll/acr_error.htm#,file:///C:/Users/Quirine/ICLON/Portefolio/filmpje%20surfmedia.htm

Weet jij waar dit vandaan komt? ik krijg dat heel vaak....

---------- Post toegevoegd om 21:08 ---------- Vorige post was om 21:00 ----------

Er zijn steeds ook meldingen dat de brousesessie onverwacht is gestopt. Dat zal allemaal wel met elkaar te maken hebben, klopt dat? met met wat heeft dat te maken?

Hoe is het met het Combofix log? Ziet dat er goed uit?

Link naar reactie
Delen op andere sites

  • Reacties 34
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

[-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

ComboFix 11-05-16.04 - Quirine 17-05-2011 23:09:45.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1423 [GMT 2:00]

Gestart vanuit: c:\users\Quirine\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Quirine\Desktop\CFScript.txt

AV: PC Veilig 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}

FW: PC Veilig 9.12 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}

SP: PC Veilig 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-04-17 to 2011-05-17 ))))))))))))))))))))))))))))))

.

.

2011-05-17 21:17 . 2011-05-17 21:17 -------- d-----w- c:\users\Quirine\AppData\Local\temp

2011-05-17 21:17 . 2011-05-17 21:17 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-05-17 20:24 . 2011-05-17 21:05 -------- d-----w- c:\users\Quirine\portfolio

2011-05-17 20:24 . 2011-05-17 20:34 -------- d-----w- c:\users\Quirine\Folders

2011-05-17 18:52 . 2011-05-17 18:52 -------- d-----w- c:\users\Quirine\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1

2011-05-17 16:13 . 2011-05-17 16:13 -------- d-----w- c:\windows\Sun

2011-05-17 14:09 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD97BC05-6055-448E-803A-9A08866AC459}\mpengine.dll

2011-05-17 10:08 . 2011-05-17 10:08 -------- d-----w- c:\users\Quirine\AppData\Roaming\Malwarebytes

2011-05-17 10:08 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-17 10:08 . 2011-05-17 10:08 -------- d-----w- c:\programdata\Malwarebytes

2011-05-17 10:08 . 2011-05-17 10:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-05-17 10:08 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-17 07:34 . 2011-05-17 07:35 -------- d-----w- C:\rsit

2011-05-17 05:52 . 2011-05-17 05:52 -------- d-----w- c:\users\Quirine\Promotie

2011-05-17 05:50 . 2011-05-17 05:50 -------- d-----w- c:\users\Quirine\AppData\Roaming\CyberLink

2011-05-16 21:35 . 2011-05-16 21:35 -------- d-----w- c:\program files\Speccy

2011-05-16 19:16 . 2011-05-17 14:42 -------- d-----w- c:\program files\Trend Micro

2011-05-16 19:16 . 2011-05-16 19:16 388096 ----a-r- c:\users\Quirine\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-05-12 12:02 . 2011-05-12 12:02 -------- d-----w- c:\program files\3ivx

2011-05-11 08:30 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-04-27 17:58 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2011-04-27 17:58 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2011-04-27 17:58 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll

2011-04-27 12:40 . 2011-04-27 12:40 -------- d-----w- c:\programdata\WinMaximizer

2011-04-25 13:43 . 2011-05-16 20:47 -------- d-----w- c:\users\Quirine\AppData\Roaming\Belastingdienst

2011-04-25 13:41 . 2011-04-25 13:41 -------- d-----w- c:\program files\Belastingdienst

2011-04-25 06:38 . 2011-04-25 06:38 -------- d-----w- c:\program files\Common Files\Software Update Utility

2011-04-19 09:29 . 2011-04-19 09:29 -------- d-----w- c:\program files\iPod

2011-04-19 09:29 . 2011-04-19 09:30 -------- d-----w- c:\program files\iTunes

2011-04-19 09:24 . 2011-04-19 09:24 -------- d-----w- c:\program files\Bonjour

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe

2011-03-10 17:03 . 2011-04-15 02:29 1162240 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-10 17:03 . 2011-04-15 02:29 1136640 ----a-w- c:\windows\system32\mfc42.dll

2011-03-03 15:42 . 2011-04-15 02:29 739328 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-03 15:40 . 2011-04-27 17:58 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll

2011-03-03 15:40 . 2011-04-27 17:58 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2011-03-03 15:40 . 2011-04-27 17:58 542720 ----a-w- c:\windows\apppatch\AcLayers.dll

2011-03-03 15:40 . 2011-04-27 17:58 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll

2011-03-03 13:25 . 2011-04-15 02:29 2041856 ----a-w- c:\windows\system32\win32k.sys

2011-03-02 15:44 . 2011-04-15 02:29 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-02-22 14:13 . 2011-03-23 09:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-22 13:33 . 2011-03-23 09:32 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-02-22 13:33 . 2011-03-23 09:32 797696 ----a-w- c:\windows\system32\FntCache.dll

2011-02-22 13:24 . 2011-04-15 02:29 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-02-22 13:24 . 2011-04-15 02:29 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-02-22 13:23 . 2011-04-15 02:29 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-02-22 13:23 . 2011-04-15 02:29 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-02-18 14:03 . 2011-04-15 02:29 305152 ----a-w- c:\windows\system32\drivers\srv.sys

2011-02-18 14:03 . 2011-04-15 02:29 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-02-18 14:03 . 2011-04-15 02:29 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-24 39408]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-22 395128]

"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-11-25 2011205]

"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-03-14 67456]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"F-Secure Manager"="c:\program files\PC Veilig\Common\FSM32.EXE" [2009-11-18 201128]

"F-Secure TNB"="c:\program files\PC Veilig\FSGUI\TNBUtil.exe" [2009-11-18 1655208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2010-09-08 249856]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer4"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk

backup=c:\windows\pss\BTTray.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Quirine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Memeo AutoBackup Launcher.lnk]

path=c:\users\Quirine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Memeo AutoBackup Launcher.lnk

backup=c:\windows\pss\Memeo AutoBackup Launcher.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Quirine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Memeo AutoSync Launcher.lnk]

path=c:\users\Quirine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Memeo AutoSync Launcher.lnk

backup=c:\windows\pss\Memeo AutoSync Launcher.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]

2011-04-20 10:48 58656 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]

2007-03-23 11:14 663552 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart]

2008-09-25 16:42 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]

2007-01-26 13:58 65536 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]

2008-09-26 00:36 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]

2007-03-01 06:01 180736 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

2010-09-11 10:37 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2008-10-09 05:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-05-08 15:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

2008-04-15 13:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]

2007-01-29 19:10 46632 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-04-14 09:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]

2008-06-09 08:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2008-09-19 20:21 13593120 ----a-w- c:\windows\System32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2008-09-19 20:21 92704 ----a-w- c:\windows\System32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]

2007-01-29 19:12 30248 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]

2007-02-01 11:46 255528 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]

2008-08-01 15:14 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]

2011-03-14 15:31 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]

2008-09-23 09:03 912688 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-10-25 07:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-08-03 07:25 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2009-08-24 20:56 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2008-07-24 16:48 1348904 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]

2008-10-26 20:48 450659 ----a-w- c:\program files\IDT\WDM\sttray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]

2008-09-25 16:41 1152296 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent]

2009-04-22 21:06 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-06 135664]

R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [x]

R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-11 30192]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-06 135664]

R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

R4 F-Secure Filter;F-Secure File System Filter;c:\program files\PC Veilig\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640]

R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\PC Veilig\Anti-Virus\Win2K\FSrec.sys [2009-11-18 27048]

S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-01-10 42664]

S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\PC Veilig\HIPS\drivers\fshs.sys [2009-11-18 69928]

S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-11-18 37544]

S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]

S1 fsvista;F-Secure Vista Support Driver;c:\program files\PC Veilig\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]

S2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_408c4e5a\aestsrv.exe [2008-06-27 77824]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]

S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-07 79872]

S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]

S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-04-22 296320]

S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-04-22 116104]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]

S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\PC Veilig\Anti-Virus\minifilter\fsgk.sys [2011-01-10 130728]

S3 FSORSPClient;F-Secure ORSP Client;c:\program files\PC Veilig\ORSP Client\fsorsp.exe [2011-01-10 63992]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-08-06 44576]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-06-09 08:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-06 10:38]

.

2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-06 10:38]

.

2011-05-17 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 15:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.telegraaf.nl/

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

LSP: c:\program files\PC Veilig\FSPS\program\FSLSP.DLL

DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} - hxxp://www.quest3d.com/webplugin/download/quest3dactivex2.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-05-17 23:17

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpu320]

"ImagePath"="\SystemRoot\system32\drivers\adpu320.sys????*raudulent, NOT Microsoft"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(7976)

c:\program files\PC Veilig\Spam Control\fsscoepl.dll

.

Voltooingstijd: 2011-05-17 23:19:06

ComboFix-quarantined-files.txt 2011-05-17 21:19

ComboFix2.txt 2011-05-17 15:48

.

Pre-Run: 204.849.545.216 bytes beschikbaar

Post-Run: 204.917.440.512 bytes beschikbaar

.

- - End Of File - - C8C4B4E6EE4AE64C6F0E092F0ABDA5D4

NU ANDER PROBLEEM MIJN IE C:|PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe zegt in pop up: "Er is geprobeerd een ongeldige bewerking uit te voeren op ee registersleutel die is gemarkeerd voro verwijdering." Met een geluidje erbij dat echt niet goed klinkt...Ik heb hem nu alleen kunnen starten met administrator en rechtermuisklik.

Kan dat door nieuwe start Combofix komen? waarschijnlijk niet...

---------- Post toegevoegd om 23:32 ---------- Vorige post was om 23:28 ----------

OJEE NU KAN IK NIETS MEER OPENEN MET .EXE , ook niet OUTLOOK, PC VEILIG ETC!!

WAT KAN IK DOEN?

DANK JE ALVAST!

Link naar reactie
Delen op andere sites

Dan wordt het tijd om je Windows eens te controleren. Typ als opdracht sfc /scannow in je taakvenster en laat dit even je PC aflopen. Onderweg wordt normaal gevraagd naar je Windows-CD. Hou deze alvast bij de hand.

Link naar reactie
Delen op andere sites

maar heb ook geen microsoft cd, alleen van small office 2007 businesswindows home xp. en bij niewe comp kreeg ik alleenpapieren cd's 'Systeem herstellen zonder schijven'. De comp heeft een ieuwe voorziening voor systeemherstel, waarvoor geen cvd's of dvd's nodig zijn. maar ja dan had ik die herstelschijven waarschijnlijk al moeten maken...

zal ik dan wel of niet sfc/scannow laten aflopen? ik probeer het gewoon...

---------- Post toegevoegd om 09:55 ---------- Vorige post was om 09:49 ----------

NIEUW:: scannow gedaan, er zijn beschdigingen die staan op log. Ik heb het log gevonden, maar de toegang is geweigerd. Weet jij hoe ik daarbij kan? Moet ik hem dan met speciaal programma openen?

Hij staat op C:\windows\logs\cbs\cbs.log

aangepast door Qmeij
nieuwe ontwikkelingen!
Link naar reactie
Delen op andere sites

NIEUW:: ssfc /cannow gedaan, er zijn beschadigingen die staan op log. Ik heb het log gevonden, maar de toegang is geweigerd. Weet jij hoe ik daarbij kan? Moet ik hem dan met speciaal programma openen?

Hij staat op C:\windows\logs\cbs\cbs.log

Link naar reactie
Delen op andere sites

---------------------------

Kladblok

---------------------------

Toegang geweigerd.

---------------------------

OK

---------------------------

Ik kan geen afbeelding maken, alleen die kopieren. Ik probeer wel print screen, maar kan het niet plakken hierin. Dit staat in een pop up van Kladblok en voor Toegang geweigerd staat er een gele driehoek met uitroepteken.

Het kladblokvenster waar deze popup in staat is leeg, behalve dan boven in Bestand, bewerken Opmaak help.

Deze pop up krijg ik als ik in lege kladblok scherm op bestand klik en dan op openen klik, dan selecteer ik het bestand in C:\Windows\logs\CBS:

[Window Title]

Openen

[Content]

CBS

U bent niet bevoegd om dit bestand te openen.

Neem contact op met de eigenaar van het bestand of met de systeembeheerder om toestemming te vragen.

[OK]

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.