Ga naar inhoud

Groot probleem met mijn PC


control143

Aanbevolen berichten

  • Reacties 34
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

  • 3 weken later...

Hallo,

Ik had hier een paar weken een topic geopent van mijn pc, aangezien die toen ook traag opstarte.

Hij werkte dan goed voor een week of wat langer en nu is het weer hetzelfde.

Als hij GOED opstart, dan start hij de volgende keer slecht op ! Dan staat hij op het zwarte Windows scherm niets te doen, na 30minuten staat hij daar ook nog op.

Dan steek ik daar mijn windows 7 cd in, herstellen lukte niet dus dee ik installeren maar die blokeerde dan en toen starte ik hem normaal opnieuw op en toen deed hij een Schijfcontrole en werkte het!

Maar, telkens ik mijn PC opstarte kwam erop : "No hard disk is detected".

Dit kwam er al op sinds ik mijn PC gekocht had ! (Pc is zelf samengesteld door een winkel die er nu mee gestopt is :thumpdown:)

Dus nu vraag ik mij af.. Kan dit mischien de oorzaak zijn ?

mvg,

Pedro

Link naar reactie
Delen op andere sites

Ik heb deze discussie heropend en je recentste post naar hier verplaatst, dit om het overzicht te bewaren.

Dus nu vraag ik mij af.. Kan dit mischien de oorzaak zijn ?

In post 1 geef je aan dat de problemen begonnen zijn na de installatie van een illegale versie van Norton...nadien werd Norton opnieuw geïnstalleerd.

Werk je momenteel met een legale versie ?...:hmmmm:

Link naar reactie
Delen op andere sites

Ik heb deze discussie heropend en je recentste post naar hier verplaatst, dit om het overzicht te bewaren.

In post 1 geef je aan dat de problemen begonnen zijn na de installatie van een illegale versie van Norton...nadien werd Norton opnieuw geïnstalleerd.

Werk je momenteel met een legale versie ?...:hmmmm:

Ja, ik werk met een legale versie.

Ik dacht dat het door norton was.. Maar zo te zien niet en het was puur toeval.

Link naar reactie
Delen op andere sites

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

De log van combofix zoals gevraagd:

ComboFix 11-11-25.02 - User 25/11/2011 21:32:45.1.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8172.6327 [GMT 1:00]

Gestart vanuit: c:\users\User\Desktop\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\User\AppData\Roaming\RIFT

c:\users\User\AppData\Roaming\RIFT\rift.cfg

c:\users\User\AppData\Roaming\RIFT\riftpatch.cfg

c:\windows\bwUnin-6.1.4.36-8876480L.exe

F:\install.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-10-25 to 2011-11-25 ))))))))))))))))))))))))))))))

.

.

2011-11-25 20:39 . 2011-11-25 20:39 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2011-11-25 20:39 . 2011-11-25 20:39 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-11-19 11:49 . 2011-11-19 23:21 -------- d-----w- c:\users\User\AppData\Local\ESN Sonar

2011-11-11 11:50 . 2011-11-11 11:50 -------- d-----w- c:\users\User\AppData\Roaming\NVIDIA

2011-11-09 19:37 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll

2011-11-09 19:37 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll

2011-11-09 19:37 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-11-09 19:37 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys

2011-11-06 20:44 . 2011-11-06 20:44 -------- d-----w- c:\users\User\AppData\Roaming\Soluto

2011-11-06 20:27 . 2011-11-12 20:18 -------- d-----w- c:\programdata\Soluto

2011-11-06 10:27 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2011-11-06 10:27 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2011-11-06 10:27 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2011-11-06 10:27 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2011-11-06 10:27 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2011-11-06 10:27 . 2011-11-06 10:27 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2011-11-06 10:27 . 2011-11-06 10:27 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2011-11-05 17:30 . 2011-11-05 17:30 -------- d-----w- c:\programdata\SwiftKit

2011-11-05 17:30 . 2011-11-13 09:44 -------- d-----w- c:\program files (x86)\SwiftKit

2011-11-05 10:25 . 2011-11-05 17:28 -------- d-----w- c:\users\User\jagexcache

2011-11-04 17:05 . 2011-11-04 17:05 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2011-11-04 14:35 . 2011-11-04 14:35 174200 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2011-11-04 14:35 . 2011-11-04 14:35 -------- d-----w- c:\program files\Symantec

2011-11-04 14:34 . 2011-11-04 14:34 -------- d-----w- c:\program files (x86)\Norton Internet Security

2011-11-04 14:33 . 2011-11-04 14:33 -------- d-----w- c:\program files (x86)\NortonInstaller

2011-11-03 16:43 . 2011-11-03 18:56 -------- d-----w- c:\users\User\AppData\Local\NPE

2011-11-02 20:14 . 2011-11-02 20:14 -------- d-----w- C:\$WINDOWS.~BT

2011-11-02 18:29 . 2011-11-02 18:29 -------- d-----w- c:\users\User\AppData\Roaming\f-secure

2011-11-02 18:28 . 2011-11-02 18:28 -------- d-----w- c:\programdata\F-Secure

2011-11-02 18:23 . 2011-11-06 10:38 -------- d-----w- c:\program files (x86)\Panda Security

2011-11-01 20:32 . 2011-10-15 08:53 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll

2011-11-01 20:32 . 2011-10-15 08:53 5067584 ----a-w- c:\windows\system32\nvsvc64.dll

2011-11-01 20:32 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll

2011-11-01 20:32 . 2011-10-15 08:53 222528 ----a-w- c:\windows\system32\nvmctray.dll

2011-11-01 20:32 . 2011-10-15 08:53 1640768 ----a-w- c:\windows\system32\nvvsvc.exe

2011-11-01 20:32 . 2011-10-15 08:53 137536 ----a-w- c:\windows\system32\nvshext.dll

2011-11-01 20:32 . 2011-10-15 08:53 10406208 ----a-w- c:\windows\system32\nvcpl.dll

2011-11-01 17:11 . 2011-11-01 17:11 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP

2011-11-01 09:51 . 2011-11-04 14:35 -------- d-----w- c:\program files\Common Files\Symantec Shared

2011-11-01 09:50 . 2011-11-01 09:50 -------- d-----w- c:\windows\system32\drivers\NISx64

2011-11-01 09:48 . 2011-10-18 01:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23B57B05-4883-4827-9151-487B0835A53D}\mpengine.dll

2011-10-27 06:12 . 2011-07-07 23:21 1452648 ----a-w- c:\windows\system32\nvhdagenco6420102.dll

2011-10-27 06:12 . 2011-10-15 08:53 68928 ----a-w- c:\windows\system32\OpenCL.dll

2011-10-27 06:12 . 2011-10-15 08:53 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll

2011-10-27 06:12 . 2011-10-15 08:53 24796992 ----a-w- c:\windows\system32\nvcompiler.dll

2011-10-27 06:12 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2011-10-27 06:12 . 2011-10-15 08:53 15693120 ----a-w- c:\windows\system32\nvd3dumx.dll

2011-10-27 05:58 . 2011-11-04 19:56 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins

2011-10-27 05:56 . 2011-10-27 05:56 -------- d-----w- c:\programdata\EA Core

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-24 19:50 . 2011-06-27 20:27 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2011-11-24 19:50 . 2011-06-27 20:26 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2011-11-22 18:26 . 2011-06-27 20:26 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2011-11-22 18:13 . 2011-06-27 20:26 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2011-10-31 18:23 . 2011-05-15 08:10 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

2011-10-15 08:53 . 2011-10-21 18:56 1533248 ----a-w- c:\windows\system32\nvdispco64.dll

2011-10-15 08:53 . 2011-10-21 18:56 1454400 ----a-w- c:\windows\system32\nvgenco64.dll

2011-10-15 08:53 . 2009-09-27 23:12 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll

2011-10-15 08:53 . 2009-09-27 23:12 7041856 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2011-10-15 08:53 . 2009-09-27 23:12 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll

2011-10-14 23:54 . 2011-10-14 23:54 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2011-10-13 20:29 . 2011-10-13 20:29 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll

2011-10-13 20:29 . 2011-10-13 20:29 28056 ----a-w- c:\windows\system32\xfcodec64.dll

2011-10-03 03:06 . 2011-02-18 21:33 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-09-25 16:39 . 2011-09-25 16:39 229992 ----a-w- c:\windows\SysWow64\npPMangFX.dll

2011-09-16 19:03 . 2011-09-16 19:02 1050768 ----a-w- c:\windows\PE_Rom.dll

2011-09-01 05:24 . 2011-10-13 05:40 2309120 ----a-w- c:\windows\system32\jscript9.dll

2011-09-01 05:17 . 2011-10-13 05:40 1389056 ----a-w- c:\windows\system32\wininet.dll

2011-09-01 05:12 . 2011-10-13 05:40 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-01 02:35 . 2011-10-13 05:40 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll

2011-09-01 02:28 . 2011-10-13 05:40 1126912 ----a-w- c:\windows\SysWow64\wininet.dll

2011-09-01 02:22 . 2011-10-13 05:40 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-08-31 16:00 . 2011-03-20 11:29 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-08-14 3077528]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]

"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-26 375000]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"ASUS Ai Charger"="c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2010-10-19 465536]

"ASUS ShellProcess Execute"="c:\program files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe" [2010-09-28 252544]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

.

c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

GIGABYTE Gamer HUD Lite.lnk - c:\program files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe [2009-10-16 1678848]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Logitech Desktop Messenger.lnk - c:\program files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2011-8-14 169472]

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-2-18 1207312]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"SoftwareSASGeneration"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [x]

R3 dump_wmimmc;dump_wmimmc;c:\neowiz\Pmang\SpecialForce_R\GameGuard\dump_wmimmc.sys [x]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

R4 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]

R4 tvnserver;TightVNC Server;c:\program files (x86)\TightVNC\tvnserver.exe [2011-08-03 828944]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [x]

S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [x]

S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111114.002\BHDrvx64.sys [2011-11-14 1156216]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20111124.030\IDSvia64.sys [2011-11-03 488568]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [x]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1206000.01D\SYMNETS.SYS [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe [2010-10-28 917120]

S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe [2010-11-03 909440]

S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe [2010-10-21 586880]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-10-27 52896]

S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [2011-04-17 130008]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]

S3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*Deregistered* - EraserUtilDrv11120

.

Inhoud van de 'Gedeelde Taken' map

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" [X]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0t4mwtd.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4e33bf7d&v=7.007.026.001&i=23&tp=ab&iy=&ychte=us&lng=nl&q=

.

- - - - ORPHANS VERWIJDERD - - - -

.

SafeBoot-SolutoService

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-394697128-2937223105-2407563349-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-394697128-2937223105-2407563349-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2011-11-25 21:40:54

ComboFix-quarantined-files.txt 2011-11-25 20:40

.

Pre-Run: 824.151.457.792 bytes beschikbaar

Post-Run: 825.304.227.840 bytes beschikbaar

.

- - End Of File - - 5269B15F9E96BFDF28B793F68107FC92

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP

Folder::

c:\users\User\AppData\Roaming\f-secure

C:\$WINDOWS.~BT

c:\programdata\F-Secure

c:\program files (x86)\Panda Security

Firefox::

FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\u0t4mwtd.default\

FF - prefs.js: browser.search.selectedEngine -

FF - prefs.js: keyword.URL -

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.