Ga naar inhoud

foutmeldingen 7000 (2x) 7001(1x) 7024 (1x) en 5727 (1x)


Aanbevolen berichten

Geplaatst:

Geen probleem. We zien het wel als je terug bent.

Prettige vakantie.

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

C:\user.js

c:\windows\system32\Drivers\SSPORT.sys

Folder::

c:\documents and settings\Jose\Local Settings\Application Data\Babylon

c:\documents and settings\All Users\Application Data\Babylon

c:\documents and settings\Jose\Application Data\Babylon

c:\program files\DealPly

Registry::

[-HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

Driver::

SSPORT

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht

  • 3 weken later...
  • Reacties 89
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Geplaatst:

Bij herstart computer volgende mededeling:

STOP: c000021a {onherstelbare systeemfout}

het systeemproces session manager initialization is onverwacht afgebroken met de status : 0xc0000034 (0x00000000 0x00000000)

Het systeem is afgesloten

systeem opnieuw gestart in veilige modus met laatst bekende juiste instellingen

daarna bijgaand rapport:

ComboFix 12-04-19.01 - Jose 19-04-2012 16:40:50.12.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1271.834 [GMT 2:00]

Gestart vanuit: F:\ComboFix.exe

gebruikte Opdracht switches :: F:\CFScript4.txt

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

FILE ::

"C:\user.js"

"c:\windows\system32\Drivers\SSPORT.sys"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\Babylon

c:\documents and settings\Jose\Application Data\Babylon

c:\documents and settings\Jose\Application Data\Babylon\log_file.txt

c:\documents and settings\Jose\Local Settings\Application Data\Babylon

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\bab033.tbinst.dat

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\bab091.norecovericon.dat

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\Babylon.dat

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\BExternal-9.0.3.23.zpb

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\BExternal-9.0.3.35.zpb

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\BExternal.dll

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\cmbx.png

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\common.js

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\eula.html

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\lngs.png

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.css

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.html

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.js

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1Lrg.css

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.css

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.html

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.js

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2Lrg.css

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page9.html

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\pBar.gif

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\Thumbs.db

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title1.png

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title2.png

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\toolBar.jpg

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\HtmlScreens\vIcn.png

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\IECookieLow.dll

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\Setup-tbmntr903-9.0.3.23.zpb

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\Setup-tbmntr903-9.0.3.35.zpb

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\Setup.exe

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\SetupStrings.dat

c:\documents and settings\Jose\Local Settings\Application Data\Babylon\Setup\sqlite3.dll

c:\program files\DealPly

c:\program files\DealPly\sqlite3.dll

C:\user.js

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_SSPORT

-------\Service_SSPORT

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-03-19 to 2012-04-19 ))))))))))))))))))))))))))))))

.

.

2012-04-19 13:17 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D62126A6-A6F9-49E0-B20C-C31B2D8171FD}\mpengine.dll

2012-04-19 13:08 . 2012-03-01 11:00 55296 ----a-w- c:\windows\system32\SET27.tmp

2012-04-19 13:08 . 2012-03-01 11:00 602112 ----a-w- c:\windows\system32\SET28.tmp

2012-04-19 13:08 . 2012-03-01 11:00 105984 ----a-w- c:\windows\system32\SET22.tmp

2012-04-19 13:08 . 2012-03-01 11:00 5978624 ----a-w- c:\windows\system32\SET26.tmp

2012-04-19 13:08 . 2012-03-01 11:00 2000384 ----a-w- c:\windows\system32\SET2C.tmp

2012-04-19 13:08 . 2012-03-01 11:00 916992 ----a-w- c:\windows\system32\SET20.tmp

2012-04-19 13:08 . 2012-03-01 11:00 1212416 ----a-w- c:\windows\system32\SET21.tmp

2012-04-19 13:08 . 2012-04-19 13:08 -------- d-----w- c:\windows\LastGood.Tmp

2012-04-01 17:45 . 2012-04-03 10:06 -------- d--h--r- c:\documents and settings\Jose\Onlangs geopend

2012-04-01 09:15 . 2012-04-01 09:15 -------- d-----w- c:\documents and settings\Jose\Local Settings\Application Data\I Want This

2012-04-01 09:15 . 2012-04-01 09:15 -------- d-----w- c:\program files\I Want This

2012-04-01 09:00 . 2012-04-01 09:00 388096 ----a-r- c:\documents and settings\Jose\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-03-31 11:04 . 2012-03-14 02:15 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-03-30 16:28 . 2001-09-06 19:27 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll

2012-03-30 16:28 . 2001-09-06 19:27 12288 ----a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll

2012-03-30 16:25 . 2001-09-06 19:27 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll

2012-03-30 16:25 . 2001-09-06 19:27 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll

2012-03-30 16:22 . 2001-09-06 19:27 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe

2012-03-30 16:18 . 2001-09-06 19:27 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll

2012-03-30 16:14 . 2001-09-06 19:26 65536 ----a-w- c:\windows\system32\dllcache\EXCH_mailmsg.dll

2012-03-30 16:10 . 2004-08-04 12:00 102463 ----a-w- c:\windows\system32\dllcache\imepadsm.dll

2012-03-30 16:09 . 2001-09-06 19:25 10240 ----a-w- c:\windows\system32\dllcache\ibmsgnet.dll

2012-03-30 16:08 . 2001-08-17 19:28 199711 ----a-w- c:\windows\system32\dllcache\hsf_faxx.sys

2012-03-30 16:07 . 2001-09-06 19:26 89088 ----a-w- c:\windows\system32\dllcache\hpgt33.dll

2012-03-30 16:06 . 2001-09-06 19:26 92672 ----a-w- c:\windows\system32\dllcache\fuusd.dll

2012-03-30 16:05 . 2001-08-17 19:52 7040 ----a-w- c:\windows\system32\dllcache\exabyte2.sys

2012-03-30 16:04 . 2001-08-17 19:50 114944 ----a-w- c:\windows\system32\dllcache\epstw2k.sys

2012-03-30 16:03 . 2001-08-17 18:20 334208 ----a-w- c:\windows\system32\dllcache\ds1wdm.sys

2012-03-30 16:02 . 2001-09-06 19:26 110621 ----a-w- c:\windows\system32\dllcache\digirlpt.dll

2012-03-30 16:01 . 2001-09-06 17:28 50688 ----a-w- c:\windows\system32\dllcache\cyzport.sys

2012-03-30 16:00 . 2001-09-06 19:26 170880 ----a-w- c:\windows\system32\dllcache\cl546x.dll

2012-03-30 15:59 . 2001-09-06 16:47 13952 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys

2012-03-30 15:58 . 2001-08-17 18:48 36128 ----a-w- c:\windows\system32\dllcache\banshee.sys

2012-03-30 15:57 . 2004-08-03 20:32 10880 ----a-w- c:\windows\system32\dllcache\admjoy.sys

2012-03-30 15:49 . 2012-03-30 15:50 -------- d-----w- c:\program files\CCleaner

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-09 18:14 . 2012-03-09 18:14 61440 ----a-w- c:\windows\system32\drivers\vtsk.sys

2012-03-09 18:06 . 2012-03-09 18:06 61440 ----a-w- c:\windows\system32\drivers\wtqlsmm.sys

2012-03-02 04:00 . 2012-03-02 04:00 11082752 ----a-w- c:\windows\system32\SET2E.tmp

2012-03-01 11:00 . 2004-09-14 08:38 43520 ------w- c:\windows\system32\licmgr10.dll

2012-03-01 11:00 . 2004-09-14 08:38 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10 . 2012-02-29 14:10 177664 ----a-w- c:\windows\system32\SET1A.tmp

2012-02-29 14:10 . 2004-09-14 08:38 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17 . 2004-09-14 08:38 385024 ------w- c:\windows\system32\html.iec

2012-02-03 09:57 . 2004-09-14 08:38 1860224 ----a-w- c:\windows\system32\win32k.sys

2012-01-31 12:44 . 2012-02-24 19:52 237072 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((( SnapShot_2012-04-01_09.31.40 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-04-19 17:14 . 2012-04-19 17:14 16384 c:\windows\temp\Perflib_Perfdata_51c.dat

+ 2009-06-11 15:02 . 2012-03-01 11:00 12800 c:\windows\system32\dllcache\xpshims.dll

- 2009-06-11 15:02 . 2011-12-17 19:42 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll

+ 2012-04-19 17:02 . 2012-04-19 17:04 2114 c:\windows\SoftwareDistribution\EventCache\{1CB89403-3403-4197-AD42-AFCEFE598EAB}.bin

+ 2012-04-02 09:29 . 2012-04-02 09:29 138848 c:\windows\system32\FNTCACHE.DAT

+ 2009-06-11 15:02 . 2012-03-01 11:00 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2009-06-11 15:02 . 2011-12-17 19:42 247808 c:\windows\system32\dllcache\ieproxy.dll

+ 2010-06-11 16:48 . 2012-03-01 11:00 743424 c:\windows\system32\dllcache\iedvtool.dll

- 2010-06-11 16:48 . 2011-12-17 19:42 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll

+ 2012-04-19 17:04 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll

+ 2012-04-19 17:04 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe

+ 2012-04-19 17:04 . 2011-12-17 19:42 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll

+ 2012-04-19 17:04 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe

+ 2012-04-19 17:04 . 2011-12-17 19:42 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll

+ 2012-04-19 17:04 . 2011-12-18 13:42 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Digital Line Detect.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Digital Line Detect.lnk

backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^dlbcserv.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\dlbcserv.lnk

backup=c:\windows\pss\dlbcserv.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk

backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^SpeedTouch 121g Wireless USB Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\SpeedTouch 121g Wireless USB Monitor.lnk

backup=c:\windows\pss\SpeedTouch 121g Wireless USB Monitor.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Wireless Manager UI]

c:\windows\system32\WLTRAY [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2007-03-09 09:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]

2005-09-01 17:24 684032 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

2005-07-19 10:06 77824 ----a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2005-07-19 10:10 114688 ----a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2005-07-19 10:09 94208 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

2005-06-08 13:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

2005-06-08 14:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

2005-06-08 14:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

2005-07-19 16:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]

2003-09-10 02:24 20480 ------w- c:\program files\NetWaiting\netwaiting.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 17:03 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRISMSVR.EXE]

2004-07-02 14:27 295001 ----a-w- c:\program files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]

2005-09-09 23:19 393216 ----a-w- c:\windows\stsystra.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-04-18 09:34 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2007-07-27 17:12 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2005-06-24 06:36 729178 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\LEXPPS.EXE"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5-11-2010 22:39 136176]

S2 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5-11-2010 22:39 136176]

S3 BT4501G;SpeedTouch 121g Wireless USB Adapter Driver;c:\windows\system32\drivers\BT4501G.sys [13-2-2010 17:39 357568]

S3 hitmanpro3;Hitman Pro 3 Support Driver;c:\windows\system32\drivers\hitmanpro3.sys [8-10-2008 10:57 3328]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-03-31 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 17:55]

.

2012-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 20:38]

.

2012-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 20:38]

.

2012-04-19 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]

.

2012-04-19 c:\windows\Tasks\User_Feed_Synchronization-{56A91E46-6A24-4EEB-AD2C-ED8EA2FA3525}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyServer = wwwproxy.xs4all.nl:8080

uInternet Settings,ProxyOverride = localhost

TCP: DhcpNameServer = 192.168.1.254

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-04-19 19:15

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(768)

c:\windows\System32\BCMLogon.dll

.

- - - - - - - > 'explorer.exe'(3976)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe

c:\windows\system32\LEXBCES.EXE

c:\windows\system32\LEXPPS.EXE

c:\windows\System32\SCardSvr.exe

c:\windows\system32\msdtc.exe

c:\windows\system32\imapi.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\wscntfy.exe

c:\program files\Windows Media Player\WMPNetwk.exe

.

**************************************************************************

.

Voltooingstijd: 2012-04-19 19:20:16 - machine werd herstart

ComboFix-quarantined-files.txt 2012-04-19 17:20

ComboFix2.txt 2012-04-03 10:05

ComboFix3.txt 2012-04-02 09:49

ComboFix4.txt 2012-04-01 16:41

ComboFix5.txt 2012-04-19 14:02

.

Pre-Run: 21.353.168.896 bytes beschikbaar

Post-Run: 21.183.270.912 bytes beschikbaar

.

- - End Of File - - 518E0E640DB8A9809701757ECCCA90FF

groetjes jovadesa

Geplaatst:

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\SET27.tmp

c:\windows\system32\SET28.tmp

c:\windows\system32\SET22.tmp

c:\windows\system32\SET26.tmp

c:\windows\system32\SET2C.tmp

c:\windows\system32\SET20.tmp

c:\windows\system32\SET21.tmp

c:\windows\system32\SET2E.tmp

c:\windows\system32\SET1A.tmp

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht

Geplaatst:

Bij start computer weer volgende mededeling:

STOP: c000021a {onherstelbare systeemfout}

het systeemproces session manager initialization is onverwacht afgebroken met de status : 0xc0000034 (0x00000000 0x00000000)

Het systeem is afgesloten

systeem weer gestart in veilige modus met laatst bekende juiste instellingen

daarna bijgaand rapport:

ComboFix 12-04-19.01 - Jose 20-04-2012 11:37:04.13.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1271.872 [GMT 2:00]

Gestart vanuit: F:\ComboFix.exe

gebruikte Opdracht switches :: F:\CFScript4.txt

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

FILE ::

"c:\windows\system32\SET1A.tmp"

"c:\windows\system32\SET20.tmp"

"c:\windows\system32\SET21.tmp"

"c:\windows\system32\SET22.tmp"

"c:\windows\system32\SET26.tmp"

"c:\windows\system32\SET27.tmp"

"c:\windows\system32\SET28.tmp"

"c:\windows\system32\SET2C.tmp"

"c:\windows\system32\SET2E.tmp"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\_000006_.tmp.dll

c:\windows\system32\SET1A.tmp

c:\windows\system32\SET20.tmp

c:\windows\system32\SET21.tmp

c:\windows\system32\SET22.tmp

c:\windows\system32\SET26.tmp

c:\windows\system32\SET27.tmp

c:\windows\system32\SET28.tmp

c:\windows\system32\SET2C.tmp

c:\windows\system32\SET2E.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-03-20 to 2012-04-20 ))))))))))))))))))))))))))))))

.

.

2012-04-19 13:17 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D62126A6-A6F9-49E0-B20C-C31B2D8171FD}\mpengine.dll

2012-04-19 13:08 . 2012-04-19 13:08 -------- d-----w- c:\windows\LastGood.Tmp

2012-04-01 17:45 . 2012-04-19 17:21 -------- d--h--r- c:\documents and settings\Jose\Onlangs geopend

2012-04-01 09:15 . 2012-04-01 09:15 -------- d-----w- c:\documents and settings\Jose\Local Settings\Application Data\I Want This

2012-04-01 09:15 . 2012-04-01 09:15 -------- d-----w- c:\program files\I Want This

2012-04-01 09:00 . 2012-04-01 09:00 388096 ----a-r- c:\documents and settings\Jose\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-03-31 11:04 . 2012-03-14 02:15 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-03-30 16:38 . 2008-04-14 17:02 116736 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2012-03-30 16:38 . 2001-09-06 19:27 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2012-03-30 16:38 . 2008-04-14 17:02 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2012-03-30 16:38 . 2001-09-06 19:27 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2012-03-30 16:37 . 2001-09-06 19:27 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2012-03-30 16:37 . 2001-09-06 19:27 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe

2012-03-30 16:37 . 2001-08-17 18:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys

2012-03-30 16:37 . 2004-08-03 20:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys

2012-03-30 16:37 . 2004-08-03 20:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys

2012-03-30 16:37 . 2008-04-14 17:02 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll

2012-03-30 16:37 . 2008-04-13 18:36 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys

2012-03-30 16:36 . 2004-08-03 20:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys

2012-03-30 16:36 . 2001-09-06 17:08 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys

2012-03-30 16:36 . 2001-08-17 19:28 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys

2012-03-30 16:36 . 2001-09-06 19:27 54272 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll

2012-03-30 16:36 . 2001-09-06 19:27 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll

2012-03-30 16:36 . 2004-08-04 12:00 41600 ----a-w- c:\windows\system32\dllcache\weitekp9.dll

2012-03-30 16:36 . 2004-08-04 12:00 31488 ----a-w- c:\windows\system32\dllcache\weitekp9.sys

2012-03-30 16:36 . 2001-08-17 19:28 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys

2012-03-30 16:36 . 2004-08-03 20:29 23615 ----a-w- c:\windows\system32\dllcache\wch7xxnt.sys

2012-03-30 16:36 . 2008-04-14 16:34 32000 ----a-w- c:\windows\system32\dllcache\wceusbsh.sys

2012-03-30 16:36 . 2001-08-17 18:10 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys

2012-03-30 16:34 . 2001-08-17 19:49 24576 ----a-w- c:\windows\system32\dllcache\viairda.sys

2012-03-30 16:34 . 2001-08-17 19:28 687999 ----a-w- c:\windows\system32\dllcache\usrwdxjs.sys

2012-03-30 16:34 . 2001-08-17 19:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys

2012-03-30 16:34 . 2001-08-17 19:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys

2012-03-30 16:34 . 2001-08-17 19:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys

2012-03-30 16:34 . 2001-08-17 19:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys

2012-03-30 16:34 . 2001-08-17 19:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys

2012-03-30 16:34 . 2001-08-17 19:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys

2012-03-30 16:34 . 2001-08-17 19:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys

2012-03-30 16:34 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys

2012-03-30 16:33 . 2008-04-13 18:45 17152 ----a-w- c:\windows\system32\dllcache\usbohci.sys

2012-03-30 16:33 . 2004-08-03 22:55 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys

2012-03-30 16:33 . 2001-09-06 19:27 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll

2012-03-30 16:33 . 2001-09-06 19:27 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll

2012-03-30 16:33 . 2001-09-06 19:27 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll

2012-03-30 16:33 . 2001-09-06 19:27 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll

2012-03-30 16:33 . 2001-09-06 19:27 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll

2012-03-30 16:33 . 2001-08-17 19:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys

2012-03-30 16:33 . 2001-09-06 19:27 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll

2012-03-30 16:33 . 2001-09-06 19:27 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll

2012-03-30 16:33 . 2001-09-06 19:27 212480 ----a-w- c:\windows\system32\dllcache\um54scan.dll

2012-03-30 16:32 . 2001-09-06 19:27 216576 ----a-w- c:\windows\system32\dllcache\um34scan.dll

2012-03-30 16:32 . 2001-08-17 19:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys

2012-03-30 16:32 . 2004-08-04 12:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe

2012-03-30 16:32 . 2001-08-17 18:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys

2012-03-30 16:32 . 2001-09-06 19:27 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll

2012-03-30 16:32 . 2001-08-17 18:51 159232 ----a-w- c:\windows\system32\dllcache\tridkbm.sys

2012-03-30 16:32 . 2001-09-06 19:26 440576 ----a-w- c:\windows\system32\dllcache\tridkb.dll

2012-03-30 16:32 . 2001-08-17 18:51 222336 ----a-w- c:\windows\system32\dllcache\trid3dm.sys

2012-03-30 16:32 . 2001-09-06 19:26 315520 ----a-w- c:\windows\system32\dllcache\trid3d.dll

2012-03-30 16:32 . 2001-08-17 18:12 34375 ----a-w- c:\windows\system32\dllcache\tpro4.sys

2012-03-30 16:32 . 2001-09-06 19:26 43008 ----a-w- c:\windows\system32\dllcache\tp4res.dll

2012-03-30 16:32 . 2008-04-14 17:03 82944 ----a-w- c:\windows\system32\dllcache\tp4mon.exe

2012-03-30 16:30 . 2001-08-17 19:49 30464 ----a-w- c:\windows\system32\dllcache\tbatm155.sys

2012-03-30 16:30 . 2001-08-17 19:52 7040 ----a-w- c:\windows\system32\dllcache\tandqic.sys

2012-03-30 16:30 . 2001-08-17 18:50 36640 ----a-w- c:\windows\system32\dllcache\t2r4mini.sys

2012-03-30 16:30 . 2001-09-06 19:26 172768 ----a-w- c:\windows\system32\dllcache\t2r4disp.dll

2012-03-30 16:30 . 2001-09-06 19:27 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll

2012-03-30 16:30 . 2001-08-17 19:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys

2012-03-30 16:30 . 2001-08-17 20:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys

2012-03-30 16:30 . 2001-09-06 19:27 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll

2012-03-30 16:30 . 2001-09-06 19:27 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll

2012-03-30 16:30 . 2001-09-06 19:27 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll

2012-03-30 16:29 . 2001-09-06 19:27 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll

2012-03-30 16:29 . 2001-09-06 19:27 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll

2012-03-30 16:29 . 2001-09-06 19:27 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll

2012-03-30 16:29 . 2001-09-06 16:20 286432 ----a-w- c:\windows\system32\dllcache\stlnata.sys

2012-03-30 16:29 . 2001-09-06 16:19 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys

2012-03-30 16:29 . 2001-08-17 18:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys

2012-03-30 16:29 . 2004-08-04 12:00 101888 ----a-w- c:\windows\system32\dllcache\srusbusd.dll

2012-03-30 16:29 . 2001-09-06 19:27 99840 ----a-w- c:\windows\system32\dllcache\srusd.dll

2012-03-30 16:29 . 2001-09-06 19:27 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll

2012-03-30 16:29 . 2001-08-17 19:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys

2012-03-30 16:27 . 2001-09-06 18:56 36425 ----a-w- c:\windows\system32\dllcache\smcirda.sys

2012-03-30 16:26 . 2001-09-06 18:53 95146 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys

2012-03-30 16:26 . 2001-09-06 19:26 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll

2012-03-30 16:26 . 2001-08-17 18:50 50432 ----a-w- c:\windows\system32\dllcache\sisv.sys

2012-03-30 16:26 . 2004-08-03 20:31 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys

2012-03-30 16:26 . 2001-09-06 19:27 238592 ----a-w- c:\windows\system32\dllcache\sisgrv.dll

2012-03-30 16:26 . 2001-08-17 18:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys

2012-03-30 16:26 . 2001-09-06 19:26 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll

2012-03-30 16:26 . 2001-08-17 18:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys

2012-03-30 16:26 . 2001-09-06 19:26 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll

2012-03-30 16:26 . 2001-08-17 18:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys

2012-03-30 16:26 . 2004-08-04 12:00 18944 ----a-w- c:\windows\system32\dllcache\simptcp.dll

2012-03-30 16:26 . 2001-09-06 18:49 161760 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

2012-03-30 16:24 . 2001-08-17 19:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys

2012-03-30 16:24 . 2001-09-06 18:42 23936 ----a-w- c:\windows\system32\dllcache\sccmn50m.sys

2012-03-30 16:24 . 2008-04-13 18:40 43904 ----a-w- c:\windows\system32\dllcache\sbp2port.sys

2012-03-30 16:24 . 2001-09-06 19:27 495616 ----a-w- c:\windows\system32\dllcache\sblfx.dll

2012-03-30 16:24 . 2001-08-17 18:50 75392 ----a-w- c:\windows\system32\dllcache\s3savmxm.sys

2012-03-30 16:24 . 2001-09-06 19:26 245632 ----a-w- c:\windows\system32\dllcache\s3savmx.dll

2012-03-30 16:24 . 2001-08-17 18:50 77824 ----a-w- c:\windows\system32\dllcache\s3sav4m.sys

2012-03-30 16:24 . 2001-09-06 19:26 198400 ----a-w- c:\windows\system32\dllcache\s3sav4.dll

2012-03-30 16:24 . 2001-08-17 18:50 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys

2012-03-30 16:24 . 2001-09-06 19:26 179264 ----a-w- c:\windows\system32\dllcache\s3sav3d.dll

2012-03-30 16:24 . 2001-09-06 19:26 210496 ----a-w- c:\windows\system32\dllcache\s3mvirge.dll

2012-03-30 16:24 . 2001-09-06 19:26 62496 ----a-w- c:\windows\system32\dllcache\s3mtrio.dll

2012-03-30 16:24 . 2001-08-17 18:50 41216 ----a-w- c:\windows\system32\dllcache\s3mt3d.sys

2012-03-30 16:22 . 2001-08-17 18:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys

2012-03-30 16:22 . 2001-09-06 19:27 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll

2012-03-30 16:22 . 2004-08-04 12:00 14848 ----a-w- c:\windows\system32\dllcache\register.exe

2012-03-30 16:22 . 2001-09-06 19:27 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe

2012-03-30 16:22 . 2001-08-17 19:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys

2012-03-30 16:22 . 2001-09-06 18:29 715210 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys

2012-03-30 16:22 . 2001-09-06 18:29 899594 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys

2012-03-30 16:22 . 2001-09-06 19:27 41984 ----a-w- c:\windows\system32\dllcache\qvusd.dll

2012-03-30 16:22 . 2001-08-17 19:53 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys

2012-03-30 16:22 . 2004-08-04 12:00 9728 ----a-w- c:\windows\system32\dllcache\query.exe

2012-03-30 16:22 . 2004-08-04 12:00 16896 ----a-w- c:\windows\system32\dllcache\quser.exe

2012-03-30 16:22 . 2008-04-13 18:40 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys

2012-03-30 16:22 . 2001-08-17 19:28 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys

2012-03-30 16:20 . 2001-08-17 20:07 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys

2012-03-30 16:19 . 2001-08-17 18:12 30495 ----a-w- c:\windows\system32\dllcache\pc100nds.sys

2012-03-30 16:18 . 2001-09-06 18:09 54666 ----a-w- c:\windows\system32\dllcache\otcsercb.sys

2012-03-30 16:18 . 2001-09-06 18:09 43785 ----a-w- c:\windows\system32\dllcache\otceth5.sys

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-09 18:14 . 2012-03-09 18:14 61440 ----a-w- c:\windows\system32\drivers\vtsk.sys

2012-03-09 18:06 . 2012-03-09 18:06 61440 ----a-w- c:\windows\system32\drivers\wtqlsmm.sys

2012-03-01 11:00 . 2004-09-14 08:38 43520 ------w- c:\windows\system32\licmgr10.dll

2012-03-01 11:00 . 2004-09-14 08:38 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10 . 2004-09-14 08:38 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17 . 2004-09-14 08:38 385024 ------w- c:\windows\system32\html.iec

2012-02-03 09:57 . 2004-09-14 08:38 1860224 ----a-w- c:\windows\system32\win32k.sys

2012-01-31 12:44 . 2012-02-24 19:52 237072 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((( SnapShot_2012-04-01_09.31.40 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-04-20 09:33 . 2012-04-20 09:33 16384 c:\windows\temp\Perflib_Perfdata_638.dat

+ 2004-09-14 08:38 . 2012-04-20 09:38 91146 c:\windows\system32\perfc013.dat

+ 2004-09-14 08:38 . 2012-04-20 09:38 70610 c:\windows\system32\perfc009.dat

+ 2004-09-14 08:38 . 2012-03-01 11:00 66560 c:\windows\system32\mshtmled.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 66560 c:\windows\system32\mshtmled.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 25600 c:\windows\system32\jsproxy.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 25600 c:\windows\system32\jsproxy.dll

- 2009-06-11 15:02 . 2011-12-17 19:42 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2009-06-11 15:02 . 2012-03-01 11:00 12800 c:\windows\system32\dllcache\xpshims.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 66560 c:\windows\system32\dllcache\mshtmled.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 66560 c:\windows\system32\dllcache\mshtmled.dll

+ 2007-05-09 17:41 . 2012-03-01 11:00 55296 c:\windows\system32\dllcache\msfeedsbs.dll

- 2007-05-09 17:41 . 2011-12-17 19:42 55296 c:\windows\system32\dllcache\msfeedsbs.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 43520 c:\windows\system32\dllcache\licmgr10.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 43520 c:\windows\system32\dllcache\licmgr10.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 25600 c:\windows\system32\dllcache\jsproxy.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll

+ 2012-04-19 17:02 . 2012-04-19 17:04 2114 c:\windows\SoftwareDistribution\EventCache\{1CB89403-3403-4197-AD42-AFCEFE598EAB}.bin

+ 2004-09-14 08:38 . 2012-04-20 09:38 506230 c:\windows\system32\perfh013.dat

+ 2004-09-14 08:38 . 2012-04-20 09:38 436900 c:\windows\system32\perfh009.dat

+ 2004-09-14 08:38 . 2012-03-01 11:00 206848 c:\windows\system32\occache.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 206848 c:\windows\system32\occache.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 611840 c:\windows\system32\mstime.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 611840 c:\windows\system32\mstime.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 184320 c:\windows\system32\iepeers.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 184320 c:\windows\system32\iepeers.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 387584 c:\windows\system32\iedkcs32.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 387584 c:\windows\system32\iedkcs32.dll

- 2004-09-14 08:38 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe

+ 2004-09-14 08:38 . 2012-02-29 12:18 174080 c:\windows\system32\ie4uinit.exe

+ 2012-04-02 09:29 . 2012-04-02 09:29 138848 c:\windows\system32\FNTCACHE.DAT

- 2004-09-14 08:38 . 2009-12-24 07:05 177664 c:\windows\system32\dllcache\wintrust.dll

+ 2004-09-14 08:38 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 916992 c:\windows\system32\dllcache\wininet.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 916992 c:\windows\system32\dllcache\wininet.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 105984 c:\windows\system32\dllcache\url.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 105984 c:\windows\system32\dllcache\url.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 206848 c:\windows\system32\dllcache\occache.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 206848 c:\windows\system32\dllcache\occache.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 611840 c:\windows\system32\dllcache\mstime.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 611840 c:\windows\system32\dllcache\mstime.dll

- 2007-05-09 17:41 . 2011-12-17 19:42 602112 c:\windows\system32\dllcache\msfeeds.dll

+ 2007-05-09 17:41 . 2012-03-01 11:00 602112 c:\windows\system32\dllcache\msfeeds.dll

+ 2004-09-14 08:38 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll

+ 2009-06-11 15:02 . 2012-03-01 11:00 247808 c:\windows\system32\dllcache\ieproxy.dll

- 2009-06-11 15:02 . 2011-12-17 19:42 247808 c:\windows\system32\dllcache\ieproxy.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 184320 c:\windows\system32\dllcache\iepeers.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 184320 c:\windows\system32\dllcache\iepeers.dll

- 2010-06-11 16:48 . 2011-12-17 19:42 743424 c:\windows\system32\dllcache\iedvtool.dll

+ 2010-06-11 16:48 . 2012-03-01 11:00 743424 c:\windows\system32\dllcache\iedvtool.dll

- 2004-09-14 08:38 . 2011-12-17 19:42 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 387584 c:\windows\system32\dllcache\iedkcs32.dll

+ 2004-09-14 08:38 . 2012-02-29 12:18 174080 c:\windows\system32\dllcache\ie4uinit.exe

- 2004-09-14 08:38 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe

+ 2012-04-19 17:04 . 2011-12-17 19:42 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll

+ 2012-04-19 17:04 . 2010-07-05 13:21 401272 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll

+ 2012-04-19 17:04 . 2010-07-05 13:21 234872 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe

+ 2012-04-19 17:04 . 2011-12-17 19:42 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll

+ 2012-04-19 17:04 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe

- 2004-09-14 08:38 . 2011-12-17 19:42 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 1212416 c:\windows\system32\dllcache\urlmon.dll

+ 2004-09-14 08:38 . 2012-03-01 11:00 5978624 c:\windows\system32\dllcache\mshtml.dll

- 2007-05-09 17:41 . 2011-12-17 19:42 2000384 c:\windows\system32\dllcache\iertutil.dll

+ 2007-05-09 17:41 . 2012-03-01 11:00 2000384 c:\windows\system32\dllcache\iertutil.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll

+ 2012-04-19 17:04 . 2011-12-17 19:42 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll

+ 2006-01-07 16:15 . 2012-04-19 17:02 55154568 c:\windows\system32\MRT.exe

+ 2007-05-09 17:41 . 2012-03-02 04:00 11082752 c:\windows\system32\dllcache\ieframe.dll

+ 2012-04-19 17:04 . 2011-12-18 13:42 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll

.

-- Snapshot teruggezet naar huidige datum --

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Digital Line Detect.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Digital Line Detect.lnk

backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^dlbcserv.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\dlbcserv.lnk

backup=c:\windows\pss\dlbcserv.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Desktop Messenger.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Logitech Desktop Messenger.lnk

backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^SpeedTouch 121g Wireless USB Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\SpeedTouch 121g Wireless USB Monitor.lnk

backup=c:\windows\pss\SpeedTouch 121g Wireless USB Monitor.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Wireless Manager UI]

c:\windows\system32\WLTRAY [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

2007-03-09 09:09 63712 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]

2005-09-01 17:24 684032 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

2005-07-19 10:06 77824 ----a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2005-07-19 10:10 114688 ----a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2005-07-19 10:09 94208 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

2005-06-08 13:44 196608 ----a-w- c:\program files\Logitech\Video\ManifestEngine.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

2005-06-08 14:24 458752 ----a-w- c:\program files\Logitech\Video\ISStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

2005-06-08 14:14 217088 ----a-w- c:\program files\Logitech\Video\LogiTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

2005-07-19 16:32 221184 ----a-w- c:\windows\system32\LVCOMSX.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]

2003-09-10 02:24 20480 ------w- c:\program files\NetWaiting\netwaiting.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 17:03 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRISMSVR.EXE]

2004-07-02 14:27 295001 ----a-w- c:\program files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]

2005-09-09 23:19 393216 ----a-w- c:\windows\stsystra.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-04-18 09:34 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2007-07-27 17:12 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2005-06-24 06:36 729178 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2006-11-02 21:53 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\LEXPPS.EXE"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5-11-2010 22:39 136176]

S2 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5-11-2010 22:39 136176]

S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]

S3 BT4501G;SpeedTouch 121g Wireless USB Adapter Driver;c:\windows\system32\drivers\BT4501G.sys [13-2-2010 17:39 357568]

S3 hitmanpro3;Hitman Pro 3 Support Driver;c:\windows\system32\drivers\hitmanpro3.sys [8-10-2008 10:57 3328]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-03-31 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 17:55]

.

2012-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 20:38]

.

2012-04-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 20:38]

.

2012-04-20 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 14:39]

.

2012-04-20 c:\windows\Tasks\User_Feed_Synchronization-{56A91E46-6A24-4EEB-AD2C-ED8EA2FA3525}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyServer = wwwproxy.xs4all.nl:8080

uInternet Settings,ProxyOverride = localhost

TCP: DhcpNameServer = 192.168.1.254

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-04-20 11:43

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(764)

c:\windows\System32\BCMLogon.dll

.

Voltooingstijd: 2012-04-20 11:46:25

ComboFix-quarantined-files.txt 2012-04-20 09:46

ComboFix2.txt 2012-04-19 17:20

ComboFix3.txt 2012-04-03 10:05

ComboFix4.txt 2012-04-02 09:49

ComboFix5.txt 2012-04-20 09:35

.

Pre-Run: 21.171.503.104 bytes beschikbaar

Post-Run: 21.161.394.176 bytes beschikbaar

.

- - End Of File - - D14FE6DE5B9F77FDB5F6F1EFF0D6589B

groetjes jovadesa

Geplaatst:

Combofix heeft zijn werk gedaan.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Voor die fout bij het opstarten mag je het volgende doen.

Ga naar start -alle programma's - bureauaccessoires.

Klik met rechts op het icoon van de opdrachtprompt en kies voor uitvoeren als administrator om het opdrachtprompt te openen.

Typ sfc /scannow en druk enter. (let op de spatie voor de / )

Alle windows systeembestanden worden nu gecontroleerd op fouten en indien nodig vervangen door een correcte versie.

Hou de windows installatie cd/dvd bij de hand (als je er een hebt) want er kan om gevraagd worden.

Na de scan krijg je een overzicht van de resutlaten en een verwijzing naar een CBS logbestand.

Geef het overzicht van de resultaten in een volgend bericht.

Geplaatst: (aangepast)
opdracht uitgevoerd, maar krijg geen CBS logbestand

wat nu?

groetjes jovadesa

Kreeg je een melding op het einde van de scan dat er fouten gevonden werden? Of kreeg je de melding "Er zijn geen integriteitsfouten gevonden". In dat laatste geval hoef je het onderstaande volgens mij niet uit te voeren. Enkel als hij fouten gaf na de scan kan je het logje posten volgens onderstaande methode:

- ga naar het startmenu

- typ %windir%\logs\cbs en druk op enter

- bovenstaan staat er dan een tekstbestand met de naam CBS . (Als er meerdere CBS bestanden zouden zijn, neem je de meest recente datum.) Open het CBS bestand door er op te dubbelklikken. Kies dan Bewerken/Alles selecteren. Nu is alles blauw. Laat het blauw en kies Bewerken/Kopieren. Ga nu naar dit forum en rechtsklik op je nieuw bericht en kies Plakken.

aangepast door Kurtt
Geplaatst:

%windir%\logs\cbs en druk op enter is niet toegankelijk

uiteindelijk logs ingedrukt en er ontstonden de volgende bestanden. Ik weet niet of U deze bedoelt.

wbemcore:

(Fri Apr 20 17:09:24 2012.294906) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:09:24 2012.294921) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:09:26 2012.297078) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:09:26 2012.297171) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:09:26 2012.297359) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:09:26 2012.297359) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:46 2012.66281) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:49 2012.68921) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:49 2012.69031) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:49 2012.69515) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:49 2012.69546) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:50 2012.69828) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:50 2012.69828) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:50 2012.69828) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:50 2012.70515) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:50 2012.70546) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:51 2012.70578) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:51 2012.70578) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:53 2012.73140) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:55 2012.75546) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:11:55 2012.75546) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:12:01 2012.81250) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:14:42 2012.242375) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:14:56 2012.256125) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:14:58 2012.258140) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:00 2012.260156) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:02 2012.262171) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:39 2012.298968) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:39 2012.298984) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:40 2012.299703) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:40 2012.299734) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:40 2012.299765) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:15:40 2012.299765) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:21:36 2012.655750) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:21:36 2012.655843) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:21:38 2012.658093) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:37:10 2012.1589609) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 17:39:50 2012.1750046) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:25 2012.37656) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:28 2012.41500) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:29 2012.41562) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:29 2012.41593) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:31 2012.43968) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:32 2012.44750) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:32 2012.44812) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 20:57:34 2012.46953) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:01:23 2012.276281) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:01:23 2012.276281) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:01:24 2012.277031) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:01:24 2012.277062) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:01:24 2012.277140) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:01:24 2012.277140) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:07:29 2012.642296) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:07:29 2012.642406) : GetUserDefaultLCID failed, restorting to system verion(Fri Apr 20 21:07:32 2012.644703) :

GetUserDefaultLCID failed, restorting to system verion

wbemess:

(Fri Apr 20 17:08:42 2012.252687) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:09:57 2012.328265) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334250) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334250) : Failed to log an event: 1F

(Fri Apr 20 17:10:03 2012.334250) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334250) : Failed to log an event: 1F

(Fri Apr 20 17:10:03 2012.334250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334265) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334265) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:03 2012.334343) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334343) : Failed to log an event: 6B5

(Fri Apr 20 17:10:03 2012.334343) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334343) : Failed to log an event: 6B5

(Fri Apr 20 17:10:03 2012.334343) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334343) : Failed to log an event: 6B5

(Fri Apr 20 17:10:03 2012.334343) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334343) : Failed to log an event: 6B5

(Fri Apr 20 17:10:03 2012.334343) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334343) : Failed to log an event: 6B5

(Fri Apr 20 17:10:03 2012.334343) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:03 2012.334343) : Failed to log an event: 6B5

(Fri Apr 20 17:10:03 2012.334343) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334343) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334343) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334343) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334343) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334343) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:03 2012.334343) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:04 2012.334828) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335234) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335234) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335234) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335234) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335234) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335234) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335234) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335234) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335250) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335250) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335250) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335250) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335250) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335250) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335250) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335250) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335250) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:04 2012.335453) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:04 2012.335453) : Failed to log an event: 6B5

(Fri Apr 20 17:10:04 2012.335453) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:04 2012.335453) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:05 2012.335687) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:05 2012.335687) : Failed to log an event: 6B5

(Fri Apr 20 17:10:05 2012.335687) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:05 2012.335687) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:05 2012.335875) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:05 2012.335875) : Failed to log an event: 6B5

(Fri Apr 20 17:10:05 2012.335875) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:05 2012.335875) : Failed to log an event: 6B5

(Fri Apr 20 17:10:05 2012.335875) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:05 2012.335875) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:05 2012.335875) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:05 2012.336515) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:05 2012.336515) : Failed to log an event: 6B5

(Fri Apr 20 17:10:05 2012.336515) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:05 2012.336515) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:06 2012.336906) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:06 2012.336906) : Failed to log an event: 6B5

(Fri Apr 20 17:10:06 2012.336906) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:06 2012.336906) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:06 2012.337015) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:06 2012.337015) : Failed to log an event: 6B5

(Fri Apr 20 17:10:06 2012.337015) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:06 2012.337015) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:10:09 2012.339734) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:10:09 2012.339734) : Failed to log an event: 6B5

(Fri Apr 20 17:10:09 2012.339734) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:10:09 2012.339734) : Failed to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 0x80041001. Dropping event.

(Fri Apr 20 17:11:59 2012.78656) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:11:59 2012.78750) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:11:59 2012.78750) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:11:59 2012.78750) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:11:59 2012.78750) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:11:59 2012.78750) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:11:59 2012.78765) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:12:02 2012.81843) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:12:25 2012.105531) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 17:39:50 2012.1750031) : Unable to register event source 'Service Control Manager' on server ''. Error code: 6B5

(Fri Apr 20 17:39:50 2012.1750031) : Event consumer provider is unable to instantiate event consumer NTEventLogEventConsumer="SCM Event Log Consumer": error code 0x80041001

(Fri Apr 20 17:39:50 2012.1750046) : Failed the first attempt to retrieve the sink to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 80041001.

WMI will reload and retry.

(Fri Apr 20 17:39:50 2012.1750046) : Unable to register event source 'Service Control Manager' on server ''. Error code: 6B5

(Fri Apr 20 17:39:50 2012.1750062) : Event consumer provider is unable to instantiate event consumer NTEventLogEventConsumer="SCM Event Log Consumer": error code 0x80041001

(Fri Apr 20 17:39:50 2012.1750062) : Failed the second attempt to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 80041001.

This event is dropped for this consumer.

(Fri Apr 20 17:39:50 2012.1750078) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750078) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750093) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Unable to register event source 'Service Control Manager' on server ''. Error code: 6B5

(Fri Apr 20 17:39:50 2012.1750203) : Event consumer provider is unable to instantiate event consumer NTEventLogEventConsumer="SCM Event Log Consumer": error code 0x80041001

(Fri Apr 20 17:39:50 2012.1750203) : Failed the first attempt to retrieve the sink to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 80041001.

WMI will reload and retry.

(Fri Apr 20 17:39:50 2012.1750203) : Unable to register event source 'Service Control Manager' on server ''. Error code: 6B5

(Fri Apr 20 17:39:50 2012.1750203) : Event consumer provider is unable to instantiate event consumer NTEventLogEventConsumer="SCM Event Log Consumer": error code 0x80041001

(Fri Apr 20 17:39:50 2012.1750203) : Failed the second attempt to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 80041001.

This event is dropped for this consumer.

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750203) : Dropping event destined for event consumer NTEventLogEventConsumer="SCM Event Log Consumer" in namespace //./root/subscription

(Fri Apr 20 17:39:50 2012.1750265) : Unable to register event source 'Service Control Manager' on server ''. Error code: 6B5

(Fri Apr 20 17:39:50 2012.1750265) : Event consumer provider is unable to instantiate event consumer NTEventLogEventConsumer="SCM Event Log Consumer": error code 0x80041001

(Fri Apr 20 17:39:50 2012.1750265) : Failed the first attempt to retrieve the sink to deliver an event to event consumer NTEventLogEventConsumer="SCM Event Log Consumer" with error code 80041001.

WMI will reload and retry.

(Fri Apr 20 20:57:25 2012.37640) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:57:25 2012.37828) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:57:25 2012.37828) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:57:25 2012.37828) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:57:25 2012.37828) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:57:25 2012.37828) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:57:25 2012.37828) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:57:31 2012.44437) : NT Event Log Consumer: could not retrieve sid, 0x80041002

(Fri Apr 20 20:58:22 2012.94718) : NT Event Log Consumer: could not retrieve sid, 0x80041002

wmiprov:

(Fri Apr 20 17:09:26 2012.297187) : WDM call returned error: 4200

(Fri Apr 20 17:09:26 2012.297359) : ***************************************

(Fri Apr 20 17:09:26 2012.297359) : Could not get pointer to binary resource for file:

(Fri Apr 20 17:09:26 2012.297359) : C:\WINDOWS\system32\DRIVERS\bcmwl5.sys[NdisMofResource](Fri Apr 20 17:09:26 2012.297359) :

(Fri Apr 20 17:09:26 2012.297359) : ***************************************

(Fri Apr 20 17:15:40 2012.299734) : WDM call returned error: 4200

(Fri Apr 20 17:15:40 2012.299765) : ***************************************

(Fri Apr 20 17:15:40 2012.299765) : Could not get pointer to binary resource for file:

(Fri Apr 20 17:15:40 2012.299765) : C:\WINDOWS\system32\DRIVERS\bcmwl5.sys[NdisMofResource](Fri Apr 20 17:15:40 2012.299765) :

(Fri Apr 20 17:15:40 2012.299765) : ***************************************

(Fri Apr 20 17:22:08 2012.688171) : Impersonation failed - Access denied

(Fri Apr 20 21:01:24 2012.277078) : WDM call returned error: 4200

(Fri Apr 20 21:01:24 2012.277125) : ***************************************

(Fri Apr 20 21:01:24 2012.277125) : Could not get pointer to binary resource for file:

(Fri Apr 20 21:01:24 2012.277125) : C:\WINDOWS\system32\DRIVERS\bcmwl5.sys[NdisMofResource](Fri Apr 20 21:01:24 2012.277125) :

(Fri Apr 20 21:01:24 2012.277125) : ***************************************

(Fri Apr 20 21:07:25 2012.637609) : Impersonation failed - Access denied

groetjes jovadesa

Geplaatst:

Probeer het eens op deze manier.

Ga naar start -alle programma's - bureauaccessoires.

Klik met rechts op het icoon van de opdrachtprompt en kies voor uitvoeren als administrator om het opdrachtprompt te openen.

Typ sfc /scannow > c:\cbs.txt en druk enter. (let op de spatie voor de /scannow )

Alle windows systeembestanden worden nu gecontroleerd op fouten en indien nodig vervangen door een correcte versie.

Hou de windows installatie cd/dvd bij de hand (als je er een hebt) want er kan om gevraagd worden.

Na de scan open je het bestand cbs.txt en plak de inhoud in een volgend bericht.

Geplaatst:

opdracht uitgevoerd.

scan helemaal uitgevoerd,maar geen rapport

bestand C:\CBS.txt gezocht, maar geen inhoud (0kb)

Overigens heb ik geen CD/DVD van windowsXP. Laptop is indertijd volledig geinstalleerd geleverd

groetjes jovadesa


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.