Mededeling

Collapse
No announcement yet.

Start niet in veilige mode/Flightsim loopt vast

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Start niet in veilige mode/Flightsim loopt vast

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:25:03, on 18-1-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\SPAMfighter\sfus.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: LF3_BHO Class - {43D29D14-460E-4F3A-9037-E60F11EF12F0} - C:\WINDOWS\System32\LightFrame3IECOM.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: CAdBlocker Object - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - C:\PROGRA~1\EASYCO~1\PCCLEA~1.0\POP-UP~1.DLL
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Easy Computing*Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\EASYCO~1\PCCLEA~1.0\POP-UP~1.DLL
    O9 - Extra 'Tools' menuitem: PC Cleaner 2.0 Pop-up Blocker - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - C:\PROGRA~1\EASYCO~1\PCCLEA~1.0\POP-UP~1.DLL
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com/
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} - http://hotelforumrome.remotemanager.co.uk/common/activex/MJPEGRender.ocx
    O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe

    --
    End of file - 6970 bytes
    Labels: Geen
    • Citaat
  • #2
    Ik zie eigenlijk geen sporen van malware in je log.

    Doe eerst dit maar eens:

    Je Java software is verouderd. oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
    Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:
    • Download Java Runtime Environment (JRE) 6u4.
    • Scroll omlaag naar : "Java Runtime Environment (JRE) 6u4".
    • Klik op de "Download" knop aan de rechterkant.
    • In het uitklapmenu rechts naast Platform, selecteer Windows
    • Vink aan: "I agree to the Java SE Runtime Environment 6 License Agreement", en klik op Continue.
    • De pagina zal herladen.
    • Klik op de jre-6u4-windows-i586-p.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
    • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
    • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
    • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
    • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
    • Herhaal dit tot alle oudere versies verdwenen zijn.
    • Na het verwijderen van alle oudere versies, herstart je pc.
    • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


    Download Combofix (mirror) naar je Bureaublad.
    Dubbelklik op Combofix.exe
    Kies voor "Continue" door 1 te typen gevolgd door ENTER.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
    Plaats deze log in je volgende post.

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
    • Citaat

    Comment

    • #3
      Oorspronkelijk geplaatst door smeenk Bekijk Berichten
      Ik zie eigenlijk geen sporen van malware in je log.

      Doe eerst dit maar eens:

      Je Java software is verouderd. oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
      Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:
      • Download [url=http://java.sun.com/javase/downloads/index.jsp]Java Runtime Environment (JRE) 6u4.
      • Scroll omlaag naar : "Java Runtime Environment (JRE) 6u4".
      • Klik op de "Download" knop aan de rechterkant.
      • In het uitklapmenu rechts naast Platform, selecteer Windows
      • Vink aan: "I agree to the Java SE Runtime Environment 6 License Agreement", en klik op Continue.
      • De pagina zal herladen.
      • Klik op de jre-6u4-windows-i586-p.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
      • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
      • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
      • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
      • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
      • Herhaal dit tot alle oudere versies verdwenen zijn.
      • Na het verwijderen van alle oudere versies, herstart je pc.
      • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.


      Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]Combofix ([url=http://www.forospyware.com/sUBs/ComboFix.exe]mirror) naar je Bureaublad.
      Dubbelklik op Combofix.exe
      Kies voor "Continue" door 1 te typen gevolgd door ENTER.
      Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
      Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
      Plaats deze log in je volgende post.

      NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
      • Citaat

      Comment

      • #4
        ComboFix 08-01-18.4 - W.A. Vincente 2008-01-18 15:56:24.2 - NTFSx86
        Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.255 [GMT 1:00]
        Gestart vanuit: C:\Documents and Settings\W.A. Vincente\Bureaublad\ComboFix.exe

        WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
        .

        (((((((((((((((((((( Bestanden Gemaakt van 2007-12-18 to 2008-01-18 ))))))))))))))))))))))))))))))
        .

        2008-01-18 15:28 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
        2008-01-18 15:23 . 2007-12-14 01:59 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
        2008-01-18 10:22 . 2008-01-18 10:22 <DIR> d-------- C:\Program Files\Trend Micro
        2008-01-14 22:51 . 2008-01-14 22:51 <DIR> d--hs---- C:\WINDOWS\ftpcache
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Yahoo!
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Windows Sidebar
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Snelkoppelingen naar programma's
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Power Cinema
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Panicware
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\MSXML 4.0
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Elaborate Bytes
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\DriverGuide Toolkit
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\directx
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Common Files\NSV
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Common Files\Hakkie
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Avance Sound Manager
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\ArcSoft
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\aod
        2008-01-14 22:50 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Alwil Software
        2008-01-14 22:06 . 2008-01-14 22:50 <DIR> d-------- C:\Documents and Settings\W.A. Vincente\Application Data\RegistrySmart
        2008-01-14 16:26 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Alwil Software(2)
        2008-01-14 15:53 . 2008-01-14 22:50 <DIR> d-------- C:\Program Files\Temp
        2008-01-14 15:53 . 2008-01-14 15:54 <DIR> d-------- C:\Program Files\Logs
        2008-01-14 15:52 . 2008-01-14 16:09 <DIR> d-------- C:\Program Files\Config
        2008-01-13 13:19 . 2008-01-13 13:19 <DIR> d-------- C:\Documents and Settings\W.A. Vincente\.housecall6.6
        2008-01-06 10:50 . 2008-01-06 15:23 <DIR> d-------- C:\Program Files\Hakkie
        2008-01-06 10:50 . 2008-01-06 10:50 <DIR> d-------- C:\Documents and Settings\W.A. Vincente\Application Data\Hakkie
        2008-01-04 15:52 . 2008-01-04 15:52 <DIR> d-------- C:\Program Files\HP
        2008-01-02 12:48 . 2008-01-03 15:58 <DIR> d-------- C:\Program Files\vghd
        2007-12-18 10:46 . 2007-12-18 10:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft

        .
        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-01-18 14:38 --------- d-----w C:\Program Files\SPAMfighter
        2008-01-18 14:23 --------- d-----w C:\Program Files\Java
        2008-01-17 18:31 --------- d-----w C:\Documents and Settings\W.A. Vincente\Application Data\Skype
        2008-01-15 21:01 --------- d-----w C:\Program Files\Microsoft Games
        2008-01-14 21:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2008-01-14 15:09 --------- d---a-w C:\Program Files\Microsoft AntiSpyware
        2008-01-14 15:09 --------- d-----w C:\Program Files\Weather Pulse
        2008-01-14 15:09 --------- d-----w C:\Program Files\TweakNow RegCleaner Std
        2008-01-14 15:09 --------- d-----w C:\Program Files\Picasa2
        2008-01-14 15:09 --------- d-----w C:\Program Files\OfficeUpdate11
        2008-01-14 15:09 --------- d-----w C:\Program Files\Dixons Album Editor
        2008-01-14 15:09 --------- d-----w C:\Program Files\Common Files\Real
        2008-01-14 15:09 --------- d-----w C:\Program Files\AusLogics BoostSpeed
        2008-01-14 15:09 --------- d-----w C:\Program Files\Ahead
        2008-01-06 19:24 --------- d---a-w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
        2007-12-28 08:37 --------- d-----w C:\Program Files\SpywareGuard
        2007-12-11 19:46 129,784 -c----w C:\WINDOWS\system32\pxafs.dll
        2007-12-11 19:46 120,056 -c----w C:\WINDOWS\system32\pxcpyi64.exe
        2007-12-11 19:46 118,520 -c----w C:\WINDOWS\system32\pxinsi64.exe
        2007-12-09 10:44 --------- d-----w C:\Program Files\MAGIX
        2007-12-09 10:44 --------- d-----w C:\Program Files\Common Files\MAGIX Shared
        2007-12-09 10:44 --------- d-----w C:\Documents and Settings\W.A. Vincente\Application Data\Uniblue
        2007-12-09 10:44 --------- d-----w C:\Documents and Settings\W.A. Vincente\Application Data\MAGIX
        2007-12-09 10:44 --------- d-----w C:\Documents and Settings\W.A. Vincente\Application Data\ArcSoft
        2007-12-09 10:43 --------- d-----w C:\Program Files\Canon
        2007-12-08 09:19 --------- d-----w C:\Program Files\TuneUp Utilities 2007
        2007-12-05 09:53 --------- d-----w C:\Program Files\Google
        2007-12-04 14:56 93,264 -c--a-w C:\WINDOWS\system32\drivers\aswmon.sys
        2007-12-04 14:55 94,544 -c--a-w C:\WINDOWS\system32\drivers\aswmon2.sys
        2007-12-04 14:53 23,152 -c--a-w C:\WINDOWS\system32\drivers\aswRdr.sys
        2007-12-04 14:51 42,912 -c--a-w C:\WINDOWS\system32\drivers\aswTdi.sys
        2007-12-04 14:49 26,624 -c--a-w C:\WINDOWS\system32\drivers\aavmker4.sys
        2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
        2007-12-04 12:54 95,608 -c--a-w C:\WINDOWS\system32\AvastSS.scr
        2007-11-24 15:37 --------- d-----w C:\Program Files\SpywareBlaster
        2007-11-08 07:57 88 -c--a-w C:\Program Files\log.out
        2007-11-07 09:30 727,040 ----a-w C:\WINDOWS\system32\lsasrv.dll
        2007-10-29 22:45 1,291,776 -c--a-w C:\WINDOWS\system32\quartz.dll
        2007-10-20 05:01 227,328 -c--a-w C:\WINDOWS\system32\wmasf.dll
        2006-12-17 09:27 985,904 -c--a-w C:\Program Files\FreecorderSetup.exe
        2006-11-28 19:38 1,155,072 -c--a-w C:\Program Files\libmysql.dll
        2006-10-12 19:32 40,960 -c--a-w C:\Program Files\autoupdate.exe
        2006-08-20 07:07 178 -c--a-w C:\Program Files\FxNetsky.log
        2006-07-07 10:12 218,112 -c--a-w C:\Program Files\HijackThis[1].exe
        2006-05-26 08:19 5,120 -csha-w C:\Program Files\Thumbs.db
        2006-04-19 07:35 209 -c--a-w C:\Program Files\instadr5.log
        2005-05-31 07:48 2,855,080 -c--a-w C:\Program Files\aawsepersonal.exe
        2004-05-31 20:34 2,372,760 -c--a-w C:\Program Files\winzip90.exe
        2004-03-30 13:25 152,208 -c--a-w C:\Program Files\FxNetsky.exe
        2002-01-18 05:33 21,687 ----a-w C:\Program Files\lj456p5.inf
        2002-01-10 09:08 46,592 ----a-w C:\Program Files\HPPRN02.DLL
        2002-01-10 09:07 139,264 ----a-w C:\Program Files\HPCUI02.DLL
        2002-01-10 09:06 67,584 ----a-w C:\Program Files\HPCRD02.DLL
        2002-01-10 09:06 14,848 ----a-w C:\Program Files\HPOEMUI.DLL
        2002-01-10 09:05 14,336 ----a-w C:\Program Files\HPCSTR02.DLL
        2002-01-10 09:05 136,192 ----a-w C:\Program Files\HPCFNT02.DLL
        2002-01-02 14:25 698 ----a-w C:\Program Files\TTFSUB.GPD
        2002-01-02 14:25 14,362 ----a-w C:\Program Files\STDNAMES.GPD
        2002-01-02 14:25 13,543 ----a-w C:\Program Files\UNIDRV.HLP
        2002-01-02 14:24 678,400 ----a-w C:\Program Files\PCL5ERES.DLL
        2002-01-02 14:24 620,032 ----a-w C:\Program Files\UNIRES.DLL
        2002-01-02 14:24 251,904 ----a-w C:\Program Files\UNIDRV.DLL
        2002-01-02 14:24 197,120 ----a-w C:\Program Files\UNIDRVUI.DLL
        2001-11-28 09:58 63,817 ----a-w C:\Program Files\HPMOPY.GPD
        2001-11-28 09:57 33,003 ----a-w C:\Program Files\HPLJ6P.GPD
        2001-11-28 09:57 31,373 ----a-w C:\Program Files\HPLJ6MP.GPD
        2001-11-28 09:56 37,732 ----a-w C:\Program Files\HPLJ4V.GPD
        2001-11-28 09:56 37,363 ----a-w C:\Program Files\HPLJ5M.GPD
        2001-11-28 09:56 34,742 ----a-w C:\Program Files\HPLJ5.GPD
        2001-11-28 09:56 34,667 ----a-w C:\Program Files\HPLJ5N.GPD
        2001-11-28 09:56 29,967 ----a-w C:\Program Files\HPLJ5P.GPD
        2001-11-28 09:56 29,273 ----a-w C:\Program Files\HPLJ5MP.GPD
        2001-11-28 09:56 26,671 ----a-w C:\Program Files\HPLJ5L.GPD
        2001-11-28 09:56 22,133 ----a-w C:\Program Files\HPLJ6L.GPD
        2001-11-28 09:55 39,543 ----a-w C:\Program Files\HPLJ4PS.GPD
        2001-11-28 09:55 34,227 ----a-w C:\Program Files\HPLJ4MV.GPD
        2001-11-28 09:55 32,668 ----a-w C:\Program Files\HPLJ4SI.GPD
        2001-11-28 09:55 32,199 ----a-w C:\Program Files\HPLJ4M.GPD
        2001-11-28 09:55 28,896 ----a-w C:\Program Files\HPLJ4P.GPD
        2001-11-28 09:55 26,445 ----a-w C:\Program Files\HPLJ4MP.GPD
        2001-11-28 09:55 25,419 ----a-w C:\Program Files\HPLJ4L.GPD
        2001-11-28 09:55 24,613 ----a-w C:\Program Files\HPLJ4ML.GPD
        2001-11-28 09:54 34,106 ----a-w C:\Program Files\HPLJ4.GPD
        2001-11-28 09:52 64,360 ----a-w C:\Program Files\HP5SI.GPD
        2001-11-28 09:52 63,837 ----a-w C:\Program Files\HP5SIM.GPD
        2001-11-28 09:52 34,404 ----a-w C:\Program Files\HP4MPLS.GPD
        2001-11-28 09:52 29,448 ----a-w C:\Program Files\HP4SIMX.GPD
        2001-11-15 10:15 46,508 ----a-w C:\Program Files\HPCLJX02.HLP
        2001-06-19 20:40 190 ----a-w C:\Program Files\HPCMBOX.INI
        2001-06-19 20:39 162 ----a-w C:\Program Files\HPC02.INI
        .

        ((((((((((((((((((((((((((((( [email protected]_15.33.01,31 )))))))))))))))))))))))))))))))))))))))))
        .
        - 2008-01-18 14:22:03 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5bc.dat
        + 2008-01-18 14:37:24 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5bc.dat
        .
        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [ ]
        "SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2007-10-25 15:29 308880]
        "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-02-05 11:50 180269]
        "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:03 15360]
        "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2005-04-25 13:45 36040]

        C:\Documents and Settings\W.A. Vincente\Menu Start\Programma's\Opstarten\
        SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
        "NoResolveSearch"= 1 (0x1)

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
        "NoInstrumentation"= 0 (0x0)

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
        path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
        backup=C:\WINDOWS\pss\Adobe Reader Snelle start.lnkCommon Startup

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Device Detector 3.lnk]
        path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Device Detector 3.lnk
        backup=C:\WINDOWS\pss\Device Detector 3.lnkCommon Startup

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Digital Image Monitor.lnk]

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^GStartup.lnk]

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^LightFrame 3.lnk]

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
        path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
        backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

        [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Timer Wizard.lnk]

        [HKLM\~\startupfolder\C:^Documents and Settings^W.A. Vincente^Menu Start^Programma's^Opstarten^Nieuwsflitser.lnk]
        path=C:\Documents and Settings\W.A. Vincente\Menu Start\Programma's\Opstarten\Nieuwsflitser.lnk
        backup=C:\WINDOWS\pss\Nieuwsflitser.lnkStartup

        [HKLM\~\startupfolder\C:^Documents and Settings^W.A. Vincente^Menu Start^Programma's^Opstarten^OpenOffice.org 2.0.lnk]
        path=C:\Documents and Settings\W.A. Vincente\Menu Start\Programma's\Opstarten\OpenOffice.org 2.0.lnk
        backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup

        [HKLM\~\startupfolder\C:^Documents and Settings^W.A. Vincente^Menu Start^Programma's^Opstarten^VirtuaGirl HD.LNK]
        path=C:\Documents and Settings\W.A. Vincente\Menu Start\Programma's\Opstarten\VirtuaGirl HD.LNK
        backup=C:\WINDOWS\pss\VirtuaGirl HD.LNKStartup

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
        --a------ 2007-12-18 10:44 6731312 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
        --a--c--- 2006-05-09 15:04 65536 C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
        --a------ 2007-03-22 15:09 63712 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
        --a------ 2007-10-10 19:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
        C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_EMC]
        C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BO1HelperStartUp]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CMESys]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
        --a--c--- 2003-06-26 03:02 184320 C:\Program Files\Creative\Shared Files\CAMTRAY.EXE

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafe]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExtraFilmHemmaAgent]
        C:\Program Files\Blokker Bestelsoftware\Agent.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ]
        C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IE New Window Maximizer]
        --a--c--- 2003-01-24 12:21 348160 C:\Program Files\IE New Window Maximizer\iemaximizer.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
        -----c--- 2004-07-16 13:50 1409136 C:\Program Files\Ahead\InCD\InCD.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
        C:\Program Files\iTunes\iTunesHelper.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]


        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
        --a--c--- 2004-10-15 23:03 4886528 C:\Program Files\MSN Messenger\msnmsgr.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
        --a--c--- 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
        --a--c--- 2003-07-28 14:19 4841472 C:\WINDOWS\system32\NvCpl.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
        --a--c--- 2003-07-28 14:19 49152 C:\WINDOWS\System32\NvMcTray.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
        --a--c--- 2003-07-28 14:19 323584 C:\WINDOWS\system32\nwiz.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
        C:\Program Files\QuickTime\qttask.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]


        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
        -ra------ 2007-09-13 12:31 22880040 C:\Program Files\Skype\Phone\Skype.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STOPzilla]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
        C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
        C:\PROGRA~1\Support.com\bin\tgcmd.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
        --a--c--- 2005-02-05 11:50 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
        C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
        C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
        C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
        C:\Program Files\Winamp\winampa.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Window Washer]
        C:\Program Files\Webroot\Washer\wwDisp.exe

        [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
        --a--c--- 2006-11-03 17:20 866584 C:\Program Files\Windows Defender\MSASCui.exe

        R0 OCDE;ZTekWare Original CD Emulator Service;C:\WINDOWS\system32\Drivers\OCDE.sys [2003-11-02 09:28]
        R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys [2002-06-07 09:12]
        R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2002-06-07 09:12]
        R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2007-10-25 15:29]
        R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-04 09:03]
        R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2002-07-01 15:10]
        S3 P1130VID;Creative WebCam NX Pro;C:\WINDOWS\system32\DRIVERS\P1130Vid.sys [2003-06-11 15:00]
        S3 VNUSB;VN Series Device;C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2006-04-07 17:06]

        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
        UxTuneUp

        .
        Inhoud van de 'Gedeelde Taken' map
        "2008-01-15 21:37:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
        - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
        "2007-09-29 07:04:07 C:\WINDOWS\Tasks\Easy Onderhoud.job"
        - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
        "2008-01-18 14:40:32 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
        - C:\Program Files\Windows Defender\MpCmdRun.exe
        "2008-01-14 21:06:17 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
        - C:\Program Files\RegistrySmart\RegistrySmart.ex
        - C:\Program Files\RegistrySmart
        .
        **************************************************************************

        catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-01-18 15:57:29
        Windows 5.1.2600 Service Pack 2 NTFS

        scannen van verborgen processen ...

        scannen van verborgen autostart items ...

        scannen van verborgen bestanden ...

        Scan succesvol afgerond
        verborgen bestanden: 0

        **************************************************************************
        .
        --------------------- DLLs Loaded Under Running Processes ---------------------

        PROCESS: C:\WINDOWS\system32\winlogon.exe
        -> C:\WINDOWS\system32\NavLogon.dll
        .
        Voltooingstijd: 2008-01-18 15:58:19
        ComboFix2.txt 2008-01-18 14:33:40
        .
        2008-01-18 09:04:00 --- E O F ---
        • Citaat

        Comment

        • #5
          Logje lijkt me verder schoon.

          Download ATF cleaner (mirror)(gemaakt door Atribune)

          Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

          Dubbelklik op ATF cleaner om het programma te starten.
          Op het tabblad "Main", plaats je een vinkje bij Select All.
          Klik op de knop Empty Selected.

          Het volgende doen als je ook FireFox als browser hebt:
          Klik op tabblad "Firefox", plaats een vinkje bij Select All.
          Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
          (dit haalt het vinkje weer weg bij "Firefox saved passwords")
          Klik op de knop Empty Selected.

          Het volgende doen als je ook Opera als browser hebt:
          Klik op tabblad "Opera", plaats een vinkje bij Select All.
          Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
          Klik op de knop Empty Selected.
          Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

          Ga naar Start - Uitvoeren en geef hier het volgende in:
          Combofix /U
          Druk daarna op OK.
          Let op: Er moet een spatie tussen Combofix en /U zitten.

          Dit zal Combofix deïnstalleren.

          Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
          Kijk hier hoe je je systeemherstel moet uitschakelen.
          Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

          Zijn er dan nog problemen?
          • Citaat

          Comment

          • #6
            Start nog steeds niet in veilige modus. Kan FS9 niet controleren, omdat hij niet geinstalleerd is.
            • Citaat

            Comment

            • #7
              Download & run deze tool SafeBootKeyRepair.exe: http://www.techsupportforum.com/sect...tKeyRepair.exe
              Wanneer de tool klaar is, post je de inhoud van het bestand C:\SafeBoot_Repair.txt
              • Citaat

              Comment

              • #8
                Reg export of SafeBoot key after repair:
                ========================

                Windows Registry Editor Version 5.00

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]
                "AlternateShell"="cmd.exe"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AVG Anti-Spyware Driver]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AVG Anti-Spyware Guard]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys]
                @="FSFilter System Recovery"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vds]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinDefend]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
                @="Universal Serial Bus controllers"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
                @="CD-ROM Drive"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
                @="DiskDrive"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
                @="Standard floppy disk controller"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
                @="Hdc"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
                @="Keyboard"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
                @="Mouse"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
                @="PCMCIA Adapters"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
                @="SCSIAdapter"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
                @="System"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
                @="Floppy disk drive"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
                @="Volume shadow copy"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
                @="Volume"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
                @="Human Interface Devices"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network]

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AVG Anti-Spyware Driver]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AVG Anti-Spyware Guard]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sharedaccess]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys]
                @="FSFilter System Recovery"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI]
                @="Driver Group"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\UploadMgr]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys]
                @="Driver"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinDefend]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WZCSVC]
                @="Service"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
                @="Universal Serial Bus controllers"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
                @="CD-ROM Drive"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
                @="DiskDrive"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
                @="Standard floppy disk controller"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
                @="Hdc"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
                @="Keyboard"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
                @="Mouse"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
                @="Net"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
                @="NetClient"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
                @="NetService"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
                @="NetTrans"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
                @="PCMCIA Adapters"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
                @="SCSIAdapter"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
                @="System"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
                @="Floppy disk drive"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
                @="Volume"

                [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
                @="Human Interface Devices"

                ========================

                HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver
                HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard
                • Citaat

                Comment

                • #9
                  Dat ziet er wel goed uit.
                  • Citaat

                  Comment

                  • #10
                    In ieder geval erg bedankt. Uit je commentaar blijkt dat dat alles naar behoren functioneert. Toch kan ik mijn pc niet opstarten in veilige modus, ook schijfopruiming blijft hangen. Heb je nog suggesties?

                    Willem.
                    • Citaat

                    Comment

                    • #11
                      Je logjes zijn OK, je probleem lijkt niet malwaregerelateerd te zijn.
                      We hebben op dit forum een speciale sectie waar niet-malwaregerelateerde problemen behandeld worden.
                      Ik wil je daar eigenlijk naar toe verwijzen om daar een nieuw topic voor je probleem te openen:
                      Nucia Security Forums
                      http://www.nucia.eu/forum/forumdisplay.php?f=15


                      Misschien dat daar nog iemand een oplossing weet
                      • Citaat

                      Comment

                      Vorige template Volgende
                      Sorry, you are not authorized to view this page
                      Working...
                      X