Mededeling

Collapse
No announcement yet.

is geen geldige Win32-toepassing

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • is geen geldige Win32-toepassing

    Beste, Ik kan geen enkele beveiliging meer openen of krijg bovenstaande vermelding. Kan ook niet meer in beveildigde modus. Zelf opnieuw opstarten en recovery cd opstarten lukt niet. Ik hoop dat jullie mij kunnen helpen. Thx. Hieronder het log:

    Deckard's System Scanner v20071014.68
    Run by Van Mellaert Luc on 2008-04-29 00:24:16
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    Total Physical Memory: 511 MiB (512 MiB recommended).


    -- HijackThis Clone ------------------------------------------------------------


    Emulating logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2008-04-29 00:25:08
    Platform: Windows XP Service Pack 2 (5.01.2600)
    MSIE: Internet Explorer (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\system32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Van Mellaert Luc\Bureaublad\dss.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = http://www.microsoft.com/Msoffice/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Save Flash In This Page by Flash Saver - C:\PROGRA~1\FLASHS~1\save.htm
    O8 - Extra context menu item: Formulieren opslaan - file://C:\Program Files\Siber Systems luc\RoboFormComSavePass.html
    O8 - Extra context menu item: Invul Formulieren - file://C:\Program Files\Siber Systems luc\RoboFormComFillForms.html
    O8 - Extra context menu item: Menu aanpassen - file://C:\Program Files\Siber Systems luc\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: RoboForm Werkbalk - file://C:\Program Files\Siber Systems luc\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
    O15 - Trusted Zone: *.musicmatch.com (HKCU)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1208735265709
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
    O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
    O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
    O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
    O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
    O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\system32\Ati2evxx.dll
    O20 - Winlogon Notify: crypt32chain - C:\WINDOWS\system32\crypt32.dll
    O20 - Winlogon Notify: cryptnet - C:\WINDOWS\system32\cryptnet.dll
    O20 - Winlogon Notify: cscdll - C:\WINDOWS\system32\cscdll.dll
    O20 - Winlogon Notify: ScCertProp - C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: Schedule - C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: SensLogn - C:\WINDOWS\system32\WlNotify.dll
    O20 - Winlogon Notify: termsrv - C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: wlballoon - C:\WINDOWS\system32\wlnotify.dll
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
    O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
    O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
    O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\Program Files\Common Files\X10\Common\X10nets.exe


    --
    End of file - 8075 bytes

    -- Files created between 2008-03-29 and 2008-04-29 -----------------------------

    2008-04-28 23:34:17 0 d-------- C:\Program Files\Spyware Doctor
    2008-04-28 22:23:51 15101952 --a------ C:\Documents and Settings\Van Mellaert Luc\ntuser.dat
    2008-04-28 20:20:50 0 d-------- C:\verwijder
    2008-04-22 22:55:30 0 d-------- C:\7ee32dcf7b459345f3faae643a2525
    2008-04-22 22:41:47 0 d-------- C:\791f5fbbc98a3e57fa17
    2008-04-21 01:47:41 0 d---s---- C:\Documents and Settings\Administrator\UserData
    2008-04-21 01:40:09 1612 --a------ C:\WINDOWS\system32\tmp.reg
    2008-04-21 01:07:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
    2008-04-21 01:04:39 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
    2008-04-15 23:05:31 0 d-------- C:\ka
    2008-04-15 22:38:55 0 d-------- C:\WINDOWS\Prefetch
    2008-04-15 22:38:54 0 d-------- C:\Documents and Settings\Van Mellaert Luc\Onlangs geopend
    2008-04-15 22:37:30 0 d-------- C:\WINDOWS\system32\CatRoot2
    2008-04-15 22:37:03 0 d-------- C:\WINDOWS\SoftwareDistribution
    2008-04-15 22:37:03 0 d--h----- C:\Program Files\WindowsUpdate
    2008-04-15 21:44:21 55596 --a------ C:\WINDOWS\system32\AnalFTP2.exe
    2008-04-15 01:31:38 0 d-------- C:\Documents and Settings\Van Mellaert Luc\.housecall6.6
    2008-04-15 01:22:30 1160 --a------ C:\WINDOWS\mozver.dat
    2008-04-15 01:01:42 29630 --a------ C:\WINDOWS\system32\COMMAND.COm
    2008-04-14 13:06:12 0 d-------- C:\WINDOWS\msapps
    2008-04-14 13:03:47 0 --a------ C:\WINDOWS\nsreg.dat
    2008-04-14 12:55:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
    2008-04-14 11:58:24 87424 --a------ C:\WINDOWS\system32\drivers\irda.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 11:56:01 28160 --a------ C:\WINDOWS\system32\irmon.dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-04-14 11:56:00 8192 --a------ C:\WINDOWS\system32\wshirda.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 11:56:00 154112 --a------ C:\WINDOWS\system32\irftp.exe <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-04-14 11:51:44 19584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-04-14 11:47:42 24661 --a------ C:\WINDOWS\system32\spxcoins.dll <Not Verified; Perle Systems Ltd.; Specialix Multi-port Serial Device Class CoInstaller>
    2008-04-14 11:47:42 13312 --a------ C:\WINDOWS\system32\irclass.dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-04-09 23:09:07 0 d-------- C:\Program Files\CCleaner
    2008-04-09 22:18:29 399360 --a------ C:\WINDOWS\system32\CF21413.exe <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-04-09 22:17:17 399360 --a------ C:\WINDOWS\system32\CF21178.exe <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-04-09 20:57:27 0 d-------- C:\fsaua.data
    2008-04-07 20:44:51 0 d-------- C:\WINDOWS\system32\drivers\downld
    2008-04-06 22:22:22 86016 --a------ C:\WINDOWS\system32\custmon32.dll
    2008-04-06 17:50:49 28160 --a------ C:\WINDOWS\system32\sspdfpmd.dll <Not Verified; ; SmartSoft PDF Printer (demo)>
    2008-04-06 17:50:37 0 d-------- C:\Program Files\Smart PDF Converter Pro


    -- Find3M Report ---------------------------------------------------------------

    2008-04-29 00:08:47 467364 --a----c- C:\WINDOWS\system32\perfh013.dat
    2008-04-29 00:08:47 83188 --a----c- C:\WINDOWS\system32\perfc013.dat
    2008-04-28 20:38:54 0 d-------- C:\Program Files\CA
    2008-04-15 22:05:39 0 d-------- C:\Program Files\Siber Systems luc
    2008-04-15 01:22:34 0 d-------- C:\Documents and Settings\Van Mellaert Luc\Application Data\Adobe
    2008-04-14 13:03:43 0 d-------- C:\Documents and Settings\Van Mellaert Luc\Application Data\Mozilla
    2008-04-14 12:00:44 23600 --a----c- C:\WINDOWS\system32\emptyregdb.dat
    2008-04-07 20:38:05 0 d-------- C:\Program Files\eMule
    2008-04-07 20:24:32 66658 --a------ C:\Documents and Settings\Van Mellaert Luc\Application Data\wklnhst.dat
    2008-04-06 22:24:00 113816 --a----c- C:\Documents and Settings\Van Mellaert Luc\Application Data\GDIPFONTCACHEV1.DAT
    2008-04-06 22:21:54 0 d-------- C:\Program Files\SmartDraw 2007
    2008-03-09 13:17:42 0 d-------- C:\Program Files\FotoSketcher 1.3


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [21/12/2004 22:05]
    "@"=""
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 02:11]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"=0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "disableregistrytools"=0 (0x0)

    SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
    @="Driver Group"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
    @="DiskDrive"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
    @="Hdc"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
    @="Keyboard"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
    @="Mouse"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
    @="System"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
    @="Volume"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs BthServ




    -- End of Deckard's System Scanner: finished at 2008-04-29 00:28:58 ------------

  • #2
    Ga naar deze pagina: http://www.zonavirus.com/datos/desca...5/elibagla.asp
    Helemaal onderaan klik je op de knop "Descargar ELIBAGLA 11.31"
    Plaats dit bestand (EliBaglA.exe) op je bureaublad.
    Dubbelklik erop om het programma te starten.
    Controleer of naast Unidad dit staat: C:\
    Onderaan moet je zorgen dat "Eliminar Ficheros Automaticamente" aangevinkt is.
    Klik nu op de knop "Explorar" om de tool te laten scannen.

    Post de inhoud van het bestandje C:\InfoSat.txt
    Vervolgens klik je op de knop "Salir" om het programma af te sluiten.

    Comment

    Sorry, you are not authorized to view this page
    Working...
    X