Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Jos H
Hoi Ben
Zou het in dit geval niet beter zijn om eerst de aanwezige partities te verwijderen en daarna een nieuwe aanmaken waarop windows 7 geinstalleerd kan worden
Ik heb win 7 zoals de link die je stuurde geinstalleerd maar ik heb nog steeds de zelfde problemen.
Geen enkele virusscanner kan deze virus vinden.
ik heb ook met Anti vir via een CD gescand en niets gevonden maar deze zegd wel dat er 15 ( Bad archive headers zijn.)
Alles wat ik installeer maakt die virus iets anders van.
Als ik met register Mechanic scan vind deze meer dan 1000 register problemen.
Als ik iets wil invoeren op een register side schud mijn beeldscherm en loopt het vast.
Ik heb Sp1 en alle andere updates geinstalleerd.
Alle verouderde drives heb ik vervangen, nog is dat probleem er.
Ok ik hoor van je wat het vervolg traject is.
Hallo Snowi,
Download aswMBR.exe en plaats het op je bureaublad.
• Dubbelklik op "aswMBR.exe" om de tool te starten.
Vista en Windows 7 gebruikers: Reschtsklik -> uitvoeren als Administrator.
• Klik bij het volgende venster op "Nee"
Klik op de knop "scan"
Als de scan gereed is klikt je op de knop "save log"
Plaats dit log bestand in het volgende bericht.
Ben
Je zal merken dat ik een partitie hebt geformatteerd naar fat 32 maar dit heb ik bewust gedaan omdat er van alles in ging wat verborgen was en ik er niet in kon komen.
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-14 13:45:52
—————————–
13:45:52.945 OS Version: Windows 6.1.7601 Service Pack 1
13:45:52.945 Number of processors: 2 586 0xF0D
13:45:52.947 ComputerName: JOYCE-PC UserName: Joyce
13:45:55.817 Initialize success
13:46:23.953 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:46:23.958 Disk 0 Vendor: TOSHIBA_MK1652GSX LV010M Size: 152627MB BusType: 11
13:46:23.982 Disk 0 MBR read successfully
13:46:23.988 Disk 0 MBR scan
13:46:23.994 Disk 0 Windows 7 default MBR code
13:46:24.008 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149500 MB offset 2048
13:46:24.047 Disk 0 Partition 2 00 0C FAT32 LBA MSDOS5.0 3124 MB offset 306178048
13:46:24.055 Disk 0 scanning sectors +312576000
13:46:24.098 Disk 0 scanning C:\Windows\system32\drivers
13:46:32.050 Service scanning
13:47:00.542 Modules scanning
13:47:19.487 Disk 0 trace - called modules:
13:47:19.510 ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
13:47:19.515 1 nt!IofCallDriver -> \Device\Harddisk0\DR0
13:47:19.863 3 CLASSPNP.SYS -> nt!IofCallDriver ->
13:47:19.877 5 PCTCore.sys -> nt!IofCallDriver ->
13:47:19.889 7 ACPI.sys -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0
13:47:19.899 Scan finished successfully
13:47:49.251 Disk 0 MBR has been saved successfully to “C:\Users\Joyce\Desktop\MBR.dat”
13:47:49.288 The log file has been saved successfully to “C:\Users\Joyce\Desktop\aswMBR.txt”
Hallo Snowi,
Download ComboFix van >>Hier<<, tevens kunt u daar lezen hoe u Combofix dient te gebruiken.
* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
1. Bij Windows XP gebruikers zal er indien nodig gevraagd worden om de "Recovery Console" te installeren, sta dit dan toe (hiervoor is een actieve internet verbinding vereist)
2. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.
* ( hier of hier staat een handleiding over hoe je deze kan uitschakelen)
3. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
4. Dubbelklik op "Combofix.exe" om de tool te starten.
5. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de ‘tool’ vastlopen.
* Noot !!! Als er een error wordt getoond met de melding “Illegal operation attempted on a registery key that has been marked for deletion.” herstart dan de computer.
6. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
Samen met een nieuw HijackThis logje.
Ben
ComboFix 12-03-13.01 - Joyce 14-03-2012 14:35:19.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2940.1922
Gestart vanuit: c:\users\Joyce\Downloads\ComboFix.exe
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\WPRO_41_2001woem.tmp
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-14 to 2012-03-14 ))))))))))))))))))))))))))))))
.
.
2012-03-14 12:08 . 2012-03-14 13:46 35088 —-a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2012-03-14 12:08 . 2012-03-14 12:08 ——– d—–w- c:\programdata\Paessler
2012-03-14 12:08 . 2012-03-14 12:08 ——– d—–w- C:\usr
2012-03-14 12:06 . 2012-03-14 12:08 ——– d—–w- c:\program files\PRTG Network Monitor
2012-03-14 10:34 . 2012-03-14 10:34 ——– d—–w- c:\program files\Intel
2012-03-14 10:32 . 2011-02-19 06:30 805376 —-a-w- c:\windows\system32\FntCache.dll
2012-03-14 10:32 . 2011-02-19 06:30 739840 —-a-w- c:\windows\system32\d2d1.dll
2012-03-14 10:26 . 2012-03-14 10:26 ——– d—–w- c:\windows\system32\Wat
2012-03-14 08:39 . 2012-03-14 07:41 ——– d—–w- C:\bd_logs
2012-03-14 07:24 . 2012-03-14 08:31 ——– d—a-w- C:\Kaspersky Rescue Disk 10.0
2012-03-14 03:12 . 2012-03-14 10:57 ——– d—–w- c:\windows\Panther
2012-03-14 02:17 . 2012-03-13 22:24 ——– d—–w- C:\Boot
2012-03-14 01:33 . 2012-03-13 18:30 ——– d—–w- C:\Recovery
2012-03-13 22:47 . 2012-03-13 22:47 505232 —-a-w- c:\windows\system32\ipcoin80.dll
2012-03-13 22:46 . 2012-03-13 22:46 505744 —-a-w- c:\windows\system32\itpcoin80.dll
2012-03-13 22:39 . 2012-03-13 22:39 ——– d—–w- c:\program files\Synaptics
2012-03-13 22:38 . 2012-03-13 22:38 1461992 —-a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-03-13 22:38 . 2012-03-13 22:38 120104 —-a-w- c:\windows\system32\SynTPCo9.dll
2012-03-13 22:36 . 2012-03-13 22:36 ——– d—–w- C:\Intel
2012-03-13 22:35 . 2012-03-13 22:35 81920 —-a-w- c:\windows\system32\igfxCoIn_v2182.dll
2012-03-13 22:35 . 2012-03-13 22:35 982240 —-a-w- c:\windows\system32\igkrng500.bin
2012-03-13 22:35 . 2012-03-13 22:35 92356 —-a-w- c:\windows\system32\igfcg500m.bin
2012-03-13 22:35 . 2012-03-13 22:35 439308 —-a-w- c:\windows\system32\igcompkrng500.bin
2012-03-13 22:35 . 2011-02-11 17:41 57856 —-a-w- c:\windows\system32\igfxsrvc.dll
2012-03-13 22:35 . 2012-03-13 22:35 452440 —-a-w- c:\windows\system32\d3dx10_40.dll
2012-03-13 22:34 . 2011-06-10 05:34 100896 —-a-w- c:\windows\system32\RTNUninst32.dll
2012-03-13 22:30 . 2012-01-25 05:32 58880 —-a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 22:30 . 2012-01-25 05:32 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 22:29 . 2012-03-13 22:29 ——– d—–w- c:\programdata\Uniblue
2012-03-13 22:11 . 2012-03-14 10:26 ——– d—–w- c:\program files\Uniblue
2012-03-13 22:11 . 2012-03-13 22:11 ——– dc-h–w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-13 21:58 . 2012-03-13 21:58 ——– d—–w- c:\windows\system32\SPReview
2012-03-13 21:53 . 2012-03-13 21:54 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2012-03-13 21:53 . 2012-03-13 21:53 ——– d—–w- c:\programdata\Malwarebytes
2012-03-13 21:53 . 2011-12-10 14:24 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-03-13 21:40 . 2011-10-25 12:44 512472 —-a-w- c:\windows\system32\msxml.dll
2012-03-13 21:40 . 2011-10-25 12:44 37336 —-a-w- c:\windows\system32\CleanMFT32.exe
2012-03-13 21:40 . 2008-09-17 21:17 658432 —-a-w- c:\windows\system32\MSCOMCT2.OCX
2012-03-13 21:40 . 2008-04-02 15:54 1101824 —-a-w- c:\windows\system32\UniBox210.ocx
2012-03-13 21:40 . 2008-04-02 15:53 212992 —-a-w- c:\windows\system32\UniBoxVB12.ocx
2012-03-13 21:40 . 2008-04-02 15:53 880640 —-a-w- c:\windows\system32\UniBox10.ocx
2012-03-13 21:40 . 2004-03-09 00:00 1081616 —-a-w- c:\windows\system32\MSCOMCTL.OCX
2012-03-13 21:40 . 2012-03-14 13:25 ——– d—–w- c:\program files\PC Tools Registry Mechanic
2012-03-13 21:40 . 2012-03-14 10:59 ——– d—–w- c:\program files\Common Files\PC Tools
2012-03-13 20:37 . 2010-11-20 03:36 46080 —-a-w- c:\windows\system32\NAPCRYPT.DLL
2012-03-13 20:34 . 2012-03-13 20:34 ——– d—–w- c:\windows\system32\EventProviders
2012-03-13 19:53 . 2010-02-11 07:10 293376 —-a-w- c:\windows\system32\browserchoice.exe
2012-03-13 19:48 . 2011-11-19 14:50 3968368 —-a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-13 19:48 . 2011-11-19 14:50 3913584 —-a-w- c:\windows\system32\ntoskrnl.exe
2012-03-13 19:47 . 2011-02-23 04:47 69632 —-a-w- c:\windows\system32\drivers\bowser.sys
2012-03-13 19:45 . 2012-02-03 03:54 2343424 —-a-w- c:\windows\system32\win32k.sys
2012-03-13 19:44 . 2011-10-01 04:37 708608 —-a-w- c:\program files\Common Files\System\wab32.dll
2012-03-13 19:43 . 2011-04-22 19:14 27008 —-a-w- c:\windows\system32\drivers\Diskdump.sys
2012-03-13 19:43 . 2011-12-16 07:52 690688 —-a-w- c:\windows\system32\msvcrt.dll
2012-03-13 19:43 . 2011-06-15 08:55 86016 —-a-w- c:\windows\system32\odbccu32.dll
2012-03-13 19:43 . 2011-06-15 08:55 81920 —-a-w- c:\windows\system32\odbccr32.dll
2012-03-13 19:43 . 2011-06-15 08:55 319488 —-a-w- c:\windows\system32\odbcjt32.dll
2012-03-13 19:43 . 2011-06-15 08:55 163840 —-a-w- c:\windows\system32\odbctrac.dll
2012-03-13 19:43 . 2011-06-15 08:55 122880 —-a-w- c:\windows\system32\odbccp32.dll
2012-03-13 19:43 . 2011-06-15 08:54 94208 —-a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2012-03-13 19:43 . 2011-04-09 05:56 123904 —-a-w- c:\windows\system32\poqexec.exe
2012-03-13 19:43 . 2012-01-04 08:58 442880 —-a-w- c:\windows\system32\ntshrui.dll
2012-03-13 19:30 . 2012-03-13 19:30 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-13 19:30 . 2012-03-13 19:30 ——– d—–w- c:\windows\system32\Macromed
2012-03-13 19:21 . 2011-02-03 05:54 219008 —-a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-03-13 19:21 . 2010-11-20 12:29 728448 —-a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-13 19:21 . 2010-11-20 11:56 107520 —-a-w- c:\windows\system32\cdd.dll
2012-03-13 19:10 . 2012-03-13 19:10 14664 —-a-w- c:\windows\stinger.sys
2012-03-13 19:09 . 2012-03-13 19:18 ——– d—–w- c:\program files\stinger
2012-03-13 18:58 . 2012-03-13 18:58 ——– d—–w- c:\program files\CCleaner
2012-03-13 18:57 . 2012-03-13 19:31 ——– d—–w- c:\program files\Google
2012-03-13 18:40 . 2012-03-13 18:40 ——– d–h–w- c:\programdata\Common Files
2012-03-13 18:38 . 2012-03-14 10:53 ——– d—–w- c:\programdata\AVG2012
2012-03-13 18:38 . 2012-03-14 10:51 ——– d—–w- c:\windows\system32\drivers\AVG
2012-03-13 18:38 . 2012-03-13 18:38 ——– d—–w- c:\program files\AVG
2012-03-13 18:36 . 2012-01-25 05:27 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 18:36 . 2012-02-17 05:34 826880 —-a-w- c:\windows\system32\rdpcore.dll
2012-03-13 18:36 . 2012-02-17 04:14 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 18:36 . 2012-02-17 04:13 24576 —-a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-13 18:36 . 2010-11-20 10:21 18432 —-a-w- c:\windows\system32\drivers\tdpipe.sys
2012-03-13 18:35 . 2012-03-14 10:52 ——– d-sh–w- c:\windows\Installer
2012-03-13 18:35 . 2012-03-14 10:52 ——– d—–w- c:\programdata\MFAData
2012-03-13 18:33 . 2012-03-14 11:08 ——– d—–w- c:\windows\system32\wbem\Performance
2012-03-13 18:30 . 2012-03-14 09:48 ——– d—–w- c:\users\Joyce
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\programdata\Sjablonen
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\users\Default\Sjablonen
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\users\Default\Netwerkprinteromgeving
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\users\Default\Mijn documenten
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\users\Default\Menu Start
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\users\Default\AppData\Local\Geschiedenis
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\programdata\Menu Start
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\programdata\Favorieten
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\programdata\Documenten
2012-03-13 18:30 . 2012-03-13 18:30 ——– d-sh–we c:\programdata\Bureaublad
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-13 21:50 . 2009-07-14 02:05 152576 —-a-w- c:\windows\system32\msclmd.dll
2012-02-16 15:12 . 2012-03-13 20:50 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“RegistryBooster”=“c:\program files\Uniblue\RegistryBooster\launcher.exe”
“swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
.
“PCTools FGuard”=“c:\program files\PC Tools Security\BDT\FGuard.exe”
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
“aux”=wdmaud.drv
.
@=“Service”
.
@=“Service”
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
.
2011-02-11 18:26 171032 —-a-w- c:\windows\System32\hkcmd.exe
.
2011-02-11 18:26 137752 —-a-w- c:\windows\System32\igfxtray.exe
.
2012-01-13 13:53 460872 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
2011-02-11 18:26 172568 —-a-w- c:\windows\System32\igfxpers.exe
.
2012-03-02 15:22 67968 —-a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe
.
2010-11-20 03:17 1174016 —-a-w- c:\program files\Windows Sidebar\sidebar.exe
.
2011-10-25 12:44 103896 —-a-w- c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
.
2012-03-13 18:58 39408 —-a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
2008-08-14 09:40 1348904 —-a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R4 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys
R4 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg.sys
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe
S2 PRTGCoreService;PRTG Core Server Service;c:\program files\PRTG Network Monitor\PRTG Server.exe
S2 PRTGProbeService;PRTG Probe Service;c:\program files\PRTG Network Monitor\PRTG Probe.exe
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys
.
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2012-03-14 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe
.
2012-03-13 c:\windows\Tasks\RMSchedule.job
- c:\program files\PC Tools Registry Mechanic\RegMech.exe
.
.
——- Bijkomende Scan ——-
.
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: DhcpNameServer = 212.54.40.25 212.54.35.25
FF - ProfilePath - c:\users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\w51mhqfe.default\
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
“MSCurrentCountry”=dword:000000b5
.
@Denied: (Full) (Everyone)
.
———————— Andere Aktieve Processen ————————
.
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\wbem\WmiApSrv.exe
.
**************************************************************************
.
Voltooingstijd: 2012-03-14 14:51:13 - machine werd herstart
ComboFix-quarantined-files.txt 2012-03-14 13:51
.
Pre-Run: 132.468.150.272 bytes beschikbaar
Post-Run: 132.138.409.984 bytes beschikbaar
.
- - End Of File - - 151A675E5C2647486406AEAEBD82F05F
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:55:35, on 14-3-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\ComboFix\PEV.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Trend Micro\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKCU\..\Run: “C:\Program Files\Uniblue\RegistryBooster\launcher.exe” delay 20000
O4 - HKCU\..\Run: “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O11 - Options group: Accelerated graphics
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PRTG Core Server Service (PRTGCoreService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Server.exe
O23 - Service: PRTG Probe Service (PRTGProbeService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Probe.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
–
End of file - 3814 bytes
Hallo Snowi,
Je schrijft dat je een hele schone instal heb gedaan.
Heb je toen ook je aanwezige partitie’s verwijderd en nieuwe aangemaakt?
Welke virusscanner gebruik je nou:
Spyware Doctor with AntiVirus
AVG2012
Heb je ze allebei gebruikt na de schone herinstal?
En waarom gebruik je al die register en clean programma’s al terwijl we nog aan het zoeken zijn?
En hoe is het nou met je probleem?
Mag ik antwoord op deze vragen.
Gr. Ben
