|
RegSvr32 - wat is dit?
|
|
27-05-2009, 20:28
Bericht: #1
|
|||
|
|||
|
RegSvr32 - wat is dit?
Hoi,
ik krijg de laatste tijd, o.a. bij het opstarten van de internet browser het volgende bericht. Ik kan er niks mee dan op Ok duwen, wat is dit? ![[Afbeelding: regsvr32.png]](http://img507.imageshack.us/my.php?image=regsvr32.png) Bij voorbaat dank, Frans |
|||
|
|
28-05-2009, 17:06
Bericht: #2
|
|||
|
|||
| RE: RegSvr32 - wat is dit? | |||
|
|
|
30-05-2009, 18:34
Bericht: #3
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Mooi wat daar allemaal staat, maar het boeit me niet en ik snap het niet.
Wat ik wil is van die voortdurende pop-up verlost worden. Dus de vraag is natuurlijk: wat moet ik doen? Frans |
|||
|
|
|
31-05-2009, 15:22
Bericht: #4
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Aan een van de forum-medewerkers is gevraagd om naar je probleem te kijken. Je zult spoedig bericht ontvangen.
Greetings, Captain Kirk  Antispywarescanners - Antivirus scanners - Online scanners - Preventie - Mijn computer is traag - Spyware: Hoe kom ik er vanaf
Hebben we je geholpen? Uw bijdrage wordt op prijs gesteld om Mivercon het gevecht tegen malware te laten voortzetten. Follow me on Twitter |
|||
|
|
|
31-05-2009, 15:47
(Dit bericht is het laatst bewerkt op 31-05-2009 om 15:47 door Marckie.)
Bericht: #5
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Geef even aan wanneer je dit soort meldingen krijgt?
Enkel bij IE of ook op andere momenten? Welk besturingssysteem gebruik je? Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
10-06-2009, 18:10
Bericht: #6
|
|||
|
|||
| RE: RegSvr32 - wat is dit? | |||
|
|
|
10-06-2009, 18:12
Bericht: #7
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Telkens als ik opstart en als ik IE opstart. Soms weer bij het opstarten van een neiuwe webpagina.
Ik heb Windows XP. Frans |
|||
|
|
|
10-06-2009, 18:17
Bericht: #8
|
|||
|
|||
RE: RegSvr32 - wat is dit?
(10-06-2009 18:12)frans schreef: Telkens als ik opstart en als ik IE opstart. Soms weer bij het opstarten van een neiuwe webpagina. Maak even een hijackthislog en post deze. Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
|
12-06-2009, 11:34
Bericht: #9
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Komt ie:
Hijackthis schreef:Logfile of Trend Micro HijackThis v2.0.2 |
|||
|
|
|
12-06-2009, 15:52
Bericht: #10
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Sluit alle open vensters.
Start HijackThis nog een keer en plaats een vinkje bij de volgende items: O4 - HKCU\..\Run: [swg] D:\WINDOWS\system32\regsvr32.exe Klik daarna op "Fix checked" en sluit HijackThis af. Herstart de computer. Start HijackThis opnieuw, maak een nieuwe log en post deze. Meldt of er nog problemen zijn. Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
|
12-06-2009, 18:35
Bericht: #11
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:40, on 12-6-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe D:\Program Files\Google\Update\GoogleUpdate.exe D:\Program Files\Java\jre6\bin\jusched.exe D:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe D:\Program Files\iTunes\iTunesHelper.exe D:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Sony\VAIO Action Setup\VAServ.exe D:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe D:\Program Files\Bonjour\mDNSResponder.exe D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\WINDOWS\system32\PnkBstrA.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe D:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe D:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE D:\Program Files\Trend Micro\HijackThis\HijackThis.exe D:\Program Files\iPod\bin\iPodService.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [AppleSyncNotifier] D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SiSUSBRG] D:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: VAIO Action Setup (Server).lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O15 - Trusted Zone: http://www.startpagina.nl O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...b56907.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updateservice (gupdate1c98e0c7bc58024) (gupdate1c98e0c7bc58024) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 8289 bytes |
|||
|
|
|
12-06-2009, 18:41
Bericht: #12
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Zijn er nog problemen nu?
Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
|
12-06-2009, 19:32
Bericht: #13
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Volgens mij komt de pop up minder vaak, maar helaas nog niet helemaal verdwenen.
Frans |
|||
|
|
|
12-06-2009, 19:34
(Dit bericht is het laatst bewerkt op 12-06-2009 om 19:34 door Marckie.)
Bericht: #14
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Geef even aan wanneer je de melding nog krijgt Frans.
Download reglooks.exe Plaats het op je bureaublad. Dubbelklik op reglooks.exe. Doe verder niets en wacht tot er een logfile opent. Post de inhoud van deze logfile. Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
|
15-06-2009, 18:27
Bericht: #15
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Beste Marckie,
Het probleem blijft zich voordoen bij het opstarten van IE en ook bij het openen van nieuwe websites, maar ook ongeregeld. Alleen wat minder vaak dan voorheen, maar nog wel geregeld en dus hinderlijk. FranREGLOOKS logfile - version 0.981 Scan started: ma 15-06-2009 18:24:46,14 --- INFORMATION --- Operating System: Microsoft Windows XP Professional - version 5.1.2600 - Service Pack 3 Bootmode: Normal boot User: Frans (Administrator account) Total RAM: 511 MB (free 202 MB - 39%) Internet Explorer Version: 7.0.5730.13 Antivirus Program: Avira AntiVir PersonalEdition 8.0.1.30 [Enabled - Updated] --- SIGCHECK --- D:\WINDOWS\explorer.exe -- sigcheck OK D:\WINDOWS\system32\ctfmon.exe -- sigcheck OK D:\WINDOWS\system32\lsass.exe -- sigcheck OK D:\WINDOWS\system32\ntkrnlpa.exe -- sigcheck OK D:\WINDOWS\system32\ntoskrnl.exe -- sigcheck OK D:\WINDOWS\system32\services.exe -- sigcheck OK D:\WINDOWS\system32\sfcfiles.dll -- sigcheck OK D:\WINDOWS\system32\spoolsv.exe -- sigcheck OK D:\WINDOWS\system32\svchost.exe -- sigcheck OK D:\WINDOWS\system32\termsrv.dll -- sigcheck OK D:\WINDOWS\system32\user32.dll -- sigcheck OK D:\WINDOWS\system32\userinit.exe -- sigcheck OK D:\WINDOWS\system32\wininet.dll -- sigcheck OK D:\WINDOWS\system32\winlogon.exe -- sigcheck OK D:\WINDOWS\system32\ws2_32.dll -- sigcheck OK D:\WINDOWS\system32\wuauclt.exe -- sigcheck OK D:\WINDOWS\system32\drivers\ip6fw.sys -- sigcheck OK D:\WINDOWS\system32\drivers\ndis.sys -- sigcheck OK D:\WINDOWS\system32\drivers\tcpip.sys -- sigcheck OK --- SSODL regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?] "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" -- File: %SystemRoot%\system32\SHELL32.dll -- [?] "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" -- File: D:\WINDOWS\system32\webcheck.dll -- [233472] -- [29-04-2009 06:49] "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" -- File: D:\WINDOWS\System32\stobject.dll -- [122368] -- [14-04-2008 19:02] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" -- File: D:\WINDOWS\system32\WPDShServiceObj.dll -- [133632] -- [18-10-2006 21:47] --- STS regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui" -- File: %SystemRoot%\System32\browseui.dll -- [?] "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën" -- File: %SystemRoot%\System32\browseui.dll -- [?] --- USERINIT regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="D:\\WINDOWS\\system32\\userinit.exe," File: D:\WINDOWS\system32\userinit.exe -- [26112] -- [14-04-2008 19:03] --- SHELL regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="Explorer.exe" File: D:\WINDOWS\Explorer.exe -- [1037312] -- [14-04-2008 19:02] --- SYSTEM regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" --- APPINIT_DLLS regkey --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" --- NOTIFY regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] -- File: D:\WINDOWS\system32\crypt32.dll -- [602624] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] -- File: D:\WINDOWS\system32\cryptnet.dll -- [64512] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] -- File: D:\WINDOWS\system32\cscdll.dll -- [102400] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] -- File: %SystemRoot%\System32\dimsntfy.dll -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] -- File: D:\WINDOWS\system32\wlnotify.dll -- [93696] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] -- File: D:\WINDOWS\system32\wlnotify.dll -- [93696] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] -- File: D:\WINDOWS\system32\sclgntfy.dll -- [21504] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] -- File: D:\WINDOWS\system32\WlNotify.dll -- [93696] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] -- File: D:\WINDOWS\system32\wlnotify.dll -- [93696] -- [14-04-2008 19:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] -- File: D:\WINDOWS\system32\WgaLogon.dll -- [265096] -- [10-03-2009 22:18] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] -- File: D:\WINDOWS\system32\wlnotify.dll -- [93696] -- [14-04-2008 19:02] --- RUN / LOAD regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] "load"="" --- SHELLEXECUTEHOOKS regkey --- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" -- File: shell32.dll -- [?] --- HKLM AUTORUN regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor] "AutoRun"="" --- HKCU AUTORUN regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Command Processor] no AutoRun regkey found --- HKLM\RUN regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AppleSyncNotifier" -- File D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe -- [177472] -- [06-02-2009 17:27] "SunJavaUpdateSched" -- File "D:\Program Files\Java\jre6\bin\jusched.exe" -- [136600] -- [23-12-2008 01:01] "avgnt" -- File: "D:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min -- [?] "Adobe Reader Speed Launcher" -- File "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" -- [35696] -- [27-02-2009 18:10] "iTunesHelper" -- File "D:\Program Files\iTunes\iTunesHelper.exe" -- [342312] -- [02-04-2009 16:11] "QuickTime Task" -- File: "D:\Program Files\QuickTime\qttask.exe" -atboottime -- [?] "TkBellExe" -- File: "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot -- [?] "SiSUSBRG" -- File D:\WINDOWS\SiSUSBrg.exe -- [102400] -- [26-04-2002 17:17] --- HKLM\RUNONCE regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] no runonce values found --- HKLM\RUNONCEEX regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] no runonceex values found --- HKLM\RUNSERVICES regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] no runservices values found --- HKLM\RUNSERVICESONCE regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] no runservicesonce values found --- HKCU\RUN regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer" -- File: D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [?] "TomTomHOME.exe" -- File "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -- [251240] -- [08-04-2009 12:38] "ctfmon.exe" -- File D:\WINDOWS\system32\ctfmon.exe -- [15360] -- [14-04-2008 19:02] --- HKCU\RUNONCE regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] no runonce values found --- HKCU\RUNONCEEX regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] key not found --- HKCU\RUNSERVICES regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] no runservices values found --- HKCU\RUNSERVICESONCE regkey --- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] no runservicesonce values found --- HKU\.DEFAULT\Run regkeys - Default user --- [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File D:\WINDOWS\System32\CTFMON.EXE -- [15360] -- [14-04-2008 19:02] --- HKU\S-1-5-18\Run regkeys - user SYSTEM --- [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File D:\WINDOWS\System32\CTFMON.EXE -- [15360] -- [14-04-2008 19:02] --- HKU\S-1-5-19\Run regkeys - User Lokale service --- [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File D:\WINDOWS\System32\CTFMON.EXE -- [15360] -- [14-04-2008 19:02] --- HKU\S-1-5-20\Run regkeys - User Lokale service --- [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE" -- File D:\WINDOWS\System32\CTFMON.EXE -- [15360] -- [14-04-2008 19:02] --- HKLM\Explorer\Run regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] key not found --- HKCU\Explorer\Run regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] key not found --- Image File Execution regkeys --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] no debuggers found --- BROWSER HELPER OBJECTS regkeys --- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] -- File: D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll -- [61816] -- [27-02-2009 13:07] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] -- File: D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll -- [75128] -- [27-02-2009 13:07] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] -- File: C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll -- [308832] -- [03-10-2008 17:12] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] -- File: D:\PROGRA~1\SPYBOT~1\SDHelper.dll -- [X] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -- File: D:\Program Files\Java\jre6\bin\ssv.dll -- [320920] -- [23-12-2008 01:01] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -- File: D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll -- [408448] -- [22-01-2009 16:41] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -- File: D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll -- [259696] -- [07-05-2009 17:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] -- File: D:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll -- [668656] -- [26-03-2009 18:08] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] -- File: D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll -- [470512] -- [07-05-2009 17:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -- File: D:\Program Files\Java\jre6\bin\jp2ssv.dll -- [34816] -- [23-12-2008 01:01] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] -- File: D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll -- [73728] -- [23-12-2008 01:01] --- TOOLBAR regkeys --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} -- File: D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll -- [259696] -- [07-05-2009 17:50] --- HKLM\URLSEARCHHOOKS regkeys --- [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks] no urlsearchhooks found --- HKCU\URLSEARCHHOOKS regkeys --- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} -- File: D:\WINDOWS\system32\ieframe.dll -- [6066176] -- [29-04-2009 06:49] --- SRCEENSAVER regkey --- [HKEY_CURRENT_USER\Control Panel\Desktop] "SCRNSAVE.EXE" -- File D:\WINDOWS\System32\ssstars.scr -- [14336] -- [14-04-2008 19:03] --- ALTERNATESHELL regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] File: D:\WINDOWS\system32\cmd.exe -- [399872] -- [14-04-2008 19:02] --- SECURITYPROVIDERS regkey --- [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" File: D:\WINDOWS\system32\msapsspc.dll -- [86016] -- [14-04-2008 19:02] File: D:\WINDOWS\system32\schannel.dll -- [144896] -- [05-12-2008 08:58] File: D:\WINDOWS\system32\digest.dll -- [68608] -- [14-04-2008 19:02] File: D:\WINDOWS\system32\msnsspc.dll -- [290816] -- [14-04-2008 19:02] --- Active Setup\Installed Components regkey --- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -- File: D:\WINDOWS\system32\ieudinit.exe -- [13824] -- [28-04-2009 11:07] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] -- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -- File: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] -- File: RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -- File: %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}] -- filepath not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2A202491-F00D-11cf-87CC-0020AFEECF20}] -- filepath not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -- File: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -- File: "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -- File: rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] -- File: rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -- File: rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp11.inf,PerUserStub -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] -- File: regsvr32.exe /s /n /i:U shell32.dll -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -- File: D:\WINDOWS\system32\ie4uinit.exe -BaseSettings -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] -- File: D:\WINDOWS\system32\ie4uinit.exe -BaseSettings -- [?] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -- File: d:\WINDOWS\system32\Rundll32.exe d:\WINDOWS\system32\mscories.dll,Install -- [?] --- Services regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirMailService] -- File: "D:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe" -- [164097] -- [02-01-2009 14:49] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\antivirwebservice] -- File: "D:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE" -- [258305] -- [12-06-2008 14:59] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVEService] -- File: "D:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe" -- [41217] -- [09-05-2008 13:22] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DMICall] -- File: system32\DRIVERS\DMICall.sys -- [?] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\getPlus® Helper] -- File: D:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- [33752] -- [29-08-2008 10:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hpt3xx] -- filepath not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\JavaQuickStarterService] -- File: "D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" -- [?] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swwd] -- filepath not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TomTomHOMEService] -- File: D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- [92008] -- [08-04-2009 12:38] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WDM_YAMAHAAC97] -- File: system32\drivers\yacxgc.sys -- [?] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YAMAHA] -- filepath not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{9953C3D5-E3B0-4A0F-9CCC-EDB8E96B232F}] -- filepath not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{D119DDFE-AA1E-4AAA-B843-E390248CD8FF}] -- filepath not found --- SAFEBOOT MINIMAL SERVICES --- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal {533C5B84-EC70-11D2-9505-00C04F79DEAF} --- SAFEBOOT Network SERVICES --- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network DnsCache --- BOOTEXECUTE regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] "BootExecute"= autocheck autochk *\0\0 --- PENDINGFILERENAMEOPERATIONS regkey --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] PendingFileRenameOperations key not found --- WOW-CMDLINE regkeys --- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW] "cmdline" = %SystemRoot%\system32\ntvdm.exe "cmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386 --- NETSVCS regkey --- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] -- NETSVCS 0WmdmPmSN --- DNS SERVER regkeys --- no "NameServer" values found --- File associations --- .BAT files: ("%1" %*) .COM files: ("%1" %*) .EXE files: ("%1" %*) .HLP files: (%SystemRoot%\System32\winhlp32.exe %1) .INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1) .INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1) .JS files: (%SystemRoot%\System32\WScript.exe "%1" %*) .PIF files: ("%1" %*) .REG files: (regedit.exe "%1") .SCR files: ("%1" /S) .TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1) .VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*) --- STARTUP FOLDERS --- D:\Documents and Settings\Frans\Menu Start\Programma's\Opstarten\desktop.ini -- [84] -- [15-06-2008 20:40] D:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\desktop.ini -- [84] -- [15-06-2008 20:40] D:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\VAIO Action Setup (Server).lnk -- [1531] -- [04-08-2008 00:13] --- TASK SCHEDULER JOBS --- D:\WINDOWS\tasks\AppleSoftwareUpdate.job -- [284] -- [16-04-2009 23:09] D:\WINDOWS\tasks\Google Software Updater.job -- [968] -- [15-06-2009 14:23] D:\WINDOWS\tasks\GoogleUpdateTaskMachine.job -- [1038] -- [15-06-2009 18:17] D:\WINDOWS\tasks\RegTool Scan.job -- [414] -- [12-06-2009 12:00] Scan completed: ma 15-06-2009 18:25:23,50 FINISHED s |
|||
|
|
|
15-06-2009, 18:39
Bericht: #16
|
|||
|
|||
RE: RegSvr32 - wat is dit?
Citaat:maar ook ongeregeldwat bedoel je hiermee? Gebeurt het wanneer je bepaalde programma's opstart? Komt het ook voor bij andere gebruikers van deze computer? Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
|
17-06-2009, 18:39
Bericht: #17
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Met ongeregeld bedoelde ik gewoon als je al een tijdje op een site zit. Maar dat is eigenlijk niet meer zo geloof ik. Dus blijft over bij het opnen van nieuw websitepagina's. Alle gebruikers hebben er last van en het gebeurt niet in andere programma's als IE.
Frans |
|||
|
|
|
17-06-2009, 20:30
(Dit bericht is het laatst bewerkt op 17-06-2009 om 20:30 door Marckie.)
Bericht: #18
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Sporen van malware zie ik niet meer. Het lijkt me misschien wel een goed idee om IE8 te installeren.
Kijk of dat je problemen oplost Frans. Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
|
18-06-2009, 20:43
Bericht: #19
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Heb IE 8 geïnstalleerd maar dit heeft het probleem helaas niet opgelost. Bij opstarten van IE en regelmatig bij het openen van een nieuwe website blijft de pop-up verschijnen. Is er verder niets meer aan te doen?
Frans |
|||
|
|
|
18-06-2009, 20:45
Bericht: #20
|
|||
|
|||
|
RE: RegSvr32 - wat is dit?
Welke melding krijg je nu?
Maak een nieuwe log met reglooks en post deze. Microsoft MVP - Consumer Security
Sometimes you can't make it on your own Spyware, malware - Hoe kom ik er vanaf? |
|||
|
|
|
|
Gebruikers die deze discussie lezen: 3 gast(en)