Ga naar inhoud

haperende video's / filmpjes.

frabbit

Door frabbit
in Archief Multimedia

 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst:
haperingen zijn er nog steeds...
Had zo'n sterk vermoeden dat dit nog wel het geval ging zijn. Lijkt minder op een malwareprobleem ... maar toch nog even dit uitproberen :

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Lees hier meer over correct gebruik van Combofix.

  • Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: Klik hier Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.
  • Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
  • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd. Als deze Recovery Console al is geïnstalleerd zal ComboFix automatisch verder gaan met het scannen naar malware
  • Volg anders de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren. Wanneer de Recovery Console succesvol is geïnstalleerd, klik je op “JA” om verder te gaan met het scannen naar malware.

NOTA: Wanneer ComboFix start, kan het zijn dat je een foutmelding krijgt dat “De inhoud van het ComboFix pakket werd gewijzigd”. Ga dan niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer. Blijf je die melding krijgen dan meld je dit.

Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
frabbit Groentje

frabbit

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 10-07-28.01 - Fred van Munster 07/29/2010 10:44:47.2.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.1039 [GMT 2:00]

Running from: c:\documents and settings\Fred van Munster\Desktop\ComboFix.exe

AV: avast! antivirus 4.8.1368 [VPS 100720-0] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

((((((((((((((((((((((((( Files Created from 2010-06-28 to 2010-07-29 )))))))))))))))))))))))))))))))

.

2010-07-28 16:55 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-07-28 16:55 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-07-28 16:55 . 2010-07-28 16:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-07-28 16:39 . 2010-07-28 16:39 54016 ----a-w- c:\windows\system32\drivers\krwyolm.sys

2010-07-28 14:43 . 2010-07-28 14:43 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Malwarebytes

2010-07-28 14:43 . 2010-07-28 14:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-07-28 14:36 . 2010-07-28 14:36 -------- d-----w- c:\windows\system32\Adobe

2010-07-28 14:30 . 2010-07-28 14:30 -------- d-----w- c:\program files\Common Files\Java

2010-07-28 14:26 . 2010-07-28 14:26 -------- d-----w- c:\program files\NOS

2010-07-28 14:01 . 2010-07-28 14:01 388096 ----a-r- c:\documents and settings\Fred van Munster\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-07-28 14:01 . 2010-07-28 14:01 -------- d-----w- c:\program files\Trend Micro

2010-07-26 08:05 . 2010-07-26 08:05 -------- d-----w- c:\documents and settings\All Users\Application Data\PhotoMail

2010-07-26 08:05 . 2010-07-26 08:05 -------- d-----w- c:\program files\PhotoMail Maker

2010-07-26 07:37 . 2010-07-26 07:37 -------- d-----w- c:\program files\NT Registry Optimizer

2010-07-24 11:51 . 2010-07-24 11:51 331304 ----a-w- c:\documents and settings\Fred van Munster\Application Data\OpenCandy\OpenCandy_4DA167BC0B2748D5978F04012BAA2B5A\DLMgr_3_1.6.44.exe

2010-07-24 11:51 . 2010-07-24 11:51 -------- d-----w- c:\program files\Winamp Detect

2010-07-24 10:58 . 2010-07-24 10:58 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\GRETECH

2010-07-24 10:56 . 2010-07-24 10:56 -------- d-----w- c:\program files\GRETECH

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Ashampoo

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\documents and settings\Fred van Munster\Local Settings\Application Data\ashampoo

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\program files\Ashampoo

2010-07-19 07:17 . 2010-07-19 07:17 -------- d-----w- c:\program files\Microsoft Silverlight

2010-07-18 20:40 . 2010-07-18 20:40 -------- d-----w- c:\program files\Xvid

2010-07-18 20:40 . 2009-06-07 14:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll

2010-07-18 20:40 . 2009-06-07 14:16 819200 ----a-w- c:\windows\system32\xvidcore.dll

2010-07-18 20:30 . 2010-07-18 20:31 -------- d-----w- c:\program files\QuickTime

2010-07-18 20:26 . 2010-07-18 20:26 -------- d-----w- c:\program files\Apple Software Update

2010-07-18 20:10 . 2010-07-18 20:11 -------- d-----w- c:\documents and settings\Fred van Munster\Local Settings\Application Data\Video Converter

2010-07-18 20:09 . 2010-07-18 20:11 -------- d-----w- c:\program files\Free Video Converter

2010-07-18 20:07 . 2010-07-18 20:07 -------- d-----w- c:\documents and settings\All Users\Application Data\VideoConverter

2010-07-17 22:14 . 2010-07-17 22:14 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys

2010-07-17 22:12 . 2010-07-24 14:33 -------- d-----w- c:\program files\Sony Ericsson

2010-07-17 21:27 . 2010-07-17 21:27 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers

2010-07-17 21:27 . 2010-07-17 21:27 -------- d-----w- c:\program files\DWD

2010-07-17 21:21 . 2010-07-17 21:21 -------- d-----w- c:\program files\Samsung

2010-07-16 07:53 . 2009-11-24 22:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-07-16 07:53 . 2009-11-24 22:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-07-16 07:53 . 2009-11-24 22:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2010-07-16 07:53 . 2009-11-24 22:47 97480 ----a-w- c:\windows\system32\AvastSS.scr

2010-07-16 07:53 . 2009-11-24 22:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys

2010-07-16 07:53 . 2009-11-24 22:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2010-07-16 07:53 . 2009-11-24 22:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-07-16 07:53 . 2009-11-24 22:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-07-16 07:52 . 2009-11-24 22:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe

2010-07-16 07:52 . 2010-07-16 07:52 -------- d-----w- c:\program files\Alwil Software

2010-07-16 07:43 . 2010-07-08 11:51 711168 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\pmv307hw-1007080-0-main.dll

2010-07-16 07:43 . 2010-07-16 07:43 348160 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe

2010-07-14 21:57 . 2010-07-14 21:58 -------- d-----w- c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar

2010-07-14 10:36 . 2010-07-14 10:36 8 ----a-w- c:\windows\system32\nvModes.dat

2010-07-14 10:33 . 2010-07-14 10:33 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles

2010-07-14 06:10 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

2010-07-04 17:29 . 2010-07-04 17:29 -------- d-----w- c:\documents and settings\All Users\Application Data\HiYo

2010-07-01 17:07 . 2010-07-17 12:06 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\wsInspector

2010-07-01 17:04 . 2010-07-24 14:32 -------- d-----w- c:\program files\Startup Inspector for Windows

2010-07-01 16:52 . 2010-07-01 16:52 -------- d-----w- C:\Linksys Driver

2010-07-01 14:17 . 2010-07-01 14:17 -------- d-----w- c:\windows\nview

2010-07-01 14:17 . 2008-05-03 03:46 442368 ----a-w- c:\windows\system32\nvudisp.exe

2010-07-01 14:15 . 2008-04-30 15:27 442368 ----a-w- c:\windows\system32\NVUNINST.EXE

2010-07-01 14:11 . 2010-07-01 14:12 664 ----a-w- c:\windows\system32\d3d9caps.dat

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-07-29 07:15 . 2009-07-18 17:09 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\vlc

2010-07-29 07:15 . 2009-12-16 21:38 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\dvdcss

2010-07-28 20:47 . 2010-06-12 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound

2010-07-28 20:47 . 2010-06-12 18:30 -------- d-----w- c:\program files\NCH Swift Sound

2010-07-28 14:35 . 2009-10-31 20:04 -------- d-----w- c:\program files\Google

2010-07-28 14:29 . 2010-07-28 14:30 423656 ----a-w- c:\windows\system32\REN93.tmp

2010-07-28 14:26 . 2010-06-05 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

2010-07-28 14:23 . 2009-07-12 08:36 -------- d-----w- c:\program files\Java

2010-07-26 08:04 . 2009-11-10 18:44 -------- d-----w- c:\program files\IncrediMail

2010-07-25 18:35 . 2009-07-12 10:34 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Image Zone Express

2010-07-25 06:33 . 2009-07-14 14:01 -------- d-----w- c:\program files\Winamp

2010-07-24 15:15 . 2009-07-14 14:01 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Winamp

2010-07-24 14:34 . 2010-06-19 18:30 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\NCH Swift Sound

2010-07-24 14:33 . 2010-06-12 18:29 -------- d-----w- c:\program files\NCH Software

2010-07-24 14:27 . 2010-02-18 20:38 -------- d-----w- c:\program files\Common Files\Apple

2010-07-24 11:51 . 2010-05-23 10:05 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\OpenCandy

2010-07-22 13:51 . 2010-01-23 10:49 -------- d-----w- c:\program files\YouTube Downloader

2010-07-20 15:30 . 2009-07-11 19:20 128352 ----a-w- c:\documents and settings\Fred van Munster\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2010-07-19 07:38 . 2010-06-12 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software

2010-07-18 20:30 . 2010-05-08 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2010-07-17 21:21 . 2009-07-11 14:16 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-07-15 20:11 . 2009-11-10 18:06 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\LimeWire

2010-07-15 19:14 . 2009-11-07 12:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero

2010-07-15 19:14 . 2009-11-07 12:39 -------- d-----w- c:\program files\Common Files\Nero

2010-07-15 18:49 . 2009-11-07 12:40 -------- d-----w- c:\program files\Nero

2010-07-15 18:09 . 2010-05-30 14:26 -------- d-----w- c:\program files\AoA MP4 Converter

2010-07-15 18:09 . 2010-05-30 14:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-07-14 21:51 . 2009-11-10 18:05 -------- d-----w- c:\program files\LimeWire

2010-07-10 06:46 . 2010-03-06 10:41 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON

2010-06-27 07:39 . 2010-06-27 07:38 -------- d-----w- c:\program files\SIW

2010-06-22 19:52 . 2010-06-22 19:52 69214784 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe

2010-06-14 14:31 . 2009-07-11 12:41 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-12 19:29 . 2010-06-12 19:29 -------- d-----w- c:\program files\AnvSoft

2010-06-12 19:11 . 2010-06-12 18:54 -------- d-----w- c:\program files\IrfanView

2010-06-12 18:30 . 2010-06-12 18:29 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\NCH Software

2010-06-05 17:41 . 2010-03-07 18:41 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Research In Motion

2010-06-05 15:07 . 2010-06-05 15:07 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2010-06-05 12:03 . 2009-07-13 16:54 -------- d-----w- c:\program files\Common Files\Adobe

2010-06-05 11:54 . 2010-06-05 11:54 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe

2010-06-04 18:18 . 2010-06-04 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion

2010-06-04 18:18 . 2010-03-07 18:39 -------- d-----w- c:\program files\Research In Motion

2010-06-04 18:13 . 2010-03-07 18:39 -------- d-----w- c:\program files\Common Files\Research In Motion

2010-06-04 17:24 . 2009-07-23 14:20 -------- d-----w- c:\program files\Common Files\Nokia

2010-06-04 17:24 . 2009-07-23 14:19 -------- d-----w- c:\program files\Nokia

2010-06-04 17:23 . 2010-06-04 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic

2010-06-03 06:15 . 2009-07-12 10:22 110065 ----a-w- c:\windows\hpoins08.dat

2010-06-02 17:44 . 2010-06-02 17:42 -------- d-----w- c:\program files\Hyves Desktop

2010-06-01 17:11 . 2010-06-01 17:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf

2010-06-01 17:11 . 2010-06-01 17:11 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

2010-06-01 16:23 . 2009-07-23 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations

2010-06-01 16:08 . 2010-06-01 16:08 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe

2010-06-01 16:08 . 2010-06-01 16:08 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe

2010-06-01 16:08 . 2010-06-01 16:08 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe

2010-06-01 16:06 . 2010-06-01 16:09 35633752 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_2.5.2NP.exe

2010-05-25 10:46 . 2010-05-25 10:46 503808 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c7eb67a-n\msvcp71.dll

2010-05-25 10:46 . 2010-05-25 10:46 499712 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c7eb67a-n\jmc.dll

2010-05-25 10:46 . 2010-05-25 10:46 348160 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c7eb67a-n\msvcr71.dll

2010-05-25 10:46 . 2010-05-25 10:46 12800 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6968eba8-n\decora-d3d.dll

2010-05-25 10:46 . 2010-05-25 10:46 61440 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6968eba8-n\decora-sse.dll

2010-05-23 10:05 . 2010-05-23 10:05 257257 ----a-w- c:\documents and settings\Fred van Munster\Application Data\OpenCandy\OpenCandy_DA93A09B31784FF3BE877E217E44BC92\DLMgr3WrapperUniBlue.exe

2010-05-22 18:37 . 2010-05-22 17:43 12212040 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe

2010-05-22 18:36 . 2010-05-22 17:42 13930312 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe

2010-05-22 18:36 . 2010-05-22 17:42 61440 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx86.exe

2010-05-22 18:36 . 2010-05-22 17:42 58880 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx64.exe

2010-05-22 18:36 . 2010-05-22 17:42 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe

2010-05-22 18:36 . 2010-05-22 17:42 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe

2010-05-22 18:19 . 2010-05-22 18:21 98366952 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL.exe

2010-05-22 18:16 . 2010-05-22 18:44 34506392 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_dut_web.exe

2010-05-22 17:38 . 2010-05-22 17:39 98366952 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL[1].exe

2010-05-14 07:33 . 2010-03-07 18:41 256 ----a-w- c:\windows\system32\pool.bin

2010-05-13 09:54 . 2010-05-13 09:54 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe

2010-05-13 09:54 . 2010-05-13 09:54 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe

2010-05-13 09:54 . 2010-05-13 09:54 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-05-13 09:54 . 2010-05-13 09:54 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe

2010-05-13 09:54 . 2010-05-13 09:55 34506392 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_dut_web[1].exe

2010-05-11 17:33 . 2009-07-11 12:41 22720 ----a-w- c:\windows\system32\emptyregdb.dat

2010-05-06 10:41 . 2005-01-06 04:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-02 05:22 . 2005-01-06 04:00 1851264 ----a-w- c:\windows\system32\win32k.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]

"nwiz"="nwiz.exe" [2008-05-03 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *sprestrt

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE"=

"c:\\WINDOWS\\system32\\Ati2evxx.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\BitLord\\BitLord.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\BitTorrent\\bittorrent.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Documents and Settings\\Fred van Munster\\My Documents\\Downloads\\HiYo_Install.exe"=

"c:\\Documents and Settings\\Fred van Munster\\Application Data\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=

"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/16/2010 9:53 AM 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/16/2010 9:53 AM 20560]

R3 IPN2120;Instant Wireless-B PCI Adapter Driver;c:\windows\system32\drivers\LSIPNDS.sys [7/11/2009 5:48 PM 96256]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [7/18/2010 12:14 AM 27632]

R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\drivers\swivspnt.sys [3/26/2007 2:18 PM 20352]

S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys --> c:\windows\system32\DRIVERS\ShlDrv51.sys [?]

S2 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys --> c:\windows\system32\DRIVERS\PavProc.sys [?]

S2 StudioPro;StudioPro webcam;c:\windows\system32\drivers\StudioPro.sys [7/30/2009 9:40 AM 124416]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [7/29/2009 9:35 PM 1527900]

S3 FLASHSYS;FLASHSYS;\??\c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys --> c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys [?]

S3 HwIOctl;HwIOctl;\??\c:\program files\Setup Files\MS-6580 v4.00\HwIOctl.sys --> c:\program files\Setup Files\MS-6580 v4.00\HwIOctl.sys [?]

S3 MsibiosDevice;MsibiosDevice;\??\c:\program files\MSI\Live Update 4\LU4\msibios.sys --> c:\program files\MSI\Live Update 4\LU4\msibios.sys [?]

S3 RkPavproc1;RkPavproc1;c:\windows\system32\drivers\RkPavproc1.sys [8/17/2009 9:10 PM 16952]

S3 RkPavproc2;RkPavproc2;c:\windows\system32\drivers\RkPavproc2.sys [1/11/2010 8:20 PM 16952]

S3 SWNC8U80;Sierra Wireless MUX NDIS Driver (UMTS80);c:\windows\system32\drivers\swnc8u80.sys [5/20/2008 4:24 PM 167040]

S3 SWUMX80;Sierra Wireless USB MUX Driver (UMTS80);c:\windows\system32\drivers\swumx80.sys [5/20/2008 4:25 PM 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Contents of the 'Scheduled Tasks' folder

2010-07-22 c:\windows\Tasks\expressburnDowngrade.job

- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-07-01 16:30]

2010-07-22 c:\windows\Tasks\expressburnShakeIcon.job

- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-07-01 16:30]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab

DPF: {BD324C84-E46E-11D3-83D0-00C04F4EB66B} - hxxps://portal.hecla.nl/synergy/cab/ebcasp.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://nijverdalcam.viewnetcam.com:50001/activex/AMC.cab

.

- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-Adobe AIR - c:\program files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe

AddRemove-{b760c3d6-3c91-4cc5-803f-007e7ca539e7} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe

AddRemove-{E2883E8F-472F-4fb0-9522-AC9BF37916A7} - c:\program files\NOS\bin\getPlus_Helper.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-07-29 10:52

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*]

"AB141C35E9F4BF344B9FC010BB17F68A"=""

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3156)

c:\windows\system32\WININET.dll

c:\windows\system32\nview.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2010-07-29 10:56:27

ComboFix-quarantined-files.txt 2010-07-29 08:56

ComboFix2.txt 2010-06-05 16:05

Pre-Run: 77,930,897,408 bytes free

Post-Run: 78,251,761,664 bytes free

- - End Of File - - 359610E4B8A1D7AE3323CC37A839C8C3

groet fred

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\drivers\RkPavproc1.sys

c:\windows\system32\REN93.tmp

c:\windows\system32\drivers\krwyolm.sys

c:\windows\system32\drivers\RkPavproc2.sys

Folder::

c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar

Driver::

krwyolm

RkPavproc2

RkPavproc1

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
frabbit Groentje

frabbit

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 10-07-28.01 - Fred van Munster 07/29/2010 11:32:39.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.1048 [GMT 2:00]

Running from: c:\documents and settings\Fred van Munster\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Fred van Munster\Desktop\CFScript.txt..txt

AV: avast! antivirus 4.8.1368 [VPS 100728-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::

"c:\windows\system32\drivers\krwyolm.sys"

"c:\windows\system32\drivers\RkPavproc1.sys"

"c:\windows\system32\drivers\RkPavproc2.sys"

"c:\windows\system32\REN93.tmp"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar

c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar\cache.dat

c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar\config.xml

c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar\Downloaded Program Files\LimeWire.inf

c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar\Downloaded Program Files\LimeWireBDTB.dll

c:\documents and settings\Fred van Munster\Local Settings\Application Data\AskToolbar\limewire.cab

c:\windows\system32\drivers\krwyolm.sys

c:\windows\system32\drivers\RkPavproc1.sys

c:\windows\system32\drivers\RkPavproc2.sys

c:\windows\system32\REN93.tmp

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_RkPavproc1

-------\Service_RkPavproc2

((((((((((((((((((((((((( Files Created from 2010-06-28 to 2010-07-29 )))))))))))))))))))))))))))))))

.

2010-07-29 09:07 . 2010-05-11 10:00 20072 ----a-w- c:\windows\system32\drivers\cpuz133_x32.sys

2010-07-29 09:07 . 2010-07-29 09:07 -------- d-----w- c:\program files\CPUID

2010-07-28 16:55 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-07-28 16:55 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-07-28 16:55 . 2010-07-28 16:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-07-28 14:43 . 2010-07-28 14:43 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Malwarebytes

2010-07-28 14:43 . 2010-07-28 14:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-07-28 14:36 . 2010-07-28 14:36 -------- d-----w- c:\windows\system32\Adobe

2010-07-28 14:30 . 2010-07-28 14:30 -------- d-----w- c:\program files\Common Files\Java

2010-07-28 14:26 . 2010-07-28 14:26 -------- d-----w- c:\program files\NOS

2010-07-28 14:01 . 2010-07-28 14:01 388096 ----a-r- c:\documents and settings\Fred van Munster\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-07-28 14:01 . 2010-07-28 14:01 -------- d-----w- c:\program files\Trend Micro

2010-07-26 08:05 . 2010-07-26 08:05 -------- d-----w- c:\documents and settings\All Users\Application Data\PhotoMail

2010-07-26 08:05 . 2010-07-26 08:05 -------- d-----w- c:\program files\PhotoMail Maker

2010-07-26 07:37 . 2010-07-26 07:37 -------- d-----w- c:\program files\NT Registry Optimizer

2010-07-24 11:51 . 2010-07-24 11:51 331304 ----a-w- c:\documents and settings\Fred van Munster\Application Data\OpenCandy\OpenCandy_4DA167BC0B2748D5978F04012BAA2B5A\DLMgr_3_1.6.44.exe

2010-07-24 11:51 . 2010-07-24 11:51 -------- d-----w- c:\program files\Winamp Detect

2010-07-24 10:58 . 2010-07-24 10:58 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\GRETECH

2010-07-24 10:56 . 2010-07-24 10:56 -------- d-----w- c:\program files\GRETECH

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Ashampoo

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\documents and settings\Fred van Munster\Local Settings\Application Data\ashampoo

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo

2010-07-22 14:03 . 2010-07-22 14:03 -------- d-----w- c:\program files\Ashampoo

2010-07-19 07:17 . 2010-07-19 07:17 -------- d-----w- c:\program files\Microsoft Silverlight

2010-07-18 20:40 . 2010-07-18 20:40 -------- d-----w- c:\program files\Xvid

2010-07-18 20:40 . 2009-06-07 14:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll

2010-07-18 20:40 . 2009-06-07 14:16 819200 ----a-w- c:\windows\system32\xvidcore.dll

2010-07-18 20:30 . 2010-07-18 20:31 -------- d-----w- c:\program files\QuickTime

2010-07-18 20:26 . 2010-07-18 20:26 -------- d-----w- c:\program files\Apple Software Update

2010-07-18 20:10 . 2010-07-18 20:11 -------- d-----w- c:\documents and settings\Fred van Munster\Local Settings\Application Data\Video Converter

2010-07-18 20:09 . 2010-07-18 20:11 -------- d-----w- c:\program files\Free Video Converter

2010-07-18 20:07 . 2010-07-18 20:07 -------- d-----w- c:\documents and settings\All Users\Application Data\VideoConverter

2010-07-17 22:14 . 2010-07-17 22:14 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys

2010-07-17 22:12 . 2010-07-24 14:33 -------- d-----w- c:\program files\Sony Ericsson

2010-07-17 21:27 . 2010-07-17 21:27 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers

2010-07-17 21:27 . 2010-07-17 21:27 -------- d-----w- c:\program files\DWD

2010-07-17 21:21 . 2010-07-17 21:21 -------- d-----w- c:\program files\Samsung

2010-07-16 07:53 . 2009-11-24 22:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-07-16 07:53 . 2009-11-24 22:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-07-16 07:53 . 2009-11-24 22:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2010-07-16 07:53 . 2009-11-24 22:47 97480 ----a-w- c:\windows\system32\AvastSS.scr

2010-07-16 07:53 . 2009-11-24 22:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys

2010-07-16 07:53 . 2009-11-24 22:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2010-07-16 07:53 . 2009-11-24 22:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-07-16 07:53 . 2009-11-24 22:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-07-16 07:52 . 2009-11-24 22:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe

2010-07-16 07:52 . 2010-07-16 07:52 -------- d-----w- c:\program files\Alwil Software

2010-07-16 07:43 . 2010-07-08 11:51 711168 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\pmv307hw-1007080-0-main.dll

2010-07-16 07:43 . 2010-07-16 07:43 348160 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe

2010-07-14 10:36 . 2010-07-14 10:36 8 ----a-w- c:\windows\system32\nvModes.dat

2010-07-14 10:33 . 2010-07-14 10:33 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles

2010-07-14 06:10 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

2010-07-04 17:29 . 2010-07-04 17:29 -------- d-----w- c:\documents and settings\All Users\Application Data\HiYo

2010-07-01 17:07 . 2010-07-17 12:06 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\wsInspector

2010-07-01 17:04 . 2010-07-24 14:32 -------- d-----w- c:\program files\Startup Inspector for Windows

2010-07-01 16:52 . 2010-07-01 16:52 -------- d-----w- C:\Linksys Driver

2010-07-01 14:17 . 2010-07-01 14:17 -------- d-----w- c:\windows\nview

2010-07-01 14:17 . 2008-05-03 03:46 442368 ----a-w- c:\windows\system32\nvudisp.exe

2010-07-01 14:15 . 2008-04-30 15:27 442368 ----a-w- c:\windows\system32\NVUNINST.EXE

2010-07-01 14:11 . 2010-07-01 14:12 664 ----a-w- c:\windows\system32\d3d9caps.dat

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-07-29 07:15 . 2009-07-18 17:09 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\vlc

2010-07-29 07:15 . 2009-12-16 21:38 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\dvdcss

2010-07-28 20:47 . 2010-06-12 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound

2010-07-28 20:47 . 2010-06-12 18:30 -------- d-----w- c:\program files\NCH Swift Sound

2010-07-28 14:35 . 2009-10-31 20:04 -------- d-----w- c:\program files\Google

2010-07-28 14:26 . 2010-06-05 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS

2010-07-28 14:23 . 2009-07-12 08:36 -------- d-----w- c:\program files\Java

2010-07-26 08:04 . 2009-11-10 18:44 -------- d-----w- c:\program files\IncrediMail

2010-07-25 18:35 . 2009-07-12 10:34 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Image Zone Express

2010-07-25 06:33 . 2009-07-14 14:01 -------- d-----w- c:\program files\Winamp

2010-07-24 15:15 . 2009-07-14 14:01 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Winamp

2010-07-24 14:34 . 2010-06-19 18:30 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\NCH Swift Sound

2010-07-24 14:33 . 2010-06-12 18:29 -------- d-----w- c:\program files\NCH Software

2010-07-24 14:27 . 2010-02-18 20:38 -------- d-----w- c:\program files\Common Files\Apple

2010-07-24 11:51 . 2010-05-23 10:05 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\OpenCandy

2010-07-22 13:51 . 2010-01-23 10:49 -------- d-----w- c:\program files\YouTube Downloader

2010-07-20 15:30 . 2009-07-11 19:20 128352 ----a-w- c:\documents and settings\Fred van Munster\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2010-07-19 07:38 . 2010-06-12 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software

2010-07-18 20:30 . 2010-05-08 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer

2010-07-17 21:21 . 2009-07-11 14:16 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-07-15 20:11 . 2009-11-10 18:06 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\LimeWire

2010-07-15 19:14 . 2009-11-07 12:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero

2010-07-15 19:14 . 2009-11-07 12:39 -------- d-----w- c:\program files\Common Files\Nero

2010-07-15 18:49 . 2009-11-07 12:40 -------- d-----w- c:\program files\Nero

2010-07-15 18:09 . 2010-05-30 14:26 -------- d-----w- c:\program files\AoA MP4 Converter

2010-07-15 18:09 . 2010-05-30 14:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-07-14 21:51 . 2009-11-10 18:05 -------- d-----w- c:\program files\LimeWire

2010-07-10 06:46 . 2010-03-06 10:41 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON

2010-06-27 07:39 . 2010-06-27 07:38 -------- d-----w- c:\program files\SIW

2010-06-22 19:52 . 2010-06-22 19:52 69214784 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe

2010-06-14 14:31 . 2009-07-11 12:41 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-12 19:29 . 2010-06-12 19:29 -------- d-----w- c:\program files\AnvSoft

2010-06-12 19:11 . 2010-06-12 18:54 -------- d-----w- c:\program files\IrfanView

2010-06-12 18:30 . 2010-06-12 18:29 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\NCH Software

2010-06-05 17:41 . 2010-03-07 18:41 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\Research In Motion

2010-06-05 15:07 . 2010-06-05 15:07 -------- d-----w- c:\documents and settings\Fred van Munster\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2010-06-05 12:03 . 2009-07-13 16:54 -------- d-----w- c:\program files\Common Files\Adobe

2010-06-05 11:54 . 2010-06-05 11:54 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe

2010-06-04 18:18 . 2010-06-04 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion

2010-06-04 18:18 . 2010-03-07 18:39 -------- d-----w- c:\program files\Research In Motion

2010-06-04 18:13 . 2010-03-07 18:39 -------- d-----w- c:\program files\Common Files\Research In Motion

2010-06-04 17:24 . 2009-07-23 14:20 -------- d-----w- c:\program files\Common Files\Nokia

2010-06-04 17:24 . 2009-07-23 14:19 -------- d-----w- c:\program files\Nokia

2010-06-04 17:23 . 2010-06-04 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic

2010-06-03 06:15 . 2009-07-12 10:22 110065 ----a-w- c:\windows\hpoins08.dat

2010-06-02 17:44 . 2010-06-02 17:42 -------- d-----w- c:\program files\Hyves Desktop

2010-06-01 17:11 . 2010-06-01 17:11 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf

2010-06-01 17:11 . 2010-06-01 17:11 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

2010-06-01 16:23 . 2009-07-23 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations

2010-06-01 16:08 . 2010-06-01 16:08 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe

2010-06-01 16:08 . 2010-06-01 16:08 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe

2010-06-01 16:08 . 2010-06-01 16:08 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe

2010-06-01 16:06 . 2010-06-01 16:09 35633752 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_2.5.2NP.exe

2010-05-25 10:46 . 2010-05-25 10:46 503808 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c7eb67a-n\msvcp71.dll

2010-05-25 10:46 . 2010-05-25 10:46 499712 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c7eb67a-n\jmc.dll

2010-05-25 10:46 . 2010-05-25 10:46 348160 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-1c7eb67a-n\msvcr71.dll

2010-05-25 10:46 . 2010-05-25 10:46 12800 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6968eba8-n\decora-d3d.dll

2010-05-25 10:46 . 2010-05-25 10:46 61440 ----a-w- c:\documents and settings\Fred van Munster\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6968eba8-n\decora-sse.dll

2010-05-23 10:05 . 2010-05-23 10:05 257257 ----a-w- c:\documents and settings\Fred van Munster\Application Data\OpenCandy\OpenCandy_DA93A09B31784FF3BE877E217E44BC92\DLMgr3WrapperUniBlue.exe

2010-05-22 18:37 . 2010-05-22 17:43 12212040 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe

2010-05-22 18:36 . 2010-05-22 17:42 13930312 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe

2010-05-22 18:36 . 2010-05-22 17:42 61440 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx86.exe

2010-05-22 18:36 . 2010-05-22 17:42 58880 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx64.exe

2010-05-22 18:36 . 2010-05-22 17:42 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe

2010-05-22 18:36 . 2010-05-22 17:42 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe

2010-05-22 18:19 . 2010-05-22 18:21 98366952 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL.exe

2010-05-22 18:16 . 2010-05-22 18:44 34506392 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_dut_web.exe

2010-05-22 17:38 . 2010-05-22 17:39 98366952 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL[1].exe

2010-05-14 07:33 . 2010-03-07 18:41 256 ----a-w- c:\windows\system32\pool.bin

2010-05-13 09:54 . 2010-05-13 09:54 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe

2010-05-13 09:54 . 2010-05-13 09:54 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe

2010-05-13 09:54 . 2010-05-13 09:54 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe

2010-05-13 09:54 . 2010-05-13 09:54 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe

2010-05-13 09:54 . 2010-05-13 09:55 34506392 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_dut_web[1].exe

2010-05-11 17:33 . 2009-07-11 12:41 22720 ----a-w- c:\windows\system32\emptyregdb.dat

2010-05-06 10:41 . 2005-01-06 04:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-02 05:22 . 2005-01-06 04:00 1851264 ----a-w- c:\windows\system32\win32k.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]

"nwiz"="nwiz.exe" [2008-05-03 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *sprestrt

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Microsoft Office\\Office10\\OSA.EXE"=

"c:\\WINDOWS\\system32\\Ati2evxx.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\BitLord\\BitLord.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\BitTorrent\\bittorrent.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=

"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=

"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Documents and Settings\\Fred van Munster\\My Documents\\Downloads\\HiYo_Install.exe"=

"c:\\Documents and Settings\\Fred van Munster\\Application Data\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=

"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/16/2010 9:53 AM 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/16/2010 9:53 AM 20560]

R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [7/29/2010 11:07 AM 20072]

R3 IPN2120;Instant Wireless-B PCI Adapter Driver;c:\windows\system32\drivers\LSIPNDS.sys [7/11/2009 5:48 PM 96256]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [7/18/2010 12:14 AM 27632]

R3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\drivers\swivspnt.sys [3/26/2007 2:18 PM 20352]

S1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys --> c:\windows\system32\DRIVERS\ShlDrv51.sys [?]

S2 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys --> c:\windows\system32\DRIVERS\PavProc.sys [?]

S2 StudioPro;StudioPro webcam;c:\windows\system32\drivers\StudioPro.sys [7/30/2009 9:40 AM 124416]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [7/29/2009 9:35 PM 1527900]

S3 FLASHSYS;FLASHSYS;\??\c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys --> c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys [?]

S3 HwIOctl;HwIOctl;\??\c:\program files\Setup Files\MS-6580 v4.00\HwIOctl.sys --> c:\program files\Setup Files\MS-6580 v4.00\HwIOctl.sys [?]

S3 MsibiosDevice;MsibiosDevice;\??\c:\program files\MSI\Live Update 4\LU4\msibios.sys --> c:\program files\MSI\Live Update 4\LU4\msibios.sys [?]

S3 SWNC8U80;Sierra Wireless MUX NDIS Driver (UMTS80);c:\windows\system32\drivers\swnc8u80.sys [5/20/2008 4:24 PM 167040]

S3 SWUMX80;Sierra Wireless USB MUX Driver (UMTS80);c:\windows\system32\drivers\swumx80.sys [5/20/2008 4:25 PM 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Contents of the 'Scheduled Tasks' folder

2010-07-22 c:\windows\Tasks\expressburnDowngrade.job

- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-07-01 16:30]

2010-07-22 c:\windows\Tasks\expressburnShakeIcon.job

- c:\program files\NCH Swift Sound\ExpressBurn\expressburn.exe [2010-07-01 16:30]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab

DPF: {BD324C84-E46E-11D3-83D0-00C04F4EB66B} - hxxps://portal.hecla.nl/synergy/cab/ebcasp.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://nijverdalcam.viewnetcam.com:50001/activex/AMC.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-07-29 11:44

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*]

"AB141C35E9F4BF344B9FC010BB17F68A"=""

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3684)

c:\windows\system32\WININET.dll

c:\windows\system32\nview.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Motive\McciCMService.exe

c:\mysql\bin\mysqld-nt.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\HPZipm12.exe

c:\windows\system32\rundll32.exe

.

**************************************************************************

.

Completion time: 2010-07-29 11:50:33 - machine was rebooted

ComboFix-quarantined-files.txt 2010-07-29 09:50

ComboFix2.txt 2010-07-29 08:56

ComboFix3.txt 2010-06-05 16:05

Pre-Run: 78,220,824,576 bytes free

Post-Run: 78,254,161,920 bytes free

- - End Of File - - 23C6EEB1323EF7A029A3F942D51D899D

Link naar reactie
Delen op andere sites
frabbit Groentje

frabbit

Geplaatst:
  • Auteur
Geplaatst:
Mooi zo ... en dan opnieuw de vraag : wat met de "haperingen" nu ?

haperingen zijn er nog steeds, heb meer het idee dat de pc andere problemen heeft, als ik bijvoorbeeld 2x de browser open dan hangt het systeem even en blijft de cursor / muis hangen

kan dit niet iets met het virtueel geheugen of chace te maken hebben

voor de duidelijkheid, er zat 512 mb in de pc ik heb er 1 gb bij gestoken.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Je hebt momenteel zeker een cleane PC ... dit mag je nog even doen om Combofix te verwijderen :

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download hier CCleaner en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Oorzaken moeten dan inderdaad ergens anders gezocht worden ... heb niet meteen suggesties. Laat dat graag over aan de specialisten op dat vlak !

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.