Ga naar inhoud

Geen Windows Update, pagina's blijven hangen.

Gast Rickos

Door Gast Rickos
in Archief Internet & Netwerk

 Delen

Aanbevolen berichten

kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Dan maar met de grote middelen.

Verwijder de map C:\Program Files\AVG

Download CCleaner. (Als je het nog niet hebt)

Installeer het en start CCleaner op.

Klik in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Herstart de pc en maak een hijackthis logje zodat we kunnen checken of AVG volledig verwijderd is.

Link naar reactie
Delen op andere sites
Gast Rickos

Gast Rickos

Geplaatst:
Geplaatst:

Ik weet niet precies hoe het gelukt is maar het is gelukt om Combofix te starten.

Hieronder het logbestand.

Ik hoop dat je me daarmee verder kan helpen.

ComboFix 11-01-08.04 - Tetteroo 09-01-2011 14:12:54.1.3 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.3327.2935 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Tetteroo\Bureaublad\ComboFix.exe

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\LocalService\Application Data\searchqutb

c:\documents and settings\LocalService\Application Data\searchqutb\dtx.ini

c:\documents and settings\LocalService\Application Data\searchqutb\guid.dat

c:\documents and settings\LocalService\Application Data\searchqutb\setupCfg.xml

c:\windows\system32\tmp.tmp

D:\install.exe

I:\install.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-12-09 to 2011-01-09 ))))))))))))))))))))))))))))))

.

2011-01-09 13:01 . 2011-01-09 13:01 -------- d-----w- C:\32788R22FWJFW

2011-01-09 11:27 . 2011-01-09 11:27 -------- d-----w- c:\documents and settings\Tetteroo\Local Settings\Application Data\AVG Security Toolbar

2011-01-05 15:03 . 2011-01-05 15:03 -------- d-----w- c:\documents and settings\Tetteroo\Application Data\Malwarebytes

2011-01-05 15:03 . 2011-01-05 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-01-05 15:03 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-05 15:03 . 2011-01-05 15:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-05 15:03 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-05 12:18 . 2011-01-09 13:11 -------- d-----w- c:\windows\system32\CatRoot2

2011-01-05 10:44 . 2008-04-14 18:02 116736 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2011-01-05 10:44 . 2008-04-14 18:02 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll

2011-01-05 10:44 . 2001-09-06 20:27 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2011-01-05 10:44 . 2001-09-06 20:27 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe

2011-01-05 10:44 . 2001-09-06 20:27 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe

2011-01-05 10:44 . 2001-09-06 20:27 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe

2011-01-05 10:42 . 2001-08-17 19:13 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys

2011-01-05 10:41 . 2001-09-06 20:27 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll

2011-01-05 10:40 . 2001-09-06 20:26 43008 -c--a-w- c:\windows\system32\dllcache\tp4res.dll

2011-01-05 10:39 . 2001-08-17 21:07 30688 -c--a-w- c:\windows\system32\dllcache\sym_u3.sys

2011-01-05 10:38 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys

2011-01-05 10:37 . 2001-09-06 19:53 95146 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys

2011-01-05 10:36 . 2008-04-13 19:45 11520 -c--a-w- c:\windows\system32\dllcache\scsiscan.sys

2011-01-05 10:35 . 2004-08-03 21:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys

2011-01-05 10:34 . 2008-04-14 18:02 159232 -c--a-w- c:\windows\system32\dllcache\ptpusd.dll

2011-01-05 10:33 . 2001-08-17 19:12 26153 -c--a-w- c:\windows\system32\dllcache\pcmlm56.sys

2011-01-05 10:32 . 2001-09-06 18:49 9472 -c--a-w- c:\windows\system32\dllcache\ntapm.sys

2011-01-05 10:31 . 2001-08-17 19:50 103296 -c--a-w- c:\windows\system32\dllcache\mtxvideo.sys

2011-01-05 10:30 . 2001-09-06 20:26 59392 -c--a-w- c:\windows\system32\dllcache\m3092dc.dll

2011-01-05 10:29 . 2001-08-17 19:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys

2011-01-05 10:28 . 2001-08-17 20:28 488383 -c--a-w- c:\windows\system32\dllcache\hsf_v124.sys

2011-01-05 10:27 . 2001-09-06 20:26 123392 -c--a-w- c:\windows\system32\dllcache\hpgt21tk.dll

2011-01-05 10:26 . 2001-08-17 20:52 7040 -c--a-w- c:\windows\system32\dllcache\exabyte2.sys

2011-01-05 10:25 . 2001-09-06 18:49 51743 -c--a-w- c:\windows\system32\dllcache\e1000nt5.sys

2011-01-05 10:24 . 2001-08-17 19:19 93952 -c--a-w- c:\windows\system32\dllcache\cwcwdm.sys

2011-01-05 10:23 . 2008-04-13 19:36 14208 -c--a-w- c:\windows\system32\dllcache\battc.sys

2011-01-05 09:14 . 2011-01-05 09:15 -------- d-----w- c:\documents and settings\Tetteroo\Local Settings\Application Data\Deployment

2011-01-04 13:55 . 2011-01-04 13:55 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe

2011-01-04 12:20 . 2011-01-04 12:20 -------- d-----w- c:\documents and settings\Tetteroo\Local Settings\Application Data\FixItCenter

2011-01-04 12:16 . 2011-01-04 12:16 -------- d-----w- c:\program files\Microsoft Fix it Center

2011-01-04 12:16 . 2011-01-04 12:16 -------- d-----w- c:\windows\MATS

2011-01-04 12:06 . 2011-01-04 12:14 -------- d-----w- c:\documents and settings\Tetteroo\Application Data\ElevatedDiagnostics

2011-01-04 11:58 . 2011-01-04 11:58 -------- d-----w- c:\documents and settings\LocalService\Bureaublad

2011-01-04 11:51 . 2006-03-02 12:00 5632 -c--a-w- c:\windows\system32\dllcache\smimsgif.dll

2011-01-04 11:51 . 2006-03-02 12:00 5632 -c--a-w- c:\windows\system32\dllcache\smierrsy.dll

2011-01-04 11:51 . 2006-03-02 12:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll

2011-01-04 11:51 . 2006-03-02 12:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll

2011-01-04 11:51 . 2006-03-02 12:00 18944 -c--a-w- c:\windows\system32\dllcache\simptcp.dll

2011-01-04 11:51 . 2006-03-02 12:00 18944 ----a-w- c:\windows\system32\simptcp.dll

2011-01-04 11:51 . 2006-03-02 12:00 15872 -c--a-w- c:\windows\system32\dllcache\smierrsm.dll

2011-01-04 11:51 . 2006-03-02 12:00 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll

2011-01-04 11:51 . 2006-03-02 12:00 10240 -c--a-w- c:\windows\system32\dllcache\snmpstup.dll

2011-01-04 11:51 . 2006-03-02 12:00 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll

2011-01-03 08:59 . 2011-01-03 08:59 388096 ----a-r- c:\documents and settings\Tetteroo\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-01-03 08:59 . 2011-01-03 08:59 -------- d-----w- c:\program files\Trend Micro

2010-12-23 15:43 . 2010-12-23 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\EA Core

2010-12-23 15:28 . 2010-12-23 15:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Solidshield

2010-12-22 12:20 . 2011-01-09 12:03 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-12-22 11:15 . 2010-12-22 11:15 -------- d-----w- C:\$AVG

2010-12-22 10:09 . 2010-12-22 10:09 -------- d-----w- c:\documents and settings\Tetteroo\Application Data\AVG10

2010-12-22 10:08 . 2010-12-22 10:08 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files

2010-12-22 09:58 . 2010-12-22 10:07 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2010-12-18 18:23 . 2010-12-18 18:23 -------- d-----w- c:\documents and settings\Tetteroo\Local Settings\Application Data\FalloutNV

2010-12-17 22:08 . 2010-12-17 22:08 -------- d-----w- c:\program files\JMicron

2010-12-17 22:08 . 2010-01-15 16:01 20080 ----a-w- c:\windows\system32\drivers\johci.sys

2010-12-17 20:02 . 2010-12-17 20:03 -------- dc-h--w- c:\windows\ie8

2010-12-17 16:09 . 2010-12-17 16:09 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP

2010-12-17 16:08 . 2009-07-01 10:55 701440 ----a-w- c:\windows\system32\cohelper.dll

2010-12-17 16:08 . 2009-06-30 23:42 485920 ----a-w- c:\windows\system32\nvunrm.exe

2010-12-17 15:56 . 2009-07-20 23:48 485920 ----a-w- c:\windows\system32\NVUNINST.EXE

2010-12-17 15:56 . 2010-12-17 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet

2010-12-17 15:55 . 2010-06-30 11:02 41344 ----a-w- c:\windows\system32\drivers\btmcom.sys

2010-12-17 15:55 . 2010-12-17 15:55 -------- d-----w- c:\program files\Motorola

2010-12-17 15:55 . 2010-07-28 16:52 395776 ----a-w- c:\windows\system32\drivers\btmusb.sys

2010-12-17 15:55 . 2010-07-15 11:22 312584 ----a-w- c:\windows\system32\btmcls.dll

2010-12-17 15:55 . 2010-12-17 15:55 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2010-12-17 15:37 . 2010-12-17 15:37 240592 ----a-w- c:\windows\system32\nvdrsdb0.bin

2010-12-17 15:37 . 2010-12-17 15:37 1 ----a-w- c:\windows\system32\nvdrssel.bin

2010-12-17 15:37 . 2010-12-17 15:37 240592 ----a-w- c:\windows\system32\nvdrsdb1.bin

2010-12-17 15:02 . 2010-10-22 06:23 61440 ----a-w- c:\windows\system32\OpenCL.dll

2010-12-17 15:02 . 2010-10-22 06:23 888424 ----a-w- c:\windows\system32\nvdispco32.dll

2010-12-17 15:02 . 2010-09-07 20:08 813672 ----a-w- c:\windows\system32\nvgenco32.dll

2010-12-17 15:02 . 2009-07-08 08:07 678432 ----a-w- c:\windows\system32\nvcuvid.dll

2010-12-17 15:02 . 2009-07-08 08:07 1724416 ----a-w- c:\windows\system32\nvcuda.dll

2010-12-17 15:02 . 2009-07-08 08:07 1580550 ----a-w- c:\windows\system32\nvdata.bin

2010-12-17 15:02 . 2009-07-08 08:07 1317408 ----a-w- c:\windows\system32\nvcuvenc.dll

2010-12-17 15:02 . 2009-07-08 08:07 10006528 ----a-w- c:\windows\system32\nvoglnt.dll

2010-12-17 15:02 . 2010-10-22 06:23 13012992 ----a-w- c:\windows\system32\nvcompiler.dll

2010-12-17 15:02 . 2009-07-08 08:07 815104 ----a-w- c:\windows\system32\nvapi.dll

2010-12-17 15:01 . 2010-12-17 15:56 -------- d-----w- C:\NVIDIA

2010-12-17 15:00 . 2010-12-17 15:00 -------- d-----w- c:\documents and settings\Tetteroo\Local Settings\Application Data\Logitech

2010-12-17 14:59 . 2008-04-14 17:39 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys

2010-12-17 14:59 . 2008-04-14 17:39 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys

2010-12-17 14:56 . 2003-12-18 08:50 97792 ----a-w- c:\windows\system32\LGUICOM.DLL

2010-12-17 14:56 . 2003-12-18 08:50 3568 ----a-w- c:\windows\system32\LMOUSE16.DLL

2010-12-17 14:56 . 2003-12-18 08:50 16896 ----a-w- c:\windows\system32\LMOUSE32.DLL

2010-12-17 14:56 . 2003-12-18 08:50 104960 ----a-w- c:\windows\system32\COMNCTR.DLL

2010-12-17 14:56 . 2003-12-11 08:50 70894 ----a-w- c:\windows\system32\drivers\LMouFlt2.Sys

2010-12-17 14:56 . 2003-12-11 08:50 51582 ------w- c:\windows\system32\drivers\L8042PR2.SYS

2010-12-17 14:56 . 2003-12-11 08:50 37916 ----a-w- c:\windows\system32\drivers\LHidUsb.sys

2010-12-17 14:56 . 2003-12-11 08:50 25630 ----a-w- c:\windows\system32\drivers\LHidFlt2.Sys

2010-12-17 14:56 . 2003-12-11 08:50 23372 ------w- c:\windows\system32\LCOINST.DLL

2010-12-17 14:56 . 2003-12-11 08:50 20992 ------w- c:\windows\LOGI_MWX.EXE

2010-12-17 14:56 . 2003-12-11 08:50 152064 ------w- c:\windows\system32\lmoufrc.dll

2010-12-17 14:56 . 2003-12-11 08:50 14092 ------w- c:\windows\system32\drivers\LCCFLTR.SYS

2010-12-17 14:32 . 2010-12-17 14:32 -------- d-----w- c:\program files\Driver-Soft

2010-12-17 14:08 . 2010-12-17 14:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Driver Whiz

2010-12-16 22:28 . 2010-12-16 22:39 -------- d-----w- c:\documents and settings\Tetteroo\Application Data\DriverFinder

2010-12-16 10:38 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe

2010-12-11 15:48 . 2010-12-11 15:48 -------- d-----w- c:\documents and settings\Tetteroo\Local Settings\Application Data\Mozilla

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-01-03 10:25 . 2011-01-03 10:24 683123 ----a-w- c:\windows\M3N78-EM-0802.zip

2010-11-30 16:06 . 2009-07-25 14:02 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys

2010-11-25 22:38 . 2009-08-18 09:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll

2010-11-25 22:38 . 2009-08-18 09:24 17816 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2010-11-16 19:34 . 2009-07-25 14:02 19722344 ----a-w- c:\windows\RTHDCPL.EXE

2010-11-16 00:10 . 2010-11-16 00:10 65328 ----a-w- c:\windows\apppatch\matsshim.dll

2010-11-11 12:27 . 2009-07-25 14:02 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll

2010-11-03 17:15 . 2009-07-25 14:02 84584 ----a-w- c:\windows\SOUNDMAN.EXE

2010-11-03 17:15 . 2009-07-25 14:02 359016 ----a-w- c:\windows\vncutil.exe

2010-11-03 17:15 . 2009-07-25 14:02 1833576 ----a-w- c:\windows\SkyTel.exe

2010-11-03 17:15 . 2009-07-25 14:02 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL

2010-11-03 17:15 . 2009-07-25 14:02 1489512 ----a-w- c:\windows\RtlUpd.exe

2010-11-03 17:15 . 2009-07-25 14:02 9721960 ----a-w- c:\windows\RTLCPL.EXE

2010-11-03 17:14 . 2009-07-25 14:02 129640 ----a-w- c:\windows\RtkAudioService.exe

2010-11-03 17:14 . 2009-07-25 14:02 2180712 ----a-w- c:\windows\MicCal.exe

2010-11-03 17:13 . 2009-07-25 14:02 2815592 ----a-w- c:\windows\ALCWZRD.EXE

2010-11-03 17:13 . 2009-07-25 14:02 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL

2010-11-03 17:13 . 2009-07-25 14:02 64104 ----a-w- c:\windows\ALCMTR.EXE

2010-10-28 09:46 . 2009-07-25 14:02 1251944 ----a-w- c:\windows\RtlExUpd.dll

2008-03-09 06:25 . 2010-03-21 12:22 236 ----a-w- c:\program files\Common Files\dx.reg

2006-06-26 20:56 510464 --sha-r- c:\windows\system32\helpfiles\dllhost32.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"FTD Watchdog Monitor"="c:\program files\FTD Watchdog\FtdMonitor.exe" [2009-03-14 176640]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208]

"Google Update"="c:\documents and settings\Tetteroo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2011-01-05 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]

"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2010-10-28 294912]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]

"TaskTray"="c:\program files\Driver-Soft\DriverGenius\TaskTray.exe" [2010-08-09 284016]

"RTHDCPL"="RTHDCPL.EXE" [2010-11-16 19722344]

"Logitech Utility"="Logi_MwX.Exe" [2003-12-11 20992]

"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]

"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-07-28 20882696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-08 13762560]

"nwiz"="nwiz.exe" [2009-07-08 1657376]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-08 86016]

"AMService"="c:\windows\system32\setup.exe" [2008-04-14 23040]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mrormdva.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"d:\\06 Games\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=

"d:\\06 Games\\GTA4\\Grand Theft Auto IV\\GTAIV.exe"=

"d:\\06 Games\\GTA4\\Rockstar Games Social Club\\RGSCLauncher.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"d:\\06 Games\\AC\\AssassinsCreed_Dx9.exe"=

"d:\\06 Games\\AC\\AssassinsCreed_Dx10.exe"=

"d:\\06 Games\\AC\\AssassinsCreed_Launcher.exe"=

"c:\\Program Files\\ComicRack\\ComicRack.exe"=

"d:\\06 Games\\Prince of Persia The Forgotten Sands\\Prince of Persia.exe"=

"d:\\06 Games\\Prince of Persia The Forgotten Sands\\GameSettings.exe"=

"d:\\06 Games\\Prince of Persia The Forgotten Sands\\gu.exe"=

"d:\\06 Games\\Prince of Persia The Forgotten Sands\\UPlayBrowser.exe"=

"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=

"d:\\06 Games\\NfS HP\\Launcher.exe"=

"d:\\06 Games\\NfS HP\\NFS11.exe"=

"c:\\WINDOWS\\system32\\mmc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"5985:TCP"= 5985:TCP:Windows Remote Management

"3587:TCP"= 3587:TCP:Windows Peer-to-Peer-groepering

"3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)

"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

R0 johci;JMicron 1394 Filter Driver;c:\windows\system32\drivers\johci.sys [17-12-2010 11:08 PM 20080]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [17-12-2010 4:55 PM 508680]

R2 Iprip;RIP-listener;c:\windows\System32\svchost.exe -k netsvcs [4-8-2004 1:00 PM 14336]

R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [16-9-2010 2:06 PM 80896]

R3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [17-12-2010 4:55 PM 3512072]

R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\drivers\btmusb.sys [17-12-2010 4:55 PM 395776]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [25-7-2009 3:19 PM 100712]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 12:16 PM 130384]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25-7-2009 3:02 PM 1691480]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe --> c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]

S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [17-12-2010 4:55 PM 901384]

S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\drivers\btmcom.sys [17-12-2010 4:55 PM 41344]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [3-12-2010 1:01 AM 24576]

S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22-6-2010 6:01 PM 21248]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [16-11-2010 1:10 AM 267568]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [4-8-2004 1:00 PM 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 12:16 PM 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WINRM REG_MULTI_SZ WINRM

p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

.

Inhoud van de 'Gedeelde Taken' map

2011-01-09 c:\windows\Tasks\ConfigExec.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2010-11-16 00:09]

2011-01-08 c:\windows\Tasks\DataUpload.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2010-11-16 00:09]

2011-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-117609710-725345543-1004Core.job

- c:\documents and settings\Tetteroo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-05 09:15]

2011-01-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-117609710-725345543-1004UA.job

- c:\documents and settings\Tetteroo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-05 09:15]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

uInternet Connection Wizard,ShellNext = iexplore

IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -

FF - ProfilePath - c:\documents and settings\Tetteroo\Application Data\Mozilla\Firefox\Profiles\fbcm46uj.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - prefs.js: network.proxy.type - 0

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

.

- - - - ORPHANS VERWIJDERD - - - -

Toolbar-Locked - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-01-09 14:20

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Windows 5.1.2600 Disk: SAMSUNG_HD502IJ rev.1AA01118 -> Harddisk0\DR0 -> \Device\Ide\IdePort2 P2T0L0-f

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8AFE1555]<<

c:\docume~1\Tetteroo\LOCALS~1\Temp\catchme.sys

_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x8afe77b0]; MOV EAX, [0x8afe782c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8B002AB8]

3 CLASSPNP[0xB80E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\0000006e[0x8AF9C198]

5 ACPI[0xB7F7E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x8AF9A940]

\Driver\atapi[0x8AF8DA70] -> IRP_MJ_CREATE -> 0x8AFE1555

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; }

detected disk devices:

\Device\Ide\IdeDeviceP2T0L0-f -> \??\IDE#DiskSAMSUNG_HD502IJ_________________________1AA01118#31535433394a5330333533303238202020202020#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

detected hooks:

\Driver\atapi DriverStartIo -> 0x8AFE139B

user & kernel MBR OK

Warning: possible TDL3 rootkit infection !

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1214440339-117609710-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:61,23,31,b4,71,c3,dc,c6,9e,95,d1,75,7d,41,2a,e2,7c,8e,3d,f1,8e,43,d6,

b7,fa,ee,f3,fe,33,5d,38,a8,0c,ef,7f,7d,2a,e8,74,10,a2,fa,f5,71,be,e8,3d,06,\

"??"=hex:ac,49,65,e8,d0,f4,61,3e,2b,05,04,16,a4,db,01,e3

[HKEY_USERS\S-1-5-21-1214440339-117609710-725345543-1004\Software\SecuROM\License information*]

"datasecu"=hex:bf,d3,d1,a6,52,d0,3d,5a,71,c5,63,3f,3c,79,83,f9,fa,2c,56,de,74,

35,cc,ed,a1,b4,69,60,23,85,45,73,4d,cc,f5,f4,23,c1,f5,28,0b,06,c0,14,83,67,\

"rkeysecu"=hex:46,c8,6f,df,90,ee,34,31,02,a2,32,24,9d,b9,7d,d3

.

Voltooingstijd: 2011-01-09 14:23:04

ComboFix-quarantined-files.txt 2011-01-09 13:23

Pre-Run: 23.599.030.272 bytes beschikbaar

Post-Run: 23.688.216.576 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 77FD11EDB02B741A97C8B0F7DE5EE0FF

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.