Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

blue screen of dead 5 minutes after startup


  • Please log in to reply

#1
ilony

ilony

    New Member

  • Member
  • Pip
  • 1 posts
When I start my computer I can't open internet explorer, Mozilla work fine. But after about 5 minutes I get a BSOD. The first time this happend was after a infection of a trojanhorse back.doorgeneric.11ZNE.
In safe modem everything works fine.

here is my combofix log:

ComboFix 09-07-14.08 - ilona 17-07-2009 23:19.3.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.1789.979 [GMT 2:00]
Gestart vanuit: c:\users\ilona\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\program.log
c:\program files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner website.url
c:\program files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe
c:\program files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Styles\Vista.cjstyles
c:\program files\QUAD Utilities\QUAD Registry Cleaner\uninst.exe
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
c:\users\ilona\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\QUAD Utilities
c:\users\ilona\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner website.lnk
c:\users\ilona\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.lnk
c:\users\ilona\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\QUAD Utilities\QUAD Registry Cleaner\Uninstall QUAD Registry Cleaner.lnk
c:\users\ilona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner website.lnk
c:\users\ilona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.lnk
c:\users\ilona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QUAD Utilities\QUAD Registry Cleaner\Uninstall QUAD Registry Cleaner.lnk
c:\users\ilona\AppData\Roaming\QUAD Backups
c:\windows\Installer\49065.msi

.
(((((((((((((((((((( Bestanden Gemaakt van 2009-06-17 to 2009-07-17 ))))))))))))))))))))))))))))))
.

2030-11-01 20:52 . 2009-07-17 20:33 -------- d--h--w- C:\$AVG8.VAULT$
2030-11-01 20:49 . 2009-07-11 16:54 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2030-11-01 20:49 . 2009-06-24 17:12 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2030-11-01 20:49 . 2009-07-16 07:31 -------- d-----w- c:\windows\system32\drivers\Avg
2009-07-17 21:39 . 2009-07-17 21:39 -------- d-----w- c:\users\ilona\AppData\Local\temp
2009-07-17 16:41 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-17 16:41 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-07-17 16:41 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-07-17 16:41 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-07-17 16:41 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-07-17 16:41 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-07-17 16:41 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-07-17 16:31 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-07-17 16:31 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-07-17 16:31 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-07-17 16:31 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-07-17 16:31 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-07-17 11:29 . 2009-07-17 11:29 -------- d-----w- c:\users\ilona\AppData\Local\Apple
2009-07-17 11:29 . 2009-07-17 11:29 -------- d-----w- c:\program files\Apple Software Update
2009-07-17 11:28 . 2009-07-17 11:28 -------- d-----w- c:\progra~2\Apple
2009-07-16 20:10 . 2009-07-16 20:10 -------- d-----w- c:\progra~2\RegCure
2009-07-16 20:10 . 2009-07-16 20:10 -------- d-----w- c:\program files\RegCure
2009-07-16 19:41 . 2009-07-16 19:41 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-07-16 12:27 . 2008-12-11 06:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-07-16 12:27 . 2009-04-03 09:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-07-16 12:27 . 2008-12-18 10:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-07-16 12:27 . 2009-07-16 12:28 -------- d-----w- c:\program files\Common Files\PC Tools
2009-07-16 12:27 . 2008-12-10 09:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-07-16 12:27 . 2009-07-17 07:59 -------- d-----w- c:\program files\Spyware Doctor
2009-07-16 12:27 . 2009-07-16 12:27 -------- d-----w- c:\users\ilona\AppData\Roaming\PC Tools
2009-07-16 12:27 . 2009-07-16 12:27 -------- d-----w- c:\progra~2\PC Tools
2009-07-15 16:36 . 2009-07-15 16:36 -------- d-----w- c:\program files\Paint.NET
2009-07-15 16:36 . 2009-07-16 08:08 -------- d-----w- c:\users\ilona\AppData\Local\Paint.NET
2009-07-15 14:16 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-15 14:16 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-15 14:16 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-15 14:16 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-17 20:48 . 2008-06-29 18:31 -------- d-----w- c:\users\ilona\AppData\Roaming\Skype
2009-07-17 20:29 . 2007-11-17 19:54 72048 ----a-w- c:\users\ilona\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-17 19:48 . 2008-06-29 18:34 -------- d-----w- c:\users\ilona\AppData\Roaming\skypePM
2009-07-17 19:45 . 2006-11-02 16:11 667352 ----a-w- c:\windows\system32\perfh013.dat
2009-07-17 19:45 . 2006-11-02 16:11 126854 ----a-w- c:\windows\system32\perfc013.dat
2009-07-17 16:59 . 2007-03-28 08:13 -------- d-----w- c:\progra~2\Microsoft Help
2009-07-17 16:58 . 2007-03-28 08:15 -------- d-----w- c:\program files\Microsoft Works
2009-07-16 20:38 . 2007-11-21 11:43 1356 ----a-w- c:\users\ilona\AppData\Local\d3d9caps.dat
2009-07-16 12:31 . 2008-11-01 10:38 -------- d-----w- c:\progra~2\avg8
2009-07-15 21:59 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-24 17:12 . 2009-01-31 10:28 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-16 12:32 . 2008-10-02 13:25 -------- d-----w- c:\users\ilona\AppData\Roaming\LimeWirePlus
2009-06-16 11:52 . 2009-05-27 13:38 34 ----a-w- c:\users\ilona\jagex_runescape_preferences.dat
2009-06-11 07:59 . 2009-06-11 07:59 -------- d-----w- c:\users\ilona\AppData\Roaming\ATI
2009-05-27 14:23 . 2008-01-23 15:46 -------- d-----w- c:\program files\Java
2009-05-12 08:58 . 2009-05-12 08:59 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-30 12:37 . 2009-06-13 21:55 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-04-30 12:37 . 2009-06-13 21:55 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-04-24 16:05 . 2009-06-11 21:57 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-11 21:58 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-11 21:58 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-23 12:43 . 2009-06-11 22:01 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-11 22:02 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 11:55 . 2009-06-11 22:02 2033152 ----a-w- c:\windows\system32\win32k.sys
2007-11-28 16:28 . 2007-11-28 16:17 21277080 ----a-w- c:\program files\AdbeRdr709_en_US.exe
2008-07-03 04:14 . 2008-08-29 20:05 134144 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}"= "c:\program files\LimewirePlus\tbLime.dll" [2007-11-08 1502232]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]
2007-11-08 11:11 1502232 ----a-w- c:\program files\LimewirePlus\tbLime.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}"= "c:\program files\LimewirePlus\tbLime.dll" [2007-11-08 1502232]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}"= "c:\program files\LimewirePlus\tbLime.dll" [2007-11-08 1502232]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\3353d1744a43a86.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^ilona^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Schermopname en Snel starten.lnk]
path=c:\users\ilona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{46DA2922-9FBD-40F7-9B73-A6269F7D348C}"= UDP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{4DB5D587-A5D4-4C93-922B-FFD1A17CFD88}"= TCP:c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{841F02D8-8CF0-4B41-8510-86FC830DCD52}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{AA701418-3EC5-4A19-AD62-FEEA12009031}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D4C43D0C-F542-4B1C-ADAD-002A7CDEFE25}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{9E638672-5367-4509-AEAF-E348AB8C87CC}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{3BDA9F04-34DD-49CB-BE22-3D52A1C60F78}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{CE194A83-D21A-4DFE-A599-E24A3E288980}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{2720A298-991D-4581-88D8-695A3255B1ED}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{CB317C31-53B3-48C2-B0C6-11645CCA68A4}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{B2B1606C-1A93-4138-A4A3-6FEEA6835BD0}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{44FED1A3-7514-4D08-8C25-DD4B5CAB9ECE}"= UDP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{92C2E1F8-0E50-4823-A8A8-32C0E35267D6}"= TCP:c:\program files\Grisoft\AVG7\avgamsvr.exe:avgamsvr.exe
"{AD4BA0D0-92C4-4EA5-B938-436F8158C523}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{23B65B9D-DF6B-4B06-970D-93947F39DE35}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:avgcc.exe
"{27720B82-C696-44CA-886C-747DC15A1641}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{A40C1432-B37F-4158-B879-1B1CBF2DB7FC}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{C80D95FE-3864-4B38-9C80-DF7D357D56F9}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [16-7-2009 14:27 130936]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [1-11-2030 22:49 335752]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [31-1-2009 12:28 298776]
S1 3353d1744a43a86;3353d1744a43a86;c:\windows\System32\drivers\3353d1744a43a86.sys [31-5-2008 12:29 68608]
S2 AdobeAeLookupSvc;Adobe LM Service AdobeAeLookupSvc;c:\windows\TEMP\uofaepxpqo.exe service --> c:\windows\TEMP\uofaepxpqo.exe service [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\everest_ultimate_4.50_build_1394\kerneld.wnt [27-5-2009 13:42 23152]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [16-7-2009 14:27 348752]
S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\System32\drivers\smscirda.sys [28-3-2007 17:59 31232]

--- Andere Services/Drivers In Geheugen ---

*Deregistered* - mchInjDrv
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://nl.intl.acer.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: ms-its51 - {F6F1E82D-DE4D-11D2-875C-0000F8105754} - c:\program files\Common Files\microsoft shared\Information Retrieval\itss51.dll
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game10.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\ilona\AppData\Roaming\Mozilla\Firefox\Profiles\3oqja1fz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\users\ilona\AppData\Roaming\Mozilla\Firefox\Profiles\3oqja1fz.default\extensions\{9e1d7c80-43d1-11db-b0de-0800200c9a66}\components\TSHelper.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: d:\divx\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: d:\divx\DivX Web Player\npdivx32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("network.protocol-handler.warn-external.veoh", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-17 23:39
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden:

**************************************************************************
.
Voltooingstijd: 2009-07-17 23:45
ComboFix-quarantined-files.txt 2009-07-17 21:45

Pre-Run: 40.646.463.488 bytes beschikbaar
Post-Run: 40.699.748.352 bytes beschikbaar

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
235 --- E O F --- 2009-07-17 17:00
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP