Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2 Dll Errors @ Start-up.


  • This topic is locked This topic is locked
2 replies to this topic

#1 Las Vegas

Las Vegas

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 11 May 2008 - 04:30 AM

Hello,

Since yesterday i've gotten really strange errors at the start up of my computer and i really have no clue what's causing it. I also had problems with my Mozilla, that wouldn't open pages like google etc. So i scanned my computer with Spybot, and found out Virtumonde.dll was causing these problems. Those website problems are FIXED now. But the .dll problems still remain.

These are the dll errors (In Dutch sadly..)

Er is een fout opgetreden tijdens het laden van C:\Windows\system32\iekpoqiq.dll

Kan opgegeven module niet vinden

Er is een fout opgetreden tijdens het laden van C:\Windows\system32\iekpoqiq.dll

Kan opgegeven module niet vinden



In English it should be something like;
An error is found while loading C:\Windows\System32\....
Can't find specified path

So it's really annoying, and i already scanned with ComboFix and Hijackthis. Here are the 2 logs:

ComboFix:

ComboFix 08-05-09.1 - DaniŽl 2008-05-11 0:32:28.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.1553 [GMT 2:00]
Gestart vanuit: C:\Documents and Settings\DaniŽl\Bureaublad\ComboFix.exe
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cbxvsrr.dll
C:\WINDOWS\system32\jkkjjih.dll
C:\WINDOWS\system32\mnnmp.ini
C:\WINDOWS\system32\mnnmp.ini2
C:\WINDOWS\system32\orqss.ini
C:\WINDOWS\system32\orqss.ini2
C:\WINDOWS\system32\prqss.ini2
C:\WINDOWS\system32\qiqopkei.ini
C:\WINDOWS\system32\rqrppol.dll
C:\WINDOWS\system32\vtusttu.dll

.
(((((((((((((((((((( Bestanden Gemaakt van 2008-04-10 to 2008-05-10 ))))))))))))))))))))))))))))))
.

2008-05-10 23:21 . 2008-05-10 23:21 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-05-10 22:52 . 2008-05-10 22:52 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-10 22:37 . 2008-05-10 23:10 318 --a------ C:\WINDOWS\wininit.ini
2008-05-10 22:15 . 2008-05-10 22:15 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-10 22:07 . 2008-05-10 22:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-10 12:03 . 2008-05-10 21:58 <DIR> d-------- C:\Program Files\Grisoft(2)
2008-05-10 12:03 . 2008-05-10 21:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft(2)
2008-05-10 11:02 . 2008-05-10 23:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-10 10:35 . 2008-05-10 10:35 159,871 --a------ C:\WINDOWS\Marsu-Fix Uninstaller.exe.bak
2008-05-10 10:34 . 2008-05-10 10:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-05-10 10:00 . 2008-05-10 10:00 <DIR> d-------- C:\Program Files\Lavasoft
2008-05-10 10:00 . 2008-05-10 10:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-10 09:40 . 2008-05-10 23:06 109,862 --a------ C:\WINDOWS\BM875f7f8d.xml
2008-05-09 13:41 . 2008-05-09 13:41 <DIR> d-------- C:\Program Files\Atari
2008-05-09 13:33 . 2008-05-09 13:33 <DIR> d-------- C:\Program Files\uTorrent
2008-05-09 13:33 . 2008-05-09 13:41 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\uTorrent
2008-05-09 12:28 . 2008-05-09 12:28 <DIR> d-------- C:\Program Files\Infogrames
2008-05-09 11:23 . 2008-05-09 11:23 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-05-09 10:49 . 2008-05-09 17:59 <DIR> d-------- C:\Program Files\PokerStars
2008-05-08 11:13 . 2008-04-14 22:32 219,136 --a------ C:\WINDOWS\system32\uxtheme.backup
2008-05-08 11:10 . 2008-05-08 11:10 1,024 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT.LOG
2008-05-08 11:02 . 2008-04-14 22:32 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-05-08 11:02 . 2008-04-14 22:32 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-05-08 11:02 . 2008-04-14 22:09 88,064 --------- C:\WINDOWS\system32\msxml6r.dll
2008-05-08 11:02 . 2008-04-14 22:09 88,064 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll
2008-05-08 10:59 . 2008-05-08 10:59 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-08 10:56 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\002762_.tmp
2008-05-08 10:54 . 2008-05-08 10:54 <DIR> d-------- C:\WINDOWS\EHome
2008-05-07 23:46 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-05-07 23:46 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-05-07 23:46 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2008-05-07 23:46 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2008-05-07 23:46 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2008-05-07 23:46 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-05-07 23:46 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-05-07 23:33 . 2008-05-07 23:33 <DIR> d-------- C:\Program Files\Codemasters
2008-05-05 14:06 . 2008-05-05 14:06 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\Juce VST Host
2008-05-05 12:37 . 2006-06-20 10:56 225,280 --a------ C:\WINDOWS\system32\rewire.dll
2008-05-05 12:36 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm
2008-05-05 10:52 . 2008-05-05 10:52 <DIR> d-------- C:\WINDOWS\Mp3 Folder Structure Maker
2008-05-05 10:52 . 2008-05-10 21:56 <DIR> d-------- C:\Program Files\Mp3 Folder Structure Maker
2008-05-04 21:53 . 2008-05-04 21:53 268 --ah----- C:\sqmdata01.sqm
2008-05-04 21:53 . 2008-05-04 21:53 244 --ah----- C:\sqmnoopt01.sqm
2008-05-04 21:42 . 2008-05-04 21:42 268 --ah----- C:\sqmdata00.sqm
2008-05-04 21:42 . 2008-05-04 21:42 244 --ah----- C:\sqmnoopt00.sqm
2008-05-04 21:09 . 2008-05-04 21:09 <DIR> d-------- C:\Program Files\Zards software
2008-04-30 00:39 . 2008-04-30 00:39 <DIR> d-------- C:\Program Files\EA Sports
2008-04-28 11:32 . 2008-04-28 11:32 <DIR> d-------- C:\Program Files\Logitech
2008-04-28 11:32 . 2008-04-28 11:32 <DIR> d-------- C:\Program Files\Common Files\Logitech
2008-04-28 11:13 . 2008-04-28 11:13 <DIR> dr-h----- C:\Documents and Settings\DaniŽl\Application Data\SecuROM
2008-04-28 11:13 . 2008-04-28 11:13 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-04-28 11:12 . 2008-05-09 13:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Test Drive Unlimited
2008-04-27 23:29 . 2008-04-27 23:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-04-27 23:25 . 2008-04-27 23:25 <DIR> d-------- C:\Program Files\Bonjour
2008-04-27 23:19 . 2008-04-27 23:19 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-04-26 19:04 . 2008-04-26 19:04 <DIR> d-------- C:\Logs
2008-04-26 18:18 . 2008-04-26 18:18 <DIR> d-------- C:\Program Files\AceHide Free
2008-04-26 13:49 . 2008-04-26 13:49 <DIR> d-------- C:\Program Files\TVUPlayer
2008-04-26 13:49 . 2008-04-26 13:49 <DIR> d-------- C:\Documents and Settings\DaniŽl\LocalLow
2008-04-26 13:49 . 2008-04-26 13:49 <DIR> d-------- C:\Documents and Settings\DaniŽl\LocalLow
2008-04-26 13:49 . 2008-04-26 13:49 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\TVU Networks
2008-04-26 13:49 . 2008-04-26 13:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-04-24 17:22 . 2008-04-24 17:22 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-04-24 15:25 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-04-24 15:25 . 2007-03-05 12:42 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2008-04-24 15:16 . 2008-04-24 15:16 <DIR> d-------- C:\Program Files\Ubisoft
2008-04-24 15:16 . 2008-04-24 15:16 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\InstallShield
2008-04-24 11:20 . 2008-04-24 11:22 49 --a------ C:\WINDOWS\NeroDigital.ini
2008-04-24 10:12 . 2008-04-24 10:12 <DIR> d-------- C:\VAIO
2008-04-23 18:10 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-04-23 18:10 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2008-04-23 17:56 . 2008-04-23 17:56 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-04-23 17:55 . 2008-04-23 17:55 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\SystemRequirementsLab
2008-04-23 15:41 . 2008-04-23 15:41 <DIR> d-------- C:\WINDOWS\Sun
2008-04-23 13:21 . 2008-04-14 00:15 26,112 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-04-23 13:21 . 2008-04-23 13:21 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-04-23 13:21 . 2008-04-23 13:21 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-04-23 13:20 . 2008-04-23 13:22 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\PC Suite
2008-04-23 13:20 . 2008-04-23 13:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-04-23 13:19 . 2008-04-23 13:19 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-04-23 13:19 . 2008-04-23 13:19 <DIR> d-------- C:\Program Files\Nokia
2008-04-23 13:19 . 2008-04-23 13:19 <DIR> d-------- C:\Program Files\DIFX
2008-04-23 13:19 . 2008-04-23 13:19 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-04-23 13:19 . 2008-04-23 13:19 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-04-23 13:19 . 2008-04-23 13:21 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\Nokia
2008-04-23 13:19 . 2007-11-29 10:33 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-04-23 13:19 . 2007-11-29 10:39 95,744 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-04-23 13:19 . 2007-11-29 10:32 48,128 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-04-23 13:19 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-04-23 13:19 . 2007-11-29 10:39 19,328 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-04-23 13:19 . 2007-11-29 10:39 16,896 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-04-23 13:19 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-04-23 13:19 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-04-23 13:15 . 2008-05-04 10:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-04-23 10:23 . 2008-05-10 22:59 <DIR> dr-h----- C:\$VAULT$.AVG
2008-04-23 00:29 . 2008-04-23 00:29 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-04-21 15:38 . 2008-04-21 17:42 <DIR> d--hs---- C:\Boot
2008-04-21 15:38 . 2008-01-21 04:49 333,203 -rahs---- C:\bootmgr
2008-04-21 15:38 . 2008-04-21 17:42 8,192 -ra-s---- C:\BOOTSECT.BAK
2008-04-21 14:52 . 2008-04-14 19:51 171,136 -rahs---- C:\grldr
2008-04-21 14:49 . 2008-04-21 16:54 <DIR> d--hs---- C:\$RECYCLE.BIN
2008-04-21 13:16 . 2008-04-21 13:16 <DIR> d-------- C:\Program Files\PowerISO
2008-04-21 10:53 . 2008-04-21 10:53 <DIR> d-------- C:\Program Files\Nero
2008-04-21 10:53 . 2008-04-21 10:53 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-04-21 10:53 . 2008-04-21 10:53 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\Ahead
2008-04-21 10:53 . 2004-07-26 16:16 1,568,768 --a------ C:\WINDOWS\system32\imagX7.dll
2008-04-21 10:53 . 2003-03-19 06:20 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2008-04-21 10:53 . 2003-03-18 20:12 1,047,552 --a------ C:\WINDOWS\system32\mfc71u.dll
2008-04-21 10:53 . 2004-07-26 16:16 476,320 --a------ C:\WINDOWS\system32\imagXpr7.dll
2008-04-21 10:53 . 2004-07-26 16:16 471,040 --a------ C:\WINDOWS\system32\imagXRA7.dll
2008-04-21 10:53 . 2004-07-09 08:43 364,544 --a------ C:\WINDOWS\system32\TwnLib4.dll
2008-04-21 10:53 . 2004-07-26 16:16 262,144 --a------ C:\WINDOWS\system32\imagXR7.dll
2008-04-21 09:34 . 2004-08-04 12:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-04-20 23:57 . 2008-04-20 23:59 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-04-20 23:47 . 2008-05-09 13:29 <DIR> d-------- C:\Documents and Settings\DaniŽl\Shared
2008-04-20 23:47 . 2008-05-09 13:29 <DIR> d-------- C:\Documents and Settings\DaniŽl\Shared
2008-04-20 23:47 . 2008-05-09 13:32 <DIR> d-------- C:\Documents and Settings\DaniŽl\Incomplete
2008-04-20 23:47 . 2008-05-09 13:32 <DIR> d-------- C:\Documents and Settings\DaniŽl\Incomplete
2008-04-20 23:46 . 2008-04-21 09:53 <DIR> d-------- C:\Program Files\Java
2008-04-20 23:46 . 2008-04-23 06:46 <DIR> d-------- C:\Documents and Settings\DaniŽl\Application Data\LimeWire
2008-04-20 23:46 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-20 23:45 . 2008-04-20 23:46 <DIR> d-------- C:\Program Files\LimeWire
2008-04-20 23:45 . 2008-04-20 23:45 <DIR> d-------- C:\Program Files\Common Files\Java
2008-04-20 23:42 . 2008-04-20 23:42 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-20 23:39 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-10 20:53 --------- d-----w C:\Documents and Settings\DaniŽl\Application Data\AVG7
2008-05-10 20:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-05-09 11:53 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-08 09:13 219,136 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-05-07 21:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-20 16:22 --------- d-----w C:\Program Files\SigmaTel
2008-04-20 16:18 --------- d-----w C:\Program Files\Windows Live
2008-04-20 16:17 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-20 16:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-04-20 16:13 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-04-20 16:13 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-04-20 16:13 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2008-04-20 16:04 --------- d-----w C:\Program Files\Intel
2008-04-20 14:55 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-14 20:49 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 20:36 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 20:32 99,840 ----a-w C:\WINDOWS\system32\winscard.dll
2008-04-14 20:31 763,904 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 20:30 9,344 ----a-w C:\WINDOWS\system32\framebuf.dll
2008-04-14 20:30 3,584 ----a-w C:\WINDOWS\system32\icmp.dll
2008-04-14 20:30 3,072 ----a-w C:\WINDOWS\system32\dpnlobby.dll
2008-04-14 20:30 3,072 ----a-w C:\WINDOWS\system32\dpnaddr.dll
2008-04-14 20:30 285,696 ----a-w C:\WINDOWS\system32\atmfd.dll
2008-04-14 20:30 16,896 ----a-w C:\WINDOWS\system32\cfgmgr32.dll
2008-04-14 20:13 80,256 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 20:13 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 20:13 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 20:13 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 20:13 120,448 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 20:11 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 20:11 2,149,888 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 20:11 2,028,544 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 20:10 800,000 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 20:10 153,856 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 20:09 25,088 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 20:09 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 20:08 78,336 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 20:08 40,832 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 20:08 37,760 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 20:07 566,784 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 20:07 50,176 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 20:07 40,448 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 20:06 65,536 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 20:05 53,504 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 20:05 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 20:04 67,584 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 20:04 58,112 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 20:04 273,536 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 20:04 25,728 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 20:04 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 20:03 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-14 20:03 53,504 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 20:02 701,440 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-04-14 20:02 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 20:02 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 20:02 39,936 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 20:02 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-04-14 20:01 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 20:01 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 20:00 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 20:00 23,552 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 20:00 188,544 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 22:58 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 22:51 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 22:50 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 22:50 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 22:50 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 22:49 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 22:49 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 22:49 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 22:49 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 22:49 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 22:47 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 22:47 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 22:47 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 22:46 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 22:46 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 22:45 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 22:45 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 22:45 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 22:44 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 22:44 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 22:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 22:30 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 22:27 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 22:27 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 22:27 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 22:27 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 22:27 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 22:27 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 22:27 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 22:26 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 22:26 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 22:26 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 22:26 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 22:26 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 22:26 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 22:26 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 22:26 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 22:26 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C3EAEE7-38CF-4A91-BAD4-902A4BBE3064}]
C:\WINDOWS\system32\ssqro.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B0379AF7-9228-4383-BDA0-0627CEDD04AD}]
C:\WINDOWS\system32\pmnnm.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"WhatPulse"="C:\Program Files\WhatPulse\WhatPulse.exe" [2006-08-21 19:48 665600]
"Steam"="c:\program files\steam\steam.exe" [2008-04-20 19:39 1271032]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-02-14 01:09 486856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 22:32 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [ ]
"zHideWin"="C:\Program Files\AceHide Free\AceHideFree.exe" [2002-05-17 00:30 94720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 17:20 339968 C:\WINDOWS\stsystra.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-03-24 19:52 13524992]
"nwiz"="nwiz.exe" [2008-03-24 19:52 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-03-24 19:52 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-06-05 16:06 188416]
"Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 11:38 88584]
"846c4c11"="C:\WINDOWS\system32\iekpoqiq.dll" [ ]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-05-10 22:07 579584]
"BM875f7f8d"="C:\WINDOWS\system32\cvrjwjpy.dll" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 22:32 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-05-10 22:08 219136]

C:\Documents and Settings\DaniČl\Menu Start\Programma's\Opstarten\
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-04-23 00:29:52 2998608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Steam\\steamapps\\blistering11\\team fortress 2\\hl2.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Game.exe"=
"C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Launcher.exe"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Infogrames\\Grand Prix 4\\GP4.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=

S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 15:53]
S3 upperdev;upperdev;C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 10:39]
S3 UsbserFilt;UsbserFilt;C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 10:39]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-11 00:35:24
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
Voltooingstijd: 2008-05-11 0:37:00
ComboFix-quarantined-files.txt 2008-05-10 22:36:50

Pre-Run: 151,792,799,744 bytes beschikbaar
Post-Run: 151,784,587,264 bytes beschikbaar

332 --- E O F --- 2008-04-24 19:20:36


And HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:38:00, on 11-5-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\program files\steam\steam.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\AceHide Free\AceHideFree.exe
C:\Program Files\Xfire\xfire.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C3EAEE7-38CF-4A91-BAD4-902A4BBE3064} - C:\WINDOWS\system32\ssqro.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B0379AF7-9228-4383-BDA0-0627CEDD04AD} - C:\WINDOWS\system32\pmnnm.dll (file missing)
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [846c4c11] rundll32.exe "C:\WINDOWS\system32\iekpoqiq.dll",b
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [BM875f7f8d] Rundll32.exe "C:\WINDOWS\system32\cvrjwjpy.dll",s
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [zHideWin] C:\Program Files\AceHide Free\AceHideFree.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1208707940375
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8568 bytes



BC AdBot (Login to Remove)

 


#2 steamwiz

steamwiz

  • Members
  • 1,039 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 11 May 2008 - 03:51 PM

HI

Those errors are easy to get rid of, they refer to malware files which have been removed, but the startup runkeys are still in the registry, so windows is looking for the non-existent files when it boots, when it cant find them it gives the error... we just need to remove the run keys ...

However there is other malware referenced in your logs, so I would like you to run a couple if programs for me, if they don't remove it all then we'll remove it manually ...

Download Malwarebytes' Anti-Malware from Here :-

http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html

or here :-

http://www.besttechie.net/tools/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy and Paste the entire report in your next reply.

THEN ...

Please run a Kaspersky Online Scan

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

Click Accept

You will be promted to install an ActiveX component from Kaspersky,
Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives Scan Mail Bases
  • Click OK
  • Now under select a target to scan: Select My Computer
  • The program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Once finished, save the log to your Desktop as filename KAV.txt
steam
MICROSOFT MVP - Windows Security 2004/9
member of ASAP since 2004
member of U.N.I.T.E

If I have helped you, please consider a small donation to help me continue my online fight in the war against malware Posted Image

#3 steamwiz

steamwiz

  • Members
  • 1,039 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 24 June 2008 - 03:43 PM

Due to lack of feedback This thread is now treated as resolved and duly closed.

If the original poster would like it re-opened, please send me a PM with a link to this thread.

cheers

steam
MICROSOFT MVP - Windows Security 2004/9
member of ASAP since 2004
member of U.N.I.T.E

If I have helped you, please consider a small donation to help me continue my online fight in the war against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users