ComboFix 09-07-08.04 - Mathieu 09/07/2009  1:27.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.32.1043.18.895.285 [GMT 2:00]
Gestart vanuit: c:\users\Mathieu\Downloads\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
 * Nieuw herstelpunt werd aangemaakt
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Pap en Mam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos.url
c:\users\Pap en Mam\Bureaublad\Videos.url
c:\users\Pap en Mam\Favorites\Videos.url
c:\windows\Installer\28277d.msp
c:\windows\Installer\4a671.msi
c:\windows\system32\drivers\hjgruivfjxvtcb.sys
c:\windows\system32\hjgruieiklppde.dll
c:\windows\system32\hjgruilog.dat
c:\windows\system32\hjgruimxixdahf.dll
c:\windows\system32\hjgruivtmpeiwq.dat
c:\windows\system32\hjgruiyqbrvohy.dat

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_hjgruihntwcxto


((((((((((((((((((((   Bestanden Gemaakt van 2009-06-08 to 2009-07-08  ))))))))))))))))))))))))))))))
.

2009-07-08 23:44 . 2009-07-08 23:45	--------	d-----w-	c:\users\Mathieu\AppData\Local\temp
2009-07-08 23:44 . 2009-07-08 23:44	--------	d-----w-	c:\users\Sophie\AppData\Local\temp
2009-07-08 23:44 . 2009-07-08 23:44	--------	d-----w-	c:\users\Pap en Mam\AppData\Local\temp
2009-07-08 23:44 . 2009-07-08 23:44	--------	d-----w-	c:\users\Marie\AppData\Local\temp
2009-07-08 23:27 . 2009-07-08 23:27	6736	----a-w-	c:\windows\system32\drivers\PROCEXP90.SYS
2009-07-08 23:02 . 2009-07-08 23:02	--------	d-----w-	c:\program files\CCleaner
2009-07-08 22:49 . 2009-06-17 09:27	38160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-08 22:49 . 2009-06-17 09:27	19096	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-07-08 22:49 . 2009-07-08 22:49	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2009-07-08 22:10 . 2009-07-08 22:33	--------	d-----w-	c:\users\Pap en Mam\AppData\Roaming\Reg Tool
2009-07-08 22:09 . 2009-07-08 22:09	--------	d-----w-	c:\program files\Reg Tool
2009-07-08 22:09 . 2009-07-08 22:09	--------	d-----w-	c:\program files\Downloaded Installers
2009-07-08 21:11 . 2009-07-08 21:11	--------	d-----w-	c:\users\Pap en Mam\AppData\Roaming\Malwarebytes
2009-07-08 18:12 . 2009-03-16 08:00	1181040	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVEX32A.DLL
2009-07-08 18:12 . 2009-03-16 08:00	89104	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVENG.SYS
2009-07-08 18:12 . 2009-03-16 08:00	876144	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVEX15.SYS
2009-07-08 18:12 . 2009-03-16 08:00	371248	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\EECTRL.SYS
2009-07-08 18:12 . 2009-03-16 08:00	2414128	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\CCERASER.DLL
2009-07-08 18:12 . 2009-03-16 08:00	177520	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\NAVENG32.DLL
2009-07-08 18:12 . 2009-03-16 08:00	101936	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\ERASER.SYS
2009-07-08 18:12 . 2008-12-17 09:00	259368	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090708.002\ECMSVR32.DLL
2009-07-08 17:25 . 2009-07-08 17:25	--------	d-----w-	c:\users\Sophie\Tracing
2009-07-08 17:22 . 2009-07-08 17:22	--------	d-----w-	c:\users\Sophie\AppData\Roaming\Symantec
2009-07-08 17:18 . 2009-03-16 08:00	89104	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\NAVENG.SYS
2009-07-08 17:18 . 2009-03-16 08:00	876144	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\NAVEX15.SYS
2009-07-08 17:18 . 2009-03-16 08:00	371248	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\EECTRL.SYS
2009-07-08 17:18 . 2009-03-16 08:00	2414128	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\CCERASER.DLL
2009-07-08 17:18 . 2009-03-16 08:00	177520	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\NAVENG32.DLL
2009-07-08 17:18 . 2009-03-16 08:00	1181040	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\NAVEX32A.DLL
2009-07-08 17:18 . 2009-03-16 08:00	101936	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\ERASER.SYS
2009-07-08 17:18 . 2008-12-17 09:00	259368	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp2856.tmp\ECMSVR32.DLL
2009-07-08 17:18 . 2009-07-07 23:50	1312	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\tmp88d.tmp\cur.scr
2009-07-08 11:45 . 2009-07-08 11:45	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\Malwarebytes
2009-07-08 11:45 . 2009-07-08 11:45	--------	d-----w-	c:\programdata\Malwarebytes
2009-07-08 11:24 . 2009-07-08 11:24	3252640	----a-w-	c:\users\Public\ccsetup221.exe
2009-07-08 11:22 . 2009-07-08 11:22	3561744	----a-w-	c:\users\Public\mbam-setup(2).exe
2009-07-08 11:08 . 2009-07-08 11:08	--------	d-----w-	c:\program files\Trend Micro
2009-07-08 11:04 . 2009-07-08 11:04	812344	----a-w-	c:\users\Public\HJTInstall.exe
2009-07-08 09:44 . 2009-03-16 08:00	89104	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\NAVENG.SYS
2009-07-08 09:44 . 2009-03-16 08:00	876144	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\NAVEX15.SYS
2009-07-08 09:44 . 2009-03-16 08:00	371248	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\EECTRL.SYS
2009-07-08 09:44 . 2009-03-16 08:00	177520	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\NAVENG32.DLL
2009-07-08 09:44 . 2009-03-16 08:00	1181040	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\NAVEX32A.DLL
2009-07-08 09:44 . 2009-03-16 08:00	101936	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\ERASER.SYS
2009-07-08 09:44 . 2009-03-16 08:00	2414128	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\CCERASER.DLL
2009-07-08 09:44 . 2008-12-17 09:00	259368	----a-w-	c:\programdata\Symantec\Definitions\VirusDefs\20090707.041\ECMSVR32.DLL
2009-07-08 09:42 . 2009-03-06 17:25	439672	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\Scxpx86.dll
2009-07-08 09:42 . 2009-02-09 22:59	272432	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDSvix86.sys
2009-07-08 09:42 . 2009-02-09 22:59	251768	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\SymIDSco.sys
2009-07-08 09:42 . 2009-02-09 22:59	685432	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDSxpx86.dll
2009-07-08 09:42 . 2009-02-09 22:59	173432	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\SymIDSI.dll
2009-07-08 09:42 . 2009-02-09 22:59	370224	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDSviA64.sys
2009-07-08 09:42 . 2008-12-04 23:11	157120	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090707.001\IDS9xx86.dll
2009-07-07 10:49 . 2009-03-06 17:25	439672	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\Scxpx86.dll
2009-07-07 10:49 . 2009-02-09 22:59	272432	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDSvix86.sys
2009-07-07 10:49 . 2009-02-09 22:59	251768	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\SymIDSco.sys
2009-07-07 10:49 . 2009-02-09 22:59	685432	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDSxpx86.dll
2009-07-07 10:49 . 2009-02-09 22:59	173432	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\SymIDSI.dll
2009-07-07 10:49 . 2009-02-09 22:59	370224	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDSviA64.sys
2009-07-07 10:49 . 2008-12-04 23:11	157120	----a-w-	c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090703.002\IDS9xx86.dll
2009-07-02 15:52 . 2009-07-02 15:52	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2009-07-02 15:52 . 2009-07-02 15:52	--------	d-----w-	c:\program files\DAEMON Tools Lite
2009-07-02 15:52 . 2009-07-02 15:53	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\DAEMON Tools Lite
2009-07-02 15:46 . 2009-07-02 15:46	--------	d-----w-	c:\program files\DAEMON Tools Pro
2009-07-02 15:13 . 2009-07-02 15:13	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\DAEMON Tools Pro
2009-06-26 21:45 . 2009-07-05 20:03	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\LimeWire
2009-06-20 14:53 . 2009-06-20 14:53	--------	d-----w-	c:\users\Marie\AppData\Roaming\LimeWire
2009-06-20 14:51 . 2009-06-21 20:36	--------	d-----w-	c:\users\Pap en Mam\AppData\Roaming\LimeWire
2009-06-20 14:49 . 2009-06-20 16:44	--------	d-----w-	c:\program files\LimeWire
2009-06-18 21:05 . 2009-06-18 21:05	--------	d-----w-	c:\programdata\Office Genuine Advantage
2009-06-18 20:54 . 2009-05-09 05:34	71680	----a-w-	c:\windows\system32\iesetup.dll
2009-06-18 20:54 . 2009-05-09 05:50	915456	----a-w-	c:\windows\system32\wininet.dll
2009-06-18 20:00 . 2008-06-20 01:14	97800	----a-w-	c:\windows\system32\infocardapi.dll
2009-06-18 20:00 . 2008-06-20 01:14	105016	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-18 20:00 . 2008-06-20 01:14	11264	----a-w-	c:\windows\system32\icardres.dll
2009-06-18 20:00 . 2008-06-20 01:14	622080	----a-w-	c:\windows\system32\icardagt.exe
2009-06-18 20:00 . 2008-06-20 01:14	43544	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2009-06-18 20:00 . 2008-06-20 01:14	781344	----a-w-	c:\windows\system32\PresentationNative_v0300.dll
2009-06-18 20:00 . 2008-06-20 01:14	326160	----a-w-	c:\windows\system32\PresentationHost.exe
2009-06-18 19:52 . 2008-07-27 18:03	96760	----a-w-	c:\windows\system32\dfshim.dll
2009-06-18 19:52 . 2008-07-27 18:03	282112	----a-w-	c:\windows\system32\mscoree.dll
2009-06-18 19:52 . 2008-07-27 18:03	41984	----a-w-	c:\windows\system32\netfxperf.dll
2009-06-18 19:51 . 2008-07-27 18:03	158720	----a-w-	c:\windows\system32\mscorier.dll
2009-06-18 19:51 . 2008-07-27 18:03	83968	----a-w-	c:\windows\system32\mscories.dll
2009-06-18 13:21 . 2009-06-18 13:21	--------	d-----w-	c:\users\Marie\AppData\Roaming\Basement
2009-06-14 18:00 . 2009-04-30 12:37	428544	----a-w-	c:\windows\system32\EncDec.dll
2009-06-14 18:00 . 2009-04-30 12:37	293376	----a-w-	c:\windows\system32\psisdecd.dll
2009-06-09 20:19 . 2009-04-21 11:55	2033152	----a-w-	c:\windows\system32\win32k.sys
2009-06-09 20:19 . 2009-04-23 12:43	784896	----a-w-	c:\windows\system32\rpcrt4.dll
2009-06-09 20:19 . 2009-04-23 12:42	636928	----a-w-	c:\windows\system32\localspl.dll

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-08 22:46 . 2008-03-30 19:35	84936	----a-w-	c:\users\Mathieu\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-08 22:36 . 2009-02-11 11:43	--------	d-----w-	c:\program files\Image-Line
2009-07-08 22:33 . 2008-12-26 21:48	--------	d-----w-	c:\users\Pap en Mam\AppData\Roaming\Symantec
2009-07-08 22:26 . 2008-03-20 23:36	84936	----a-w-	c:\users\Pap en Mam\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-08 21:10 . 2008-09-30 19:09	--------	d-----w-	c:\program files\Norton Security Scan
2009-07-08 17:23 . 2008-05-04 11:52	84936	----a-w-	c:\users\Sophie\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-08 12:14 . 2007-12-14 19:14	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\Azureus
2009-07-08 11:32 . 2007-09-10 19:52	--------	d-----w-	c:\programdata\Google Updater
2009-07-08 10:38 . 2008-07-16 10:22	1356	----a-w-	c:\users\Mathieu\AppData\Local\d3d9caps.dat
2009-07-02 15:56 . 2008-03-20 22:18	667114	----a-w-	c:\windows\system32\perfh013.dat
2009-07-02 15:56 . 2008-03-20 22:18	126648	----a-w-	c:\windows\system32\perfc013.dat
2009-07-02 15:53 . 2009-01-25 08:53	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\DAEMON Tools
2009-07-02 15:14 . 2009-01-25 08:54	721904	----a-w-	c:\windows\system32\drivers\sptd.sys
2009-07-02 09:25 . 2008-09-08 19:56	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\SPORE
2009-07-02 09:19 . 2008-06-17 19:28	--------	d-----w-	c:\program files\Electronic Arts
2009-07-02 09:18 . 2007-08-13 12:39	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-06-21 22:18 . 2008-03-08 15:13	--------	d-----w-	c:\users\Pap en Mam\AppData\Roaming\Azureus
2009-06-14 16:00 . 2008-03-31 08:52	84936	----a-w-	c:\users\Marie\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-14 14:44 . 2007-08-15 14:19	--------	d-----w-	c:\programdata\Microsoft Help
2009-06-14 14:44 . 2007-08-15 14:20	--------	d-----w-	c:\program files\Microsoft Works
2009-05-17 13:35 . 2007-12-14 19:17	183	----a-w-	c:\users\Mathieu\AppData\Roaming\Azureus\restart.bat
2009-05-17 13:34 . 2007-12-14 19:12	--------	d-----w-	c:\program files\Azureus
2009-05-16 10:22 . 2009-05-16 10:18	--------	d-----w-	c:\users\Mathieu\AppData\Roaming\U3
2009-05-13 20:45 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2009-04-19 17:45 . 2009-04-17 21:22	266	----a-w-	c:\users\Mathieu\AppData\Roaming\DelAll.bat
2009-04-19 17:45 . 2009-04-17 21:22	266	----a-w-	c:\users\Mathieu\AppData\Roaming\DelAll.bat
2009-03-31 20:47 . 2008-12-27 00:00	324976	----a-w-	c:\program files\mozilla firefox\components\coFFPlgn.dll
2008-09-25 17:05 . 2008-09-25 17:05	122880	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-04-17 09:58 . 2007-04-17 09:58	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-10 68856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-25 29744]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-10 67488]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-06-15 1826816]

c:\users\Pap en Mam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
explorer - Snelkoppeling.lnk - c:\windows\explorer.exe [2008-12-10 2927104]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"UDP Query User{104CD018-67C8-4F1B-BEAB-F61E6F706125}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\ascent.exe"= TCP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\ascent.exe:ascent.exe
"TCP Query User{F81E254F-9D0D-4FF5-98D5-6784949ED862}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\ascent.exe"= UDP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\ascent.exe:ascent.exe
"UDP Query User{5EB10CF6-F1CC-481B-96D3-95AA98326F8B}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\logonserver.exe"= TCP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\logonserver.exe:logonserver.exe
"TCP Query User{275EA36F-4E88-4BDB-80E7-2F2604265E75}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\logonserver.exe"= UDP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\logonserver.exe:logonserver.exe
"UDP Query User{9ED381D4-4A37-4405-938E-7FDE46E3F75D}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\db\\bin\\mysqld-nt.exe"= TCP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\db\bin\mysqld-nt.exe:mysqld-nt.exe
"TCP Query User{1CCF6002-A5E3-40FB-83B9-678084931584}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\db\\bin\\mysqld-nt.exe"= UDP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\db\bin\mysqld-nt.exe:mysqld-nt.exe
"UDP Query User{0837F6A4-A97A-40B9-BA15-BC08F8BFFAD1}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{F25F9E7B-A6DB-4166-A148-BA0182D45517}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{D1CAB3F9-0140-4393-B9CA-B87F94D40D0B}c:\\users\\mathieu\\documents\\privateserver\\blizzlike 2.3.2 yt repack\\ascent.exe"= TCP:c:\users\mathieu\documents\privateserver\blizzlike 2.3.2 yt repack\ascent.exe:ascent.exe
"TCP Query User{7A7507A4-CA93-474A-9419-DF8653DC931F}c:\\users\\mathieu\\documents\\privateserver\\blizzlike 2.3.2 yt repack\\ascent.exe"= UDP:c:\users\mathieu\documents\privateserver\blizzlike 2.3.2 yt repack\ascent.exe:ascent.exe
"UDP Query User{619A3525-5418-4CE7-9B25-199D24496FDF}c:\\users\\mathieu\\documents\\privateserver\\blizzlike 2.3.2 yt repack\\logonserver.exe"= TCP:c:\users\mathieu\documents\privateserver\blizzlike 2.3.2 yt repack\logonserver.exe:logonserver.exe
"TCP Query User{E76192FD-E755-4D9B-AA99-4B146C39FAA4}c:\\users\\mathieu\\documents\\privateserver\\blizzlike 2.3.2 yt repack\\logonserver.exe"= UDP:c:\users\mathieu\documents\privateserver\blizzlike 2.3.2 yt repack\logonserver.exe:logonserver.exe
"UDP Query User{102008FB-DB69-4ED5-B479-791730641ECD}c:\\users\\mathieu\\documents\\privateserver\\blizzlike 2.3.2 yt repack\\db\\bin\\mysqld-nt.exe"= TCP:c:\users\mathieu\documents\privateserver\blizzlike 2.3.2 yt repack\db\bin\mysqld-nt.exe:mysqld-nt.exe
"TCP Query User{A3EFFABD-90FA-4013-A085-360495F52AFB}c:\\users\\mathieu\\documents\\privateserver\\blizzlike 2.3.2 yt repack\\db\\bin\\mysqld-nt.exe"= UDP:c:\users\mathieu\documents\privateserver\blizzlike 2.3.2 yt repack\db\bin\mysqld-nt.exe:mysqld-nt.exe
"UDP Query User{C6EFA5B4-F941-4AC3-B9E7-662BFD5F0D04}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\ascent.exe"= TCP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\ascent.exe:ascent.exe
"TCP Query User{91C2A04C-D214-4CA5-A124-1E17D0F38D0C}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\ascent.exe"= UDP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\ascent.exe:ascent.exe
"UDP Query User{A20DA776-95FC-443A-8776-E221D3663E9D}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\logonserver.exe"= TCP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\logonserver.exe:logonserver.exe
"TCP Query User{06F843E3-2C9A-4139-BA55-0B01CA3840B0}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\logonserver.exe"= UDP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\logonserver.exe:logonserver.exe
"UDP Query User{8029F9BC-F2C7-4B4F-9DC1-A12EE91C3613}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\db\\bin\\mysqld-nt.exe"= TCP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\db\bin\mysqld-nt.exe:mysqld-nt.exe
"TCP Query User{D79A0018-7BAC-41E9-B255-6731CA0C52C7}c:\\users\\pap en mam\\desktop\\privateserver\\blizzlike 2.3.2 yt repack\\db\\bin\\mysqld-nt.exe"= UDP:c:\users\pap en mam\desktop\privateserver\blizzlike 2.3.2 yt repack\db\bin\mysqld-nt.exe:mysqld-nt.exe
"UDP Query User{52DB8D5B-D6E4-42A2-834E-1FAC5A0427C8}c:\\program files\\world of warcraft\\wow-2.3.0-engb-downloader.exe"= TCP:c:\program files\world of warcraft\wow-2.3.0-engb-downloader.exe:Blizzard Downloader
"TCP Query User{2509FFA5-64F9-4058-8500-1EF1FD7F97DB}c:\\program files\\world of warcraft\\wow-2.3.0-engb-downloader.exe"= UDP:c:\program files\world of warcraft\wow-2.3.0-engb-downloader.exe:Blizzard Downloader
"UDP Query User{91AB56C2-D26A-4976-9FA3-F5134A257CB9}c:\\users\\pap en mam\\desktop\\privserver\\mangosd.exe"= TCP:c:\users\pap en mam\desktop\privserver\mangosd.exe:mangosd.exe
"TCP Query User{8BDDBD1F-3782-457F-AD75-219B202D00F7}c:\\users\\pap en mam\\desktop\\privserver\\mangosd.exe"= UDP:c:\users\pap en mam\desktop\privserver\mangosd.exe:mangosd.exe
"UDP Query User{CD24BDF3-9B86-4E80-95A9-2907751404ED}c:\\users\\pap en mam\\desktop\\privserver\\db\\bin\\mysqld-nt.exe"= TCP:c:\users\pap en mam\desktop\privserver\db\bin\mysqld-nt.exe:mysqld-nt.exe
"TCP Query User{C0C42B69-574B-43CE-AE7F-AE7DBA7C9D73}c:\\users\\pap en mam\\desktop\\privserver\\db\\bin\\mysqld-nt.exe"= UDP:c:\users\pap en mam\desktop\privserver\db\bin\mysqld-nt.exe:mysqld-nt.exe
"{17499628-FFED-4AC0-857B-3941E3BCF18A}"= TCP:c:\program files\World of Warcraft\BackgroundDownloader.exe:Blizzard Downloader
"{09BCD17C-B53A-45E0-9E25-4C36AF2E2175}"= UDP:c:\program files\World of Warcraft\BackgroundDownloader.exe:Blizzard Downloader
"UDP Query User{374B18CB-B3CC-4E6A-9483-EF824D528BC2}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe:Blizzard Downloader
"TCP Query User{E7AD2203-6200-4100-86CB-067BCCC091AD}c:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe:Blizzard Downloader
"UDP Query User{F41329A6-CAE1-435C-8DCC-6FE1C425AA40}c:\\program files\\world of warcraft\\wow-1.12.0-engb-downloader.exe"= TCP:c:\program files\world of warcraft\wow-1.12.0-engb-downloader.exe:Blizzard Downloader
"TCP Query User{35A8FCC2-B915-4525-B2E6-2FDA266C6E92}c:\\program files\\world of warcraft\\wow-1.12.0-engb-downloader.exe"= UDP:c:\program files\world of warcraft\wow-1.12.0-engb-downloader.exe:Blizzard Downloader
"{FF9D6405-AD2F-4FDA-A09A-E311F545F0B0}"= UDP:6112:Blizzard Downloader
"UDP Query User{ECDC13ED-BFDF-40AF-B350-438A2B5A0145}c:\\program files\\valve\\steam\\steamapps\\bighonkerz\\ricochet\\hl.exe"= TCP:c:\program files\valve\steam\steamapps\bighonkerz\ricochet\hl.exe:Half-Life Launcher
"TCP Query User{7C04B3F9-AABC-4B4C-91F5-BC755EC4C123}c:\\program files\\valve\\steam\\steamapps\\bighonkerz\\ricochet\\hl.exe"= UDP:c:\program files\valve\steam\steamapps\bighonkerz\ricochet\hl.exe:Half-Life Launcher
"UDP Query User{2462F981-F027-4B0B-BC3A-21CD5AFF4DA5}c:\\program files\\valve\\steam\\steamapps\\bighonkerz\\condition zero\\hl.exe"= TCP:c:\program files\valve\steam\steamapps\bighonkerz\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{9646F265-E6FF-44E9-B496-D8FFCE8F3260}c:\\program files\\valve\\steam\\steamapps\\bighonkerz\\condition zero\\hl.exe"= UDP:c:\program files\valve\steam\steamapps\bighonkerz\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{2B4B6732-87BF-4B9E-97CE-67CCE659F32B}c:\\program files\\valve\\steam\\steamapps\\bighonkerz\\counter-strike\\hl.exe"= TCP:c:\program files\valve\steam\steamapps\bighonkerz\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{13C881B7-2419-46E6-B85F-6FEC6ECA13E8}c:\\program files\\valve\\steam\\steamapps\\bighonkerz\\counter-strike\\hl.exe"= UDP:c:\program files\valve\steam\steamapps\bighonkerz\counter-strike\hl.exe:Half-Life Launcher
"{A8370B97-2B7C-4DB3-8C89-F99E0B77566C}"= TCP:c:\program files\Codemasters\Archlord\Archlord.exe:Archlord
"{44642817-917E-4DE7-AD81-2D0003CEED64}"= UDP:c:\program files\Codemasters\Archlord\Archlord.exe:Archlord
"UDP Query User{A66A328A-AFF9-491C-879D-6D835DA313AF}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath 
"TCP Query User{92AB941C-6EA3-48BE-9164-D238F4EDEB9A}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath 
"{F3E5B8B5-D4E2-4C62-BC59-9E6300E863F5}"= UDP:3724:Blizzard Downloader
"{9C187CC2-09B2-43ED-A0DE-C56B7315D7B8}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{65486F0A-62F9-4101-87E2-AF67B43241EA}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{C965A791-B79F-40AE-AAA5-1465D50BC8EA}"= c:\program files\Home Cinema\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{15FF1E9F-34EB-4808-A495-ED4802304380}"= c:\program files\Home Cinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{19EB3C1F-A5AA-46F1-A484-E77C8D3E9305}"= UDP:c:\program files\Electronic Arts\SPORE\Sporebin\SporeApp.exe:SporeApp
"{CA500601-1DD5-4341-BCF5-E57C9CC6F3C7}"= TCP:c:\program files\Electronic Arts\SPORE\Sporebin\SporeApp.exe:SporeApp
"{C71B312F-2702-4805-868C-152A69E79028}"= UDP:c:\program files\Chocolatier 2\chocotwo.exe: Chocolatier 2
"{BDD91B89-B0E2-426C-850A-8B8C6AAFF558}"= TCP:c:\program files\Chocolatier 2\chocotwo.exe: Chocolatier 2
"TCP Query User{C2D64D6E-8CE0-45E0-A54B-13C5A5DF7930}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{881DA6F2-CC7D-4F6A-8643-4453D38D170C}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"{3DE19CDF-CE3F-475C-990A-C30697C629B6}"= UDP:80:spore
"{FD325228-6C89-4960-A943-52D0C611F696}"= UDP:443:spore2
"{C82E32B7-AE1C-4B2C-9064-9E33EC7A45DE}"= UDP:18120:spore3
"{BCA3AD03-D066-4907-9167-993A5967BC12}"= UDP:18060:spore4
"TCP Query User{FF54777D-46AE-4C95-AFD3-A69CA87F8756}c:\\program files\\warcraft iii\\war3.exe"= UDP:c:\program files\warcraft iii\war3.exe:Warcraft III
"UDP Query User{EB35149D-5145-4346-AFBB-77C04F333BA4}c:\\program files\\warcraft iii\\war3.exe"= TCP:c:\program files\warcraft iii\war3.exe:Warcraft III
"{EE8E7ECB-5187-47BC-A082-A7B95C725611}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.3-to-3.0.2-enGB-Win-Final-downloader.exe:Blizzard Downloader
"{D0D8DAEA-A64C-4E03-BF11-37D2A6B1973A}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.3-to-3.0.2-enGB-Win-Final-downloader.exe:Blizzard Downloader
"{F5DBCB2F-46E4-488D-8593-417C75F49004}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{BC5A509C-4E52-44CD-BA34-3732C6A4ABC2}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{655FD875-E5B8-4C43-9213-6F3915418589}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{049BB559-E5CB-4090-A0A0-D0BAB89E2045}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6C07E51F-E2DB-43C5-8E94-C6F30FBEBE3D}"= UDP:c:\program files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars(TM): Empire at War(TM)
"{4DCCF2C4-8B2E-4CD3-9A93-211D77F2E867}"= TCP:c:\program files\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:Star Wars(TM): Empire at War(TM)
"{1F224D07-B910-42EF-B67B-CF42D7BD4762}"= UDP:c:\program files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(TM): Empire at War(TM): Forces of Corruption(TM)
"{422434CB-12FB-4616-96A4-91F2B89A2082}"= TCP:c:\program files\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:Star Wars(TM): Empire at War(TM): Forces of Corruption(TM)
"{5663BA1F-8370-4AC5-828E-6422098E9173}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{63424461-479F-4821-83AE-43F498403452}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{DB87AEB3-6D0E-414C-8B59-8ECDB43AC0BD}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{7DDF02B6-24A8-4757-88DC-BBB98976EAA9}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{178B365F-250C-44B1-8A3C-4D295A2519F3}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{0A2E1159-F0BA-4A01-8FA4-CF60D607F0B3}c:\\users\\public\\world of warcraft\\launcher.exe"= UDP:c:\users\public\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{AD418DFD-8F83-4D4D-97B6-6F9DAAE01212}c:\\users\\public\\world of warcraft\\launcher.exe"= TCP:c:\users\public\world of warcraft\launcher.exe:Blizzard Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090707.001\IDSvix86.sys [8/07/2009 11:42 272432]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11/09/2007 1:45 124832]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [21/03/2008 0:20 1223008]
R3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [12/01/2008 20:32 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/07/2009 20:12 101936]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [19/02/2009 12:31 41008]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Inhoud van de 'Gedeelde Taken' map

2009-07-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-10 18:37]

2009-07-03 c:\windows\Tasks\Norton Security Scan for Pap en Mam.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 02:18]

2009-07-08 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-07-08 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-07-08 c:\windows\Tasks\Reg Tool Scan.job
- c:\program files\Reg Tool\Reg Tool.exe [2009-06-26 12:20]

2009-07-08 c:\windows\Tasks\User_Feed_Synchronization-{21A97A2C-CB17-4D8D-A563-81E0F31D2F2C}.job
- c:\windows\system32\msfeedssync.exe [2009-06-18 11:31]

2009-07-08 c:\windows\Tasks\User_Feed_Synchronization-{29FEC934-76F7-421B-BC10-52F95D6E2CCF}.job
- c:\windows\system32\msfeedssync.exe [2009-06-18 11:31]

2009-07-08 c:\windows\Tasks\User_Feed_Synchronization-{47C2F1E3-02D0-4C5E-963E-D90120450E67}.job
- c:\windows\system32\msfeedssync.exe [2009-06-18 11:31]

2009-07-08 c:\windows\Tasks\User_Feed_Synchronization-{EFF886B9-D667-4D16-8356-AB068EFAADF2}.job
- c:\windows\system32\msfeedssync.exe [2009-06-18 11:31]
.
- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-Steam - c:\program files\Valve\Steam\Steam.exe


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
FF - ProfilePath - c:\users\Mathieu\AppData\Roaming\Mozilla\Firefox\Profiles\kwzkuvlc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - component: c:\program files\Mozilla Firefox\components\coFFPlgn.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-09 01:44
Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-3541403619-4212162741-2876981324-1002\Software\SecuROM\License information*]
"datasecu"=hex:d8,3b,a1,cc,03,ee,40,4c,09,e3,df,46,8e,f6,99,fd,f8,16,e3,5d,7a,
   f8,f6,bc,5f,21,69,8b,19,54,ae,af,72,65,b4,35,e9,49,65,54,82,de,cf,d7,7e,83,\
"rkeysecu"=hex:64,b6,bd,e1,3e,80,9e,c4,40,b4,90,83,87,8e,33,49
.
Voltooingstijd: 2009-07-08  1:54
ComboFix-quarantined-files.txt  2009-07-08 23:54

Pre-Run: 156.094.423.040 bytes beschikbaar
Post-Run: 162.004.451.328 bytes beschikbaar

352	--- E O F ---	2009-06-24 11:26