ComboFix 10-01-16.03 - huba 17/01/2010  12:01:55.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.31.1043.18.3327.2539 [GMT 1:00]
Gestart vanuit: i:\download3\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100117-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\desktop
c:\windows\desktop\CaptureEze Pro.lnk
c:\windows\system32\eeec71ed-968b-a29c-5f00-1d8ff4e3e30c.exe
c:\windows\system32\NTSVc.ocx

.
((((((((((((((((((((   Bestanden Gemaakt van 2009-12-17 to 2010-01-17  ))))))))))))))))))))))))))))))
.

2010-01-17 09:02 . 2010-01-17 09:02	--------	d-----w-	c:\documents and settings\huba\Application Data\Malwarebytes
2010-01-17 09:01 . 2010-01-07 15:07	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-17 09:01 . 2010-01-17 09:02	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-01-17 09:01 . 2010-01-17 09:01	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-17 09:01 . 2010-01-07 15:07	19160	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-01-17 07:50 . 2010-01-17 10:54	--------	d--h--r-	c:\documents and settings\huba\Onlangs geopend
2010-01-14 11:04 . 2010-01-14 11:04	--------	d-----w-	c:\program files\Trend Micro
2010-01-14 10:57 . 2010-01-14 10:57	--------	d-----w-	c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-01-14 10:57 . 2010-01-14 10:57	--------	d-----w-	c:\documents and settings\huba\Application Data\Office Genuine Advantage
2010-01-13 15:57 . 2004-08-04 05:00	221184	----a-w-	c:\windows\system32\wmpns.dll
2010-01-13 15:41 . 2010-01-13 15:44	237568	----a-w-	c:\windows\system32\rmc_rtspdl.dll
2010-01-13 15:41 . 2010-01-13 15:44	156672	----a-w-	c:\windows\system32\rmc_fixasf.exe
2010-01-13 15:38 . 2010-01-13 15:54	--------	d-----w-	c:\documents and settings\huba\Local Settings\Application Data\mdnslib
2010-01-13 15:38 . 2010-01-13 15:38	--------	d-----w-	c:\windows\Applian Director
2010-01-13 15:38 . 2010-01-13 15:38	--------	d-----w-	c:\program files\Applian Director
2010-01-13 15:37 . 2010-01-16 08:47	--------	d-----w-	c:\documents and settings\huba\Local Settings\Application Data\FLVService
2010-01-13 15:37 . 2010-01-13 15:56	--------	d-----w-	c:\program files\Replay Media Catcher
2010-01-13 15:37 . 2010-01-13 15:37	--------	d-----w-	c:\windows\Replay Media Catcher
2010-01-13 13:19 . 2010-01-13 13:19	--------	d-----w-	c:\documents and settings\huba\LimeWire Store Purchased
2010-01-13 11:43 . 2009-11-21 16:03	471552	-c----w-	c:\windows\system32\dllcache\aclayers.dll
2010-01-10 10:28 . 2010-01-10 10:28	--------	d-----w-	c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-01-09 09:30 . 2010-01-09 09:30	--------	d-----w-	c:\documents and settings\huba\.thumbnails
2010-01-05 12:44 . 2010-01-05 12:44	--------	d-----w-	c:\program files\DIFX
2010-01-05 11:25 . 2010-01-05 11:35	--------	d-----w-	c:\documents and settings\All Users\Application Data\PCPitstop
2010-01-05 11:25 . 2010-01-05 11:25	--------	d-----w-	c:\program files\PCPitstop
2010-01-05 07:55 . 2010-01-05 07:57	--------	dc-h--w-	c:\windows\ie8
2010-01-02 11:07 . 2010-01-02 11:07	--------	d-----w-	c:\program files\Option
2010-01-02 10:49 . 2008-12-03 16:40	81408	----a-w-	c:\windows\system32\devcon_x64.exe
2010-01-02 10:49 . 2002-11-14 21:32	55808	----a-w-	c:\windows\system32\devcon.exe
2010-01-02 10:48 . 2010-01-02 15:10	--------	d-----w-	c:\program files\Driver Checker
2010-01-02 10:24 . 2010-01-02 10:41	--------	d-----w-	c:\program files\Disk Cleaner
2010-01-02 10:22 . 2010-01-02 10:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\Registry Helper
2010-01-02 09:59 . 2007-06-28 23:43	356352	----a-w-	c:\windows\system32\nvudisp.exe
2010-01-02 09:58 . 2007-06-29 00:54	356352	----a-w-	c:\windows\system32\NVUNINST.EXE
2009-12-29 10:47 . 2009-12-29 10:47	--------	d-----w-	c:\windows\Drivers
2009-12-29 10:47 . 2002-11-15 14:54	53248	----a-w-	c:\windows\system32\drivers\ousb2hub.sys
2009-12-29 10:47 . 2002-11-15 14:54	36224	----a-w-	c:\windows\system32\drivers\ousbehci.sys
2009-12-29 08:06 . 2009-12-29 08:06	--------	d-----w-	c:\program files\Elaborate Bytes
2009-12-25 13:38 . 2010-01-09 09:30	--------	d-----w-	c:\documents and settings\huba\.gimp-2.6
2009-12-25 13:38 . 2009-12-25 13:38	--------	d-----w-	c:\documents and settings\huba\.gegl-0.0
2009-12-23 16:43 . 2009-12-23 16:43	--------	d-----w-	c:\program files\STMicroelectronics
2009-12-23 15:30 . 2009-12-23 15:31	--------	d-----w-	C:\hp_LJP2014_Full_Solution_ROW
2009-12-23 15:14 . 2009-12-23 15:14	--------	d-----w-	c:\program files\CPUID
2009-12-23 15:14 . 2009-03-27 00:16	12672	----a-w-	c:\windows\system32\drivers\cpuz132_x32.sys
2009-12-22 07:02 . 2006-05-24 12:36	110592	----a-w-	c:\documents and settings\huba\Application Data\U3\temp\cleanup.exe
2009-12-22 06:58 . 2009-12-22 07:01	--------	d-----w-	c:\documents and settings\huba\Application Data\MailWasherPro
2009-12-22 06:58 . 2009-12-22 06:58	--------	d-----w-	c:\program files\MailWasher Pro
2009-12-22 06:57 . 2009-12-22 07:02	--------	d-----w-	c:\documents and settings\huba\Application Data\U3
2009-12-21 17:03 . 2009-12-23 15:48	--------	d-----w-	c:\documents and settings\huba\Local Settings\Application Data\eSupport.com
2009-12-21 17:03 . 2009-12-21 17:03	23600	----a-w-	c:\windows\system32\drivers\TVICHW32.SYS
2009-12-21 16:42 . 2009-12-21 16:42	--------	d-----w-	c:\windows\system32\XPSViewer
2009-12-21 16:42 . 2009-12-21 16:42	--------	d-----w-	c:\program files\MSBuild
2009-12-21 16:42 . 2009-12-21 16:42	--------	d-----w-	c:\program files\Reference Assemblies
2009-12-21 16:42 . 2008-07-06 12:06	89088	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-21 16:41 . 2008-07-06 12:06	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-21 16:41 . 2008-07-06 12:06	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-21 16:41 . 2008-07-06 12:06	575488	------w-	c:\windows\system32\xpsshhdr.dll
2009-12-21 16:41 . 2008-07-06 12:06	117760	------w-	c:\windows\system32\prntvpt.dll
2009-12-21 16:41 . 2008-07-06 10:50	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-21 16:41 . 2008-07-06 10:50	597504	------w-	c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-21 16:41 . 2009-12-21 16:42	--------	d-----w-	C:\97dfe802aef369ec025eb22dd5ef4b75
2009-12-21 16:41 . 2008-07-06 12:06	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll
2009-12-21 16:41 . 2008-07-06 12:06	1676288	------w-	c:\windows\system32\xpssvcs.dll
2009-12-21 16:39 . 2009-12-21 16:39	--------	d-sh--w-	c:\documents and settings\NetworkService\IETldCache
2009-12-21 16:17 . 2004-08-04 05:00	17024	-c--a-w-	c:\windows\system32\dllcache\usbohci.sys
2009-12-21 16:17 . 2004-08-04 05:00	17024	----a-w-	c:\windows\system32\drivers\usbohci.sys
2009-12-21 15:21 . 2009-12-21 15:21	--------	d-----w-	c:\documents and settings\huba\Application Data\WinBatch
2009-12-21 15:20 . 2009-08-26 15:04	53248	----a-w-	c:\windows\system32\CSVer.dll
2009-12-21 15:18 . 2002-08-02 10:01	473600	----a-w-	c:\windows\mHotkey.exe
2009-12-21 15:18 . 2002-07-26 14:13	4078	----a-w-	c:\windows\XP.reg
2009-12-21 15:18 . 2002-07-26 14:13	4078	----a-w-	c:\windows\Me.reg
2009-12-21 15:18 . 2002-07-26 14:13	4074	----a-w-	c:\windows\98.reg
2009-12-21 15:18 . 2002-07-26 14:13	4074	----a-w-	c:\windows\2k.reg
2009-12-21 15:18 . 2001-10-11 15:51	11776	----a-w-	c:\windows\HIDMNT.dll
2009-12-21 15:18 . 2001-09-06 19:45	233472	----a-w-	c:\windows\InstIt.exe
2009-12-21 14:36 . 2010-01-02 11:20	73728	----a-w-	c:\windows\system32\RtNicProp32.dll
2009-12-21 14:30 . 2009-04-02 15:43	520	----a-w-	c:\windows\system32\drivers\SamSfPa.dat
2009-12-21 14:30 . 2010-01-02 11:01	352256	----a-w-	c:\windows\vncutil.exe
2009-12-21 14:30 . 2010-01-02 11:01	41472	----a-w-	c:\windows\system32\RtkCoInstXP.dll
2009-12-21 14:30 . 2010-01-02 11:01	122880	----a-w-	c:\windows\RtkAudioService.exe
2009-12-21 14:30 . 2010-01-02 11:01	1389056	----a-w-	c:\windows\system32\drivers\Monfilt.sys
2009-12-21 14:30 . 2010-01-02 11:00	1684736	----a-w-	c:\windows\system32\drivers\Ambfilt.sys
2009-12-21 14:16 . 2009-12-21 14:17	3187424	----a-w-	c:\documents and settings\huba\Application Data\Blitware\DriverRobot\downloads\675ef0281f752d11965e19f7e4d9615e\sp40969.exe
2009-12-21 14:16 . 2009-12-21 15:08	399972848	----a-w-	c:\documents and settings\huba\Application Data\Blitware\DriverRobot\downloads\43212b160ae4e0e2d431d18bbe8adea9\hp_LJP2014_Full_Solution_ROW.exe
2009-12-21 14:16 . 2009-12-21 14:18	10830968	----a-w-	c:\documents and settings\huba\Application Data\Blitware\DriverRobot\downloads\814cc9a56537738194b9e64d937bf7c8\sp24809.exe
2009-12-21 14:16 . 2009-12-21 14:18	11060216	----a-w-	c:\documents and settings\huba\Application Data\Blitware\DriverRobot\downloads\cdcf419b3ab8e2f934ceddbd5efef08c\sp21424.exe
2009-12-21 14:16 . 2009-12-21 14:18	14525897	----a-w-	c:\documents and settings\huba\Application Data\Blitware\DriverRobot\downloads\ae8d1d2bc24651055250832a90b25ba4\GFX_XP32_14.37.1.5029_PV_Intel.exe
2009-12-21 14:16 . 2009-12-21 14:19	23492096	----a-w-	c:\documents and settings\huba\Application Data\Blitware\DriverRobot\downloads\fa1e3b68b8a243a024c653622822daab\200engi_B.exe
2009-12-21 14:16 . 2009-12-21 14:16	3022748	----a-w-	c:\documents and settings\huba\Application Data\Blitware\DriverRobot\downloads\1561b154722971a0801a8bfcf46fa35d\motherboard_driver_lan_realtek_8111.exe
2009-12-21 14:10 . 2009-12-21 14:10	--------	d-----w-	c:\documents and settings\huba\Application Data\Blitware
2009-12-21 14:09 . 2009-12-21 14:09	--------	d-----w-	c:\program files\Driver Robot
2009-12-21 09:37 . 2009-12-21 09:37	--------	d-----w-	c:\documents and settings\NeroMediaHomeUser.4\Application Data\TuneUp Software
2009-12-21 08:49 . 2009-12-21 08:52	15600	----a-w-	c:\windows\gdrv.sys
2009-12-21 08:48 . 2009-12-21 08:48	--------	d-----w-	c:\program files\obj
2009-12-21 08:48 . 2009-12-21 08:48	--------	d-----w-	c:\windows\GBD
2009-12-21 08:34 . 2009-12-21 08:34	--------	d-----w-	c:\program files\AGEIA Technologies
2009-12-21 08:34 . 2009-12-21 08:34	--------	d-----w-	c:\windows\system32\AGEIA
2009-12-21 08:34 . 2009-12-21 08:34	--------	d-----w-	c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-12-21 08:34 . 2009-12-21 08:35	--------	d-----w-	c:\program files\NVIDIA Corporation
2009-12-21 08:32 . 2009-11-21 02:34	69632	----a-w-	c:\windows\system32\OpenCL.dll
2009-12-21 08:32 . 2009-11-21 02:34	4038656	----a-w-	c:\windows\system32\nvcuda.dll
2009-12-21 08:32 . 2009-11-21 02:34	2259560	----a-w-	c:\windows\system32\nvcuvid.dll
2009-12-21 08:32 . 2009-11-21 02:34	1989224	----a-w-	c:\windows\system32\nvcuvenc.dll
2009-12-21 08:32 . 2009-11-21 02:34	182888	----a-w-	c:\windows\system32\nvcodins.dll
2009-12-21 08:32 . 2009-11-21 02:34	182888	----a-w-	c:\windows\system32\nvcod.dll
2009-12-21 08:32 . 2009-11-21 02:34	13602816	----a-w-	c:\windows\system32\nvoglnt.dll
2009-12-21 08:32 . 2009-11-21 02:34	11374592	----a-w-	c:\windows\system32\nvcompiler.dll
2009-12-21 08:32 . 2009-11-21 02:34	1056768	----a-w-	c:\windows\system32\nvapi.dll
2009-12-21 08:32 . 2009-11-21 02:34	2293286	----a-w-	c:\windows\system32\nvdata.bin
2009-12-21 07:43 . 2009-12-21 07:43	--------	d-sh--w-	c:\documents and settings\huba\IECompatCache
2009-12-21 07:42 . 2009-12-21 07:42	--------	d-sh--w-	c:\documents and settings\huba\PrivacIE
2009-12-21 07:35 . 2009-12-21 07:35	--------	d-sh--w-	c:\documents and settings\huba\IETldCache
2009-12-21 07:08 . 2009-10-29 07:44	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2009-12-21 07:08 . 2009-10-29 07:44	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2009-12-21 07:08 . 2010-01-06 02:00	--------	d-----w-	c:\windows\ie8updates
2009-12-21 07:07 . 2009-10-02 04:44	92160	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2009-12-21 02:00 . 2009-12-21 02:00	--------	d-----w-	c:\program files\MSXML 4.0
2009-12-20 13:08 . 2009-08-06 18:23	274288	----a-w-	c:\windows\system32\mucltui.dll
2009-12-20 13:08 . 2009-08-06 18:23	215920	----a-w-	c:\windows\system32\muweb.dll
2009-12-20 12:10 . 2009-12-20 12:10	--------	d-----w-	c:\documents and settings\huba\Local Settings\Application Data\Nero
2009-12-20 11:58 . 2009-12-20 12:02	664	----a-w-	c:\windows\system32\d3d9caps.dat
2009-12-20 11:58 . 2009-12-20 11:58	552	----a-w-	c:\windows\system32\d3d8caps.dat
2009-12-20 11:58 . 2009-12-20 11:58	--------	d-----w-	c:\program files\SystemRequirementsLab
2009-12-20 11:36 . 2009-12-20 11:36	--------	d-----w-	c:\documents and settings\huba\Application Data\Uniblue
2009-12-20 11:31 . 2009-07-31 09:05	1372672	-c----w-	c:\windows\system32\dllcache\msxml6.dll

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-17 10:40 . 2010-01-13 13:16	--------	d-----w-	c:\documents and settings\huba\Application Data\LimeWirePlus
2010-01-14 02:17 . 2008-01-24 11:59	90352	----a-w-	c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-13 13:16 . 2010-01-13 13:12	--------	d-----w-	c:\program files\LimeWire Plus
2010-01-13 13:15 . 2010-01-13 13:15	411368	----a-w-	c:\windows\system32\deploytk.dll
2010-01-13 13:15 . 2010-01-13 13:15	--------	d-----w-	c:\program files\Java
2010-01-13 13:15 . 2010-01-13 13:15	152576	----a-w-	c:\documents and settings\huba\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-13 13:14 . 2010-01-13 13:14	79488	----a-w-	c:\documents and settings\huba\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-13 13:13 . 2010-01-13 13:13	--------	d-----w-	c:\program files\LimewirePlus
2010-01-02 11:20 . 2007-07-02 01:03	143360	----a-w-	c:\windows\system32\drivers\Rtenicxp.sys
2010-01-02 11:01 . 2007-07-02 01:03	77824	----a-w-	c:\windows\SOUNDMAN.EXE
2010-01-02 11:01 . 2007-07-02 01:03	1826816	----a-w-	c:\windows\SkyTel.exe
2010-01-02 11:01 . 2007-07-02 01:02	1482752	----a-w-	c:\windows\RtlUpd.exe
2010-01-02 11:01 . 2007-07-02 01:02	9715200	----a-w-	c:\windows\RTLCPL.EXE
2010-01-02 11:01 . 2007-07-02 01:02	5915136	----a-w-	c:\windows\system32\drivers\RtkHDAud.sys
2010-01-02 11:01 . 2007-07-02 01:02	18749440	----a-w-	c:\windows\RTHDCPL.EXE
2010-01-02 11:01 . 2007-07-02 01:02	2170880	----a-w-	c:\windows\MicCal.exe
2010-01-02 11:00 . 2007-07-02 01:02	2808832	----a-w-	c:\windows\ALCWZRD.EXE
2010-01-02 11:00 . 2007-07-02 01:02	57344	----a-w-	c:\windows\ALCMTR.EXE
2010-01-02 11:00 . 2007-07-02 01:03	831488	----a-w-	c:\windows\RtlExUpd.dll
2010-01-02 08:18 . 2008-01-24 12:07	--------	d-----w-	c:\program files\Common Files\Adobe
2009-12-23 02:05 . 2008-01-24 12:01	92798	----a-w-	c:\windows\system32\perfc013.dat
2009-12-23 02:05 . 2008-01-24 12:01	513698	----a-w-	c:\windows\system32\perfh013.dat
2009-12-21 15:18 . 2008-01-24 12:09	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-12-21 14:36 . 2008-01-24 11:49	--------	d-----w-	c:\program files\Realtek
2009-12-20 12:09 . 2009-12-20 12:09	--------	d-----w-	c:\documents and settings\NeroMediaHomeUser.4\Application Data\Nero
2009-12-20 11:32 . 2008-01-24 11:27	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-20 06:44 . 2009-12-20 06:44	--------	d-----w-	c:\program files\MSXML 6.0
2009-12-19 19:34 . 2007-08-27 23:31	1018	----a-w-	c:\windows\CLEANUP.CMD
2009-12-19 17:26 . 2008-01-24 11:35	--------	d-----w-	c:\program files\Oca History Tool
2009-12-19 17:26 . 2008-01-24 12:03	--------	d-----w-	c:\program files\NewTech Infosystems
2009-12-19 17:26 . 2008-01-24 11:55	--------	d-----w-	c:\program files\Microsoft.NET
2009-12-19 17:25 . 2008-01-24 12:00	--------	d-----w-	c:\program files\Microsoft SQL Server
2009-12-19 17:24 . 2008-01-24 11:27	--------	d-----w-	c:\program files\microsoft frontpage
2009-12-19 17:24 . 2008-01-24 11:45	--------	d-----w-	c:\program files\Intel
2009-12-19 17:23 . 2008-01-24 12:04	--------	d-----w-	c:\program files\CyberLink
2009-12-19 17:23 . 2008-01-24 12:03	--------	d-----w-	c:\program files\Common Files\NewTech Infosystems
2009-12-19 17:23 . 2008-01-24 12:03	--------	d-----w-	c:\program files\Common Files\muvee Technologies
2009-12-19 17:22 . 2008-01-24 12:03	--------	d-----w-	c:\program files\Common Files\LightScribe
2009-12-19 17:22 . 2008-01-24 12:04	--------	d-----w-	c:\program files\Common Files\InstallShield
2009-12-19 17:21 . 2008-01-24 12:09	--------	d-----w-	c:\program files\Acer
2009-12-19 12:24 . 2008-01-24 12:01	--------	d-----w-	c:\program files\Microsoft Small Business
2009-12-19 12:24 . 2008-01-24 12:08	--------	d-----w-	c:\program files\eSobi
2009-12-19 12:21 . 2008-01-24 11:56	--------	d-----w-	c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-19 11:58 . 2008-01-24 12:08	--------	d-----w-	c:\documents and settings\All Users\Application Data\eSobi
2009-12-19 11:43 . 2009-12-19 11:43	127	----a-w-	c:\documents and settings\huba\Local Settings\Application Data\fusioncache.dat
2009-12-17 22:25 . 2009-12-17 22:25	26024	----a-w-	c:\windows\system32\drivers\ElbyCDIO.sys
2009-11-21 16:03 . 2004-08-04 05:00	471552	----a-w-	c:\windows\AppPatch\aclayers.dll
2009-11-21 02:34 . 2009-12-20 11:30	6282752	----a-w-	c:\windows\system32\nv4_disp.dll
2009-11-21 02:34 . 2009-12-20 11:24	10235968	----a-w-	c:\windows\system32\drivers\nv4_mini.sys
2009-10-29 07:44 . 2007-04-18 12:46	916480	----a-w-	c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-04 05:00	75776	----a-w-	c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-04 05:00	25088	----a-w-	c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-04 05:00	265728	----a-w-	c:\windows\system32\drivers\http.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}"= "c:\program files\LimewirePlus\tbLime.dll" [2007-11-08 1502232]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]
2007-11-08 11:11	1502232	----a-w-	c:\program files\LimewirePlus\tbLime.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}"= "c:\program files\LimewirePlus\tbLime.dll" [2007-11-08 1502232]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}"= "c:\program files\LimewirePlus\tbLime.dll" [2007-11-08 1502232]

[HKEY_CLASSES_ROOT\clsid\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2009-11-25 3176408]
"Google Update"="c:\documents and settings\huba\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-12-20 135664]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2009-12-28 3214272]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2010-01-10 160592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 68640]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-04-18 49152]
"eLockMonitor"="c:\acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [2006-03-31 16384]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-06-24 342528]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-19 24064]
"AdminWorks Tray"="c:\acer\LANScope Agent\awtray.exe" [2007-05-22 1459992]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2007-07-11 421888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-11-17 4371976]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-11-17 960352]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-11-17 165144]
"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 192512]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-12-20 1800464]
"Nero MediaHome 4"="c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2009-09-24 4859176]
"CHotkey"="mHotkey.exe" [2002-08-02 473600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-13 149280]
"Ask and Record FLV Service"="c:\program files\Replay Media Catcher\FLVSrvc.exe" [2009-09-22 156672]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-02 18749440]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-4-17 2326528]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-12-19 106560]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Nero\\Nero MediaHome 4\\NMMediaServerService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\LimeWire Plus\\LimeWire.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9999:UDP"= 9999:UDP:LANScope UDP Port
"2804:TCP"= 2804:TCP:LANScope TCP Port

R0 tdrpman147;Acronis Try&Decide and Restore Points filter (build 147);c:\windows\system32\drivers\tdrpm147.sys [19/12/2009 16:09 971584]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19/12/2009 14:24 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [20/12/2009 11:55 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [20/12/2009 11:55 25160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/12/2009 14:24 20560]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [23/12/2009 16:14 12672]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [9/10/2007 13:13 38144]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [8/06/2006 17:54 17664]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [6/06/2006 18:36 90112]
R2 LockServ;LockServ;c:\acer\Empowering Technology\eLock\LockServ.exe -p --> c:\acer\Empowering Technology\eLock\LockServ.exe -p [?]
R2 netlimiter;netlimiter;c:\windows\system32\drivers\NetLimiter.sys [3/10/2006 11:03 18072]
R2 netlock;netlock;c:\windows\system32\drivers\NetLock.sys [30/05/2007 15:30 14616]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [20/12/2009 9:15 583640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [17/12/2009 21:17 1044808]
R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [28/12/2007 15:02 287232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 7:24 10064]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21/12/2009 15:30 1684736]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [19/12/2009 12:56 24064]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map

2010-01-17 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 20:23]

2010-01-10 c:\windows\Tasks\Driver Robot.job
- c:\program files\Driver Robot\1.2.0.5\DriverRobot.exe [2009-12-21 07:53]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287548515-3035966879-1781883905-1008Core.job
- c:\documents and settings\huba\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-20 10:08]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-287548515-3035966879-1781883905-1008UA.job
- c:\documents and settings\huba\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-20 10:08]

2010-01-17 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 14:07]
.
.
------- Bijkomende Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Formulieren opslaan - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Invul Formulieren - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Menu aanpassen - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RoboForm Werkbalk - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
.
- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-eeec71ed-968b-a29c-5f00-1d8ff4e3e30c - c:\windows\system32\eeec71ed-968b-a29c-5f00-1d8ff4e3e30c.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 12:07
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\��}|������}|��9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(2428)
c:\program files\SlySoft\AnyDVD\ADvdDiscHlp.dll
c:\windows\system32\MSNCHATHOOK.DLL
c:\windows\system32\sysenv.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\MFC71U.DLL
c:\documents and settings\huba\Local Settings\Application Data\FLVService\lib\FLVSrvLib.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\acer\LANScope Agent\awServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Empowering Technology\eLock\LockServ.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\acer\LANScope Agent\LockKM.exe
c:\program files\Nero\Nero MediaHome 4\NMMediaServerService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\spupdsvc.exe
c:\acer\Empowering Technology\eLock\Monitor\LockMon.exe
c:\windows\mHotkey.exe
c:\windows\RTHDCPL.EXE
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\inf\unregmp2.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\lxcccoms.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Voltooingstijd: 2010-01-17  12:09:48 - machine werd herstart
ComboFix-quarantined-files.txt  2010-01-17 11:09

Pre-Run: 280.305.303.552 bytes beschikbaar
Post-Run: 280.232.304.640 bytes beschikbaar

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 5CC883174F9F36CA2722BECC510D6601