ComboFix 10-09-22.02 - Martine 22-09-2010  21:01:06.2.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.31.1033.18.2038.1222 [GMT 2:00]
Gestart vanuit: c:\downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Voorgaande Run -------
.
c:\users\Public\Documents\Server\admin.txt
c:\users\Public\Documents\Server\server.dat

-- Voorgaande Run --

Besmet exemplaar van c:\windows\System32\wininit.exe werd aangetroffen en gedesinfecteerd  
Hersteld exemplaar van - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe 

--------

.
((((((((((((((((((((   Bestanden Gemaakt van 2010-08-22 to 2010-09-22  ))))))))))))))))))))))))))))))
.

2010-09-21 18:56 . 2010-09-21 18:56	--------	d-----w-	c:\program files\Trend Micro
2010-09-18 11:54 . 2010-09-18 11:54	--------	d-----w-	c:\program files\Fighters
2010-09-17 15:17 . 2010-08-21 05:32	316928	----a-w-	c:\windows\system32\spoolsv.exe
2010-09-12 09:43 . 2010-09-12 09:43	--------	d-----w-	c:\users\Martine\AppData\Local\ElevatedDiagnostics
2010-09-12 09:21 . 2010-09-12 09:21	36864	----a-w-	c:\users\Martine\AppData\Roaming\Autodesk\AutoCAD 2011\R18.1\enu\ContextualTabSelectorRules.dll
2010-09-12 08:33 . 2010-09-12 08:33	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2010-09-12 08:30 . 2010-09-12 08:30	--------	d-----w-	c:\program files\Autodesk
2010-09-12 08:28 . 2010-09-21 18:45	--------	d-----w-	c:\program files\Common Files\Autodesk Shared
2010-09-12 08:27 . 2009-03-09 13:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll
2010-09-12 08:27 . 2009-03-09 13:27	4178264	----a-w-	c:\windows\system32\D3DX9_41.dll
2010-09-12 08:27 . 2009-03-09 13:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll
2010-09-10 14:58 . 2010-09-12 09:21	--------	d-----w-	c:\users\Martine\AppData\Roaming\Autodesk
2010-09-08 20:56 . 2008-03-05 13:56	3786760	----a-w-	c:\windows\system32\D3DX9_37.dll
2010-09-08 20:56 . 2008-03-05 13:56	1420824	----a-w-	c:\windows\system32\D3DCompiler_37.dll
2010-09-08 20:56 . 2008-02-05 21:07	462864	----a-w-	c:\windows\system32\d3dx10_37.dll
2010-09-08 20:45 . 2010-09-12 08:30	--------	d-----w-	c:\users\Martine\AppData\Local\Autodesk
2010-09-07 20:09 . 2008-05-29 06:03	37176	----a-w-	c:\users\Martine\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-07 19:56 . 2010-09-07 19:56	--------	d-----w-	c:\users\Martine\Library
2010-09-07 19:56 . 2010-09-07 19:56	--------	d-----w-	c:\users\Martine\AppData\Roaming\com.adobe.ExMan
2010-09-07 19:36 . 2010-09-07 19:36	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-09-06 21:04 . 2010-09-21 18:45	--------	d-----w-	c:\program files\Microsoft
2010-09-06 21:03 . 2010-09-21 18:45	--------	d-----w-	c:\program files\Windows Live SkyDrive
2010-09-06 21:03 . 2010-09-21 18:45	--------	d-----w-	c:\program files\Windows Live
2010-09-06 21:03 . 2010-09-06 21:03	--------	d-----w-	c:\windows\PCHEALTH
2010-09-06 21:03 . 2006-11-29 11:06	3426072	----a-w-	c:\windows\system32\d3dx9_32.dll
2010-09-06 21:02 . 2010-09-06 21:02	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2010-09-06 20:59 . 2010-09-06 20:59	--------	d-----w-	c:\program files\Common Files\Windows Live
2010-09-05 16:07 . 2000-11-21 08:32	1015808	----a-w-	c:\windows\system32\ActRpt.dll
2010-09-05 09:40 . 2010-07-16 02:40	5727598	----a-w-	c:\users\Martine\AppData\Roaming\OMRON\CX-One Upgrade Utility\CXUpSet.exe
2010-09-05 09:40 . 2010-09-05 09:40	--------	d-----w-	c:\users\Martine\AppData\Roaming\OMRON
2010-09-05 09:02 . 2010-09-05 09:02	--------	d-----w-	c:\users\Martine\AppData\Roaming\InstallShield
2010-09-05 09:01 . 2010-09-05 09:01	--------	d-----w-	c:\users\Martine\AppData\Local\Programs
2010-09-05 08:55 . 2010-09-05 10:15	--------	d-----w-	c:\program files\Common Files\Omron
2010-09-05 08:55 . 2010-09-05 16:07	--------	d-----w-	c:\program files\OMRON
2010-09-05 08:43 . 2010-09-05 10:50	--------	d-----w-	c:\users\Martine\AppData\Local\ApplicationHistory
2010-09-05 08:43 . 2010-09-05 08:43	95	----a-w-	c:\users\Martine\AppData\Local\fusioncache.dat
2010-09-05 08:40 . 2010-09-05 08:40	--------	d-----w-	c:\windows\system32\URTTEMP

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-21 18:45 . 2009-11-16 17:52	--------	d-----w-	c:\program files\Mozilla Thunderbird
2010-09-21 18:45 . 2009-11-08 08:21	--------	d-----w-	c:\users\Martine\AppData\Roaming\GHISLER
2010-09-12 09:45 . 2009-11-07 21:52	701830	----a-w-	c:\windows\system32\perfh013.dat
2010-09-12 09:45 . 2009-11-07 21:52	135152	----a-w-	c:\windows\system32\perfc013.dat
2010-09-12 08:58 . 2009-11-08 10:39	90736	----a-w-	c:\users\Martine\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-07 20:56 . 2009-11-09 22:39	--------	d-----w-	c:\program files\Common Files\Adobe
2010-09-05 16:07 . 2010-02-07 13:26	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-09-05 16:07 . 2010-02-07 13:25	--------	d-----w-	c:\program files\Common Files\InstallShield
2010-08-02 13:34 . 2010-08-02 13:34	--------	d-----w-	c:\users\Martine\AppData\Roaming\Home Designer Suite 8.0
2010-08-02 13:33 . 2010-08-02 13:22	--------	d-----w-	c:\program files\Chief Architect Inc
2010-08-02 13:20 . 2010-04-02 11:58	--------	d-----w-	c:\users\Martine\AppData\Roaming\DAEMON Tools Lite
2010-07-29 06:30 . 2010-08-17 15:25	197632	----a-w-	c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-17 15:25	82944	----a-w-	c:\windows\system32\iccvid.dll
2010-07-21 09:02 . 2010-07-21 09:02	409088	----a-w-	c:\windows\system32\systemcpl.dll
2010-07-21 09:02 . 2009-07-13 23:36	13824	----a-w-	c:\windows\system32\slwga.dll
2010-07-19 01:13 . 2010-07-19 01:13	127089	----a-w-	c:\windows\system32\CXSDI_PlainLibDrv.dll
2010-07-19 01:08 . 2010-07-19 01:08	69632	----a-w-	c:\windows\system32\PTUsbDrvS7IF.dll
2010-07-19 01:08 . 2010-07-19 01:08	73728	----a-w-	c:\windows\system32\Husbd.dll
2010-07-19 01:03 . 2010-07-19 01:03	3379200	----a-w-	c:\windows\system32\mkl_p4p.dll
2010-07-19 01:03 . 2010-07-19 01:03	3497984	----a-w-	c:\windows\system32\mkl_p4.dll
2010-07-19 01:03 . 2010-07-19 01:03	2199552	----a-w-	c:\windows\system32\mkl_lapack64.dll
2010-07-19 01:03 . 2010-07-19 01:03	2834432	----a-w-	c:\windows\system32\mkl_p3.dll
2010-07-19 01:02 . 2010-07-19 01:02	2297856	----a-w-	c:\windows\system32\mkl_def.dll
2010-07-19 01:02 . 2010-07-19 01:02	622592	----a-w-	c:\windows\system32\nianlys.dll
2010-07-19 01:02 . 2010-07-19 01:02	200704	----a-w-	c:\windows\system32\libguide40.dll
2010-06-30 06:25 . 2010-08-17 15:24	978432	----a-w-	c:\windows\system32\wininet.dll
2010-06-29 14:43 . 2010-06-29 14:43	90248	----a-w-	c:\windows\system32\CXSDI_UnknownConfigPages.dll
2010-06-29 14:43 . 2010-06-29 14:43	213126	----a-w-	c:\windows\system32\CXSDI_UnknownBaseConfig.dll
2010-06-29 14:43 . 2010-06-29 14:43	172158	----a-w-	c:\windows\system32\CXSDI_TCConfigPages.dll
2010-06-29 14:43 . 2010-06-29 14:43	225404	----a-w-	c:\windows\system32\CXSDI_TCBaseConfig.dll
2010-06-29 14:42 . 2010-06-29 14:42	270462	----a-w-	c:\windows\system32\CXSDI_NSConfigPages.dll
2010-06-29 14:42 . 2010-06-29 14:42	225405	----a-w-	c:\windows\system32\CXSDI_NSBaseConfig.dll
2010-06-29 14:42 . 2010-06-29 14:42	118914	----a-w-	c:\windows\system32\CXSDI_DNetConfigPages.dll
2010-06-29 14:42 . 2010-06-29 14:42	225408	----a-w-	c:\windows\system32\CXSDI_DNetBaseConfig.dll
2010-06-29 14:41 . 2010-06-29 14:41	118922	----a-w-	c:\windows\system32\CXSDI_CompoNetConfigPages.dll
2010-06-29 14:41 . 2010-06-29 14:41	225416	----a-w-	c:\windows\system32\CXSDI_CompoNetBaseConfig.dll
2010-06-29 14:40 . 2010-06-29 14:40	32866	----a-w-	c:\windows\cdmfgw20.dll
2010-06-29 14:40 . 2010-06-29 14:40	245850	----a-w-	c:\windows\CDMCodebase32.dll
2010-06-29 14:40 . 2010-06-29 14:40	409690	----a-w-	c:\windows\cdmapi32.dll
2010-06-29 14:40 . 2010-06-29 14:40	184465	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices10.dll
2010-06-29 14:39 . 2010-06-29 14:39	45056	----a-w-	c:\windows\system32\CXSDI_CS1TCPConfigPages.dll
2010-06-29 14:39 . 2010-06-29 14:39	163985	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices11.dll
2010-06-29 14:39 . 2010-06-29 14:39	102532	----a-w-	c:\windows\system32\CXSDI_CS1GWConfigPages.dll
2010-06-29 14:39 . 2010-06-29 14:39	102531	----a-w-	c:\windows\system32\CXSDI_FMCConfigPages.dll
2010-06-29 14:39 . 2010-06-29 14:39	139409	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices12.dll
2010-06-29 14:39 . 2010-06-29 14:39	344209	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices13.dll
2010-06-29 14:39 . 2010-06-29 14:39	389263	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices9.dll
2010-06-29 14:38 . 2010-06-29 14:38	434319	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices3.dll
2010-06-29 14:37 . 2010-06-29 14:37	258191	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices4.dll
2010-06-29 14:36 . 2010-06-29 14:36	397455	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices1.dll
2010-06-29 14:36 . 2010-06-29 14:36	262287	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices2.dll
2010-06-29 14:35 . 2010-06-29 14:35	315535	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices5.dll
2010-06-29 14:35 . 2010-06-29 14:35	209039	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices8.dll
2010-06-29 14:34 . 2010-06-29 14:34	389263	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices6.dll
2010-06-29 14:34 . 2010-06-29 14:34	241807	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices7.dll
2010-06-29 14:33 . 2010-06-29 14:33	151697	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices14.dll
2010-06-29 14:33 . 2010-06-29 14:33	82063	----a-w-	c:\windows\system32\CXSDI_SeriesCJ2MessageServices2.dll
2010-06-29 14:33 . 2010-06-29 14:33	802959	----a-w-	c:\windows\system32\CXSDI_SeriesCJ2MessageServices1.dll
2010-06-29 14:31 . 2010-06-29 14:31	1613955	----a-w-	c:\windows\system32\CXSDI_CIPConfigPages.dll
2010-06-29 14:31 . 2010-06-29 14:31	61585	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices17.dll
2010-06-29 14:31 . 2010-06-29 14:31	65673	----a-w-	c:\windows\system32\CXSDI_PTThruConfigPages.dll
2010-06-29 14:31 . 2010-06-29 14:31	139409	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices15.dll
2010-06-29 14:31 . 2010-06-29 14:31	110725	----a-w-	c:\windows\system32\CXSDI_CP1HConfigPages.dll
2010-06-29 14:31 . 2010-06-29 14:31	159889	----a-w-	c:\windows\system32\CXSDI_SeriesCS1MessageServices16.dll
2010-06-29 14:31 . 2010-06-29 14:31	315520	----a-w-	c:\windows\system32\CXSDI_CS1ConfigPages.dll
2010-06-29 14:31 . 2010-06-29 14:31	106627	----a-w-	c:\windows\system32\CXSDI_NSJConfigPages.dll
2010-06-29 14:30 . 2010-06-29 14:30	360574	----a-w-	c:\windows\system32\CXSDI_CS1BaseConfig.dll
2010-06-29 14:30 . 2010-06-29 14:30	106641	----a-w-	c:\windows\system32\CXSDI_CommonConfigPages.dll
2010-06-29 14:30 . 2010-06-29 14:30	82045	----a-w-	c:\windows\system32\CXSDI_CS1ServiceBase.dll
2010-06-29 14:30 . 2010-06-29 14:30	61539	----a-w-	c:\windows\system32\CXSDI_ParserLoader.dll
2010-06-29 14:30 . 2010-06-29 14:30	135282	----a-w-	c:\windows\system32\cxsdi_ModelParsers1.dll
2010-06-29 14:29 . 2010-06-29 14:29	135307	----a-w-	c:\windows\system32\CXSDI_PortDependentNetworks.dll
2010-06-29 14:28 . 2010-06-29 14:28	151675	----a-w-	c:\windows\system32\CXSDI_CS1BaseComms.dll
2010-06-29 14:28 . 2010-06-29 14:28	143481	----a-w-	c:\windows\system32\CXSDI_BaseNetworks.dll
2010-06-29 14:28 . 2010-06-29 14:28	127061	----a-w-	c:\windows\system32\CXSDI_PlainLib.dll
2010-06-28 08:03 . 2010-06-28 08:03	65536	----a-w-	c:\windows\system32\CXSDI_TJ1Services.dll
2010-06-28 08:03 . 2010-06-28 08:03	274432	----a-w-	c:\windows\system32\CXSDI_TJ1BaseConfig.dll
2010-06-28 08:03 . 2010-06-28 08:03	131072	----a-w-	c:\windows\system32\CXSDI_TJ1ConfigPages.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*Restore]
2009-07-14 01:14	262656	----a-w-	c:\windows\System32\rstrui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06	976832	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]
2009-11-24 23:51	81000	----a-w-	c:\program files\Alwil Software\Avast4\ashDisp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16	357696	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-06-24 14:41	247144	----a-w-	c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-13 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-04-02 691696]
S0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\DRIVERS\Si3531.sys [2009-02-06 212520]
S1 aswSP;avast! Self Protection; [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
S2 lxbl_device;lxbl_device;c:\windows\system32\lxblcoms.exe [2007-04-20 537520]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-06-24 92008]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-12-03 625224]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

.
Inhoud van de 'Gedeelde Taken' map

2010-09-22 c:\windows\Tasks\SLOW-PCfighter-Martine-Startup.job
- c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-03-10 08:52]
.
.
------- Bijkomende Scan -------
.
FF - ProfilePath - c:\users\Martine\AppData\Roaming\Mozilla\Firefox\Profiles\1yhv4gs4.default\
FF - component: c:\users\Martine\AppData\Roaming\Mozilla\Firefox\Profiles\1yhv4gs4.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\Wat\npWatWeb.dll
.
.
------- Bestandsassociaties -------
.
.scr=AutoCADScriptFile
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2010-09-22  21:13:28
ComboFix-quarantined-files.txt  2010-09-22 19:13

Pre-Run: 78.286.831.616 bytes beschikbaar
Post-Run: 77.964.152.832 bytes beschikbaar

- - End Of File - - A61F20B49EE5C249402D64E8DEADFEDD