vraagje/probleem

daveEHV · 5 januari 2010

dat was een hele zware de pc bleef heftig hangen maar gelukkig niets verloren hier de log van de combofix

ComboFix 10-01-04.01 - home 05-01-2010 18:04:55.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3038.2314 [GMT 1:00]

Gestart vanuit: c:\users\home\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\home\Desktop\CFScript.txt

SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::

"c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe"

"c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe"

"c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\BearShare Applications

c:\program files\BearShare Applications\BearShare\ammp3.dll

c:\program files\BearShare Applications\BearShare\avcodec-51.dll

c:\program files\BearShare Applications\BearShare\avformat-51.dll

c:\program files\BearShare Applications\BearShare\avutil-49.dll

c:\program files\BearShare Applications\BearShare\BearShare.exe

c:\program files\BearShare Applications\BearShare\BerkeleyLoader.dll

c:\program files\BearShare Applications\BearShare\DiscoveryHelper.dll

c:\program files\BearShare Applications\BearShare\FFPage.exe

c:\program files\BearShare Applications\BearShare\FixAudioDriverSignature.reg

c:\program files\BearShare Applications\BearShare\GIFAnimator.dll

c:\program files\BearShare Applications\BearShare\ImageUploader5.ocx

c:\program files\BearShare Applications\BearShare\IMTrProgress.dll

c:\program files\BearShare Applications\BearShare\IMWebControl.dll

c:\program files\BearShare Applications\BearShare\InstallHelper.dll

c:\program files\BearShare Applications\BearShare\Launcher.exe

c:\program files\BearShare Applications\BearShare\libungif4.dll

c:\program files\BearShare Applications\BearShare\lic_helper.dll

c:\program files\BearShare Applications\BearShare\NCTAudioCDGrabber2.dll

c:\program files\BearShare Applications\BearShare\NCTAudioCDWriter2.dll

c:\program files\BearShare Applications\BearShare\NCTAudioCompress3.dll

c:\program files\BearShare Applications\BearShare\NCTAudioFile3.dll

c:\program files\BearShare Applications\BearShare\NCTAudioFileWMA3.dll

c:\program files\BearShare Applications\BearShare\NCTAudioFormatSettings3.dll

c:\program files\BearShare Applications\BearShare\NCTDataCDWriter2.dll

c:\program files\BearShare Applications\BearShare\ResourcesLOC.dll

c:\program files\BearShare Applications\BearShare\Shw32.dll

c:\program files\BearShare Applications\BearShare\Skins\PS.exe

c:\program files\BearShare Applications\BearShare\Skins\RemoteSkin.wmz

c:\program files\BearShare Applications\BearShare\UninstallSurvey.exe

c:\program files\BearShare Applications\BearShare\UninstallUsers.exe

c:\program files\BearShare Applications\BearShare\UNWISE.EXE

c:\program files\BearShare Applications\BearShare\UnwiseLauncher.exe

c:\program files\BearShare Applications\BearShare\UpdateInst.exe

c:\program files\BearShare Applications\BearShare\WMAProfiles.prx

c:\program files\BearShare Applications\BearShare\WMHelper.dll

c:\program files\Conduit

c:\program files\Conduit\Community Alerts\Alert.dll

c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe

c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe

c:\users\home\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-12-05 to 2010-01-05 ))))))))))))))))))))))))))))))

.

2010-01-05 17:15 . 2010-01-05 17:15 -------- d-----w- c:\users\home\AppData\Local\temp

2010-01-05 17:15 . 2010-01-05 17:15 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-01-05 17:15 . 2010-01-05 17:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-01-05 11:20 . 2010-01-05 11:20 388096 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2010-01-05 10:53 . 2010-01-05 10:55 -------- d-----w- c:\users\home\AppData\Local\Temp(9)

2010-01-04 17:18 . 2010-01-04 17:18 -------- d-----w- c:\program files\TrendMicro

2010-01-03 18:35 . 2010-01-04 14:03 -------- d-----w- c:\program files\a-squared Anti-Malware

2010-01-03 17:46 . 2010-01-03 17:46 52224 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

2010-01-03 17:46 . 2010-01-03 17:46 117760 ----a-w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2010-01-03 17:45 . 2010-01-03 17:45 -------- d-----w- c:\program files\SUPERAntiSpyware

2010-01-03 17:43 . 2010-01-03 17:43 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2010-01-02 03:01 . 2010-01-03 21:58 -------- d-----w- c:\program files\CCleaner

2010-01-02 02:01 . 2010-01-02 02:01 -------- d-----w- c:\programdata\F-Secure

2009-12-26 13:48 . 2009-12-26 13:48 -------- d-----w- c:\program files\uTorrent

2009-12-25 15:20 . 2009-12-25 15:20 19944 ----a-w- c:\windows\system32\drivers\kav_atapi.sys

2009-12-24 21:59 . 2010-01-04 21:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-23 22:49 . 2009-12-23 22:49 -------- d-----w- c:\programdata\PY_Software

2009-12-23 22:49 . 2009-12-23 23:00 -------- d-----w- c:\program files\Internet TV

2009-12-23 17:06 . 2009-12-23 17:06 -------- d-----w- c:\users\home\AppData\Local\Apple Computer

2009-12-20 21:55 . 2009-12-20 21:55 -------- d-----w- c:\users\home\AppData\Roaming\ChemTable Software

2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\users\home\AppData\Local\ChemTable Software

2009-12-20 21:51 . 2009-12-20 21:51 -------- d-----w- c:\program files\Reg Organizer

2009-12-20 21:31 . 2010-01-05 11:02 -------- d-----w- c:\users\home\AppData\Roaming\SBMAV Disk Cleaner

2009-12-20 21:30 . 2009-12-20 21:31 -------- d-----w- c:\program files\SBMAV Disk Cleaner 2009

2009-12-20 21:16 . 2009-12-20 21:16 -------- d-----w- c:\program files\GRETECH

2009-12-20 16:44 . 2010-01-05 11:02 -------- d-----w- c:\users\home\AppData\Roaming\uTorrent

2009-12-20 14:45 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-12-20 14:43 . 2009-12-20 14:43 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-12-20 14:37 . 2009-12-20 14:37 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll

2009-12-20 14:37 . 2009-12-20 14:37 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll

2009-12-20 14:37 . 2009-12-20 14:37 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll

2009-12-20 14:37 . 2009-12-20 14:37 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll

2009-12-20 14:37 . 2009-12-20 14:37 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll

2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\fssync.dll

2009-12-20 13:20 . 2009-12-20 13:20 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\fssync.dll

2009-12-20 13:01 . 2009-12-20 13:01 108059 ----a-w- c:\windows\system32\drivers\klin.dat

2009-12-20 13:01 . 2009-12-20 13:01 95259 ----a-w- c:\windows\system32\drivers\klick.dat

2009-12-20 12:59 . 2009-12-20 12:59 -------- d-----w- c:\program files\Kaspersky Lab

2009-12-20 12:52 . 2009-12-20 12:52 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files

2009-12-20 12:15 . 2010-01-05 16:57 -------- d-----w- c:\programdata\Kaspersky Lab

2009-12-20 11:32 . 2009-12-20 11:32 -------- d-----w- c:\program files\DAEMON Tools Lite

2009-12-17 10:52 . 2009-12-17 10:52 -------- d-----w- c:\users\home\AppData\Local\MediaSmart DVD

2009-12-15 13:21 . 2000-06-23 13:05 136704 ----a-w- c:\windows\system32\iacenc.dll

2009-12-15 13:21 . 2000-06-22 12:09 56320 ------w- c:\windows\system32\iyvu9_32.dll

2009-12-15 13:21 . 2009-12-15 13:21 -------- d-----w- c:\program files\Ligos

2009-12-15 13:17 . 1998-10-29 18:45 306688 ----a-w- c:\windows\IsUninst.exe

2009-12-13 23:24 . 2010-01-03 13:26 -------- d-----w- c:\users\home\AppData\Roaming\vlc

2009-12-13 20:51 . 2009-12-13 20:52 -------- d-----w- c:\program files\QuickTime

2009-12-13 20:51 . 2009-12-13 20:51 -------- d-----w- c:\programdata\Apple Computer

2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Common Files\Apple

2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\users\home\AppData\Local\Apple

2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\program files\Apple Software Update

2009-12-13 20:50 . 2009-12-13 20:50 -------- d-----w- c:\programdata\Apple

2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\programdata\ALLPlayer

2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\programdata\ALLPlayer\LIVE\DOLBY\iconv.dll

2009-12-11 22:36 . 2009-05-29 21:31 881664 ----a-w- c:\programdata\ALLPlayer\LIVE\XVID\xvidcore.dll

2009-12-11 22:36 . 2008-11-13 03:25 740442 ----a-w- c:\programdata\ALLPlayer\LIVE\DIVX\DivX.dll

2009-12-11 22:36 . 2008-04-14 21:50 1291776 ----a-w- c:\programdata\ALLPlayer\LIVE\QUARTZ\quartzXP.dll

2009-12-11 22:36 . 2009-06-11 21:52 892928 ----a-w- c:\windows\system32\iconv.dll

2009-12-11 22:36 . 2009-12-11 22:36 -------- d-----w- c:\program files\ALLPlayer

2009-12-11 14:49 . 2009-12-11 14:49 9 ----a-w- c:\windows\iosys32b.dat

2009-12-11 00:41 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll

2009-12-11 00:41 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys

2009-12-11 00:41 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll

2009-12-10 19:00 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll

2009-12-10 19:00 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll

2009-12-09 21:19 . 2009-12-22 00:03 -------- d-----w- c:\program files\PFPortChecker

2009-12-09 19:38 . 2009-12-09 19:38 -------- d-----w- c:\windows\Google Earth Pro 4.2

2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\CyberLink

2009-12-09 19:28 . 2009-12-09 19:28 -------- d-----w- c:\users\home\AppData\Local\PowerCinema

2009-12-08 13:45 . 2007-01-29 15:52 76800 ----a-w- c:\windows\system32\drivers\msw-wlan2.sys

2009-12-08 13:44 . 2009-12-08 13:44 -------- d-----w- c:\programdata\soft Xpansion

2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\programdata\eMule

2009-12-07 23:19 . 2009-12-07 23:19 -------- d-----w- c:\users\home\AppData\Local\eMule

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-04 16:12 . 2009-11-21 23:10 -------- d-----w- c:\program files\Webteh

2010-01-03 17:45 . 2009-11-19 23:07 -------- d-----w- c:\users\home\AppData\Roaming\SUPERAntiSpyware.com

2010-01-03 14:16 . 2009-11-22 18:33 -------- d-----w- c:\programdata\PC Tools

2010-01-02 01:24 . 2009-11-02 16:46 -------- d-----w- c:\program files\Wise Registry Cleaner

2010-01-02 01:23 . 2009-11-02 16:42 -------- d-----w- c:\program files\Wise Disk Cleaner

2010-01-01 12:39 . 2009-11-13 17:42 7512 ----a-w- c:\users\home\AppData\Local\d3d9caps.dat

2009-12-31 00:15 . 2009-11-02 15:00 10638 ----a-w- c:\programdata\DVDXStudio\CloneDVD4\MainApp.dll

2009-12-26 19:46 . 2009-02-28 14:33 667352 ----a-w- c:\windows\system32\perfh013.dat

2009-12-26 19:46 . 2009-02-28 14:33 126854 ----a-w- c:\windows\system32\perfc013.dat

2009-12-26 14:01 . 2009-10-27 22:01 -------- d-----w- c:\program files\Windows Live

2009-12-25 15:52 . 2009-11-22 18:16 -------- d-----w- c:\program files\Trojan Remover

2009-12-25 15:24 . 2009-10-30 00:15 19944 ----a-w- c:\windows\system32\drivers\atapi.sys

2009-12-23 23:39 . 2009-12-06 16:05 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2

2009-12-21 23:57 . 2009-10-28 23:40 -------- d-----w- c:\users\home\AppData\Roaming\CyberLink

2009-12-20 14:43 . 2009-02-28 08:01 -------- d-----w- c:\program files\Java

2009-12-16 23:34 . 2009-12-03 10:40 -------- d-----w- c:\users\home\AppData\Roaming\dvdcss

2009-12-11 02:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-12-11 00:41 . 2009-10-27 17:15 -------- d-----w- c:\programdata\Microsoft Help

2009-12-08 14:59 . 2009-02-28 06:35 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-12-05 15:23 . 2009-12-05 15:23 -------- d-----w- c:\programdata\vsosdk

2009-12-05 01:59 . 2009-12-05 01:30 -------- d-----w- c:\users\home\AppData\Roaming\DAEMON Tools Lite

2009-12-05 01:33 . 2009-12-03 15:19 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-12-05 01:32 . 2009-12-05 01:31 -------- d-----w- c:\programdata\DAEMON Tools Lite

2009-12-03 21:33 . 2009-12-03 21:33 10 ----a-w- c:\windows\winitwkg.dat

2009-11-29 17:22 . 2009-11-29 17:22 2560 ----a-w- c:\windows\_MSRSTRT.EXE

2009-11-28 13:46 . 2009-11-23 14:24 -------- d-----w- c:\program files\Save Flash

2009-11-28 01:30 . 2009-11-03 20:06 -------- d-----w- c:\users\home\AppData\Roaming\HpUpdate

2009-11-25 20:17 . 2009-11-25 20:17 -------- d-----w- c:\programdata\Office Genuine Advantage

2009-11-25 20:08 . 2009-10-27 22:02 -------- d-----w- c:\program files\Microsoft

2009-11-23 13:38 . 2009-11-23 12:49 -------- d-----w- c:\users\home\AppData\Roaming\Secretmaker

2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\Real

2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Common Files\xing shared

2009-11-23 00:28 . 2009-11-23 00:28 -------- d-----w- c:\program files\Real

2009-11-22 17:22 . 2009-11-22 17:22 -------- d-----w- c:\programdata\Simply Super Software

2009-11-21 18:33 . 2009-10-27 20:32 -------- d-----w- c:\program files\Google

2009-11-21 06:40 . 2009-12-10 19:01 916480 ----a-w- c:\windows\system32\wininet.dll

2009-11-21 06:34 . 2009-12-10 19:01 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-11-21 06:34 . 2009-12-10 19:01 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-11-21 04:59 . 2009-12-10 19:01 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-11-19 23:08 . 2009-11-19 23:08 -------- d-----w- c:\programdata\SUPERAntiSpyware.com

2009-11-18 00:41 . 2009-11-18 00:41 -------- d-----w- c:\program files\Windows Portable Devices

2009-11-18 00:41 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-11-18 00:40 . 2009-11-18 00:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2009-11-17 15:11 . 2009-11-17 15:11 -------- d-----w- c:\users\home\AppData\Roaming\Yahoo!

2009-11-17 15:09 . 2009-11-17 15:09 -------- d-----w- c:\programdata\Yahoo!

2009-11-17 15:09 . 2009-11-17 15:07 -------- d-----w- c:\program files\Yahoo!

2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\users\home\AppData\Roaming\Malwarebytes

2009-11-15 23:22 . 2009-11-15 23:22 -------- d-----w- c:\programdata\Malwarebytes

2009-11-15 15:49 . 2009-11-10 02:14 -------- d-----w- c:\users\home\AppData\Roaming\DivX

2009-11-15 15:48 . 2009-10-27 17:24 76416 ----a-w- c:\users\home\AppData\Local\GDIPFONTCACHEV1.DAT

2009-11-15 15:31 . 2009-11-15 15:27 -------- d-----w- c:\program files\Dish_Satellite_TV

2009-11-15 15:26 . 2009-11-14 22:45 -------- d-----w- c:\programdata\BlazeVideo

2009-11-14 23:58 . 2009-11-14 23:53 -------- d-----w- c:\program files\VirtualDJ

2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\users\home\AppData\Roaming\iExpert Software

2009-11-14 23:16 . 2009-11-14 23:16 -------- d-----w- c:\program files\Registry Clean Expert

2009-11-14 13:06 . 2009-11-14 13:06 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe

2009-11-12 18:51 . 2009-10-27 17:25 -------- d-----w- c:\users\home\AppData\Roaming\hewlett-packard

2009-11-12 18:45 . 2009-02-28 06:35 -------- d-----w- c:\programdata\Hewlett-Packard

2009-11-10 13:39 . 2009-11-17 15:09 607472 ----a-w- c:\programdata\Yahoo!\YUpdater\yupdater.exe

2009-11-10 02:03 . 2009-11-10 02:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\DivX

2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\PX Storage Engine

2009-11-10 01:54 . 2009-11-10 01:54 -------- d-----w- c:\program files\Common Files\DivX Shared

2009-11-10 01:42 . 2009-11-10 01:42 -------- d-----w- c:\program files\QO Developments

2009-11-09 23:04 . 2009-11-09 23:04 -------- d-----w- c:\program files\Medieval Software

2009-11-04 21:20 . 2009-11-04 21:11 169565 ----a-w- c:\windows\hpoins44.dat

2009-11-03 15:33 . 2009-11-03 15:33 21520 ----a-w- c:\windows\system32\drivers\klim6.sys

2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys

2009-11-02 14:58 . 2009-11-02 14:58 47360 ----a-w- c:\users\home\AppData\Roaming\pcouffin.sys

2009-10-29 09:17 . 2009-11-25 20:12 2048 ----a-w- c:\windows\system32\tzres.dll

2009-10-27 23:44 . 2009-10-27 23:44 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll

2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioStartMen_35915E200B6843159C76E36FD82695B6.exe

2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioProgramF_35915E200B6843159C76E36FD82695B6.exe

2009-10-27 21:53 . 2009-10-27 21:53 99606 ----a-r- c:\users\home\AppData\Roaming\Microsoft\Installer\{35915E20-0B68-4315-9C76-E36FD82695B6}\XstreamRadioDesktop_35915E200B6843159C76E36FD82695B6.exe

2009-10-27 18:00 . 2009-11-02 14:45 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2009-10-27 15:08 . 2009-10-27 15:08 0 ----a-w- c:\windows\ativpsrm.bin

2009-10-27 15:05 . 2009-10-27 15:05 6656 ----a-w- c:\windows\system32\bcmwlrc.dll

2009-10-27 15:05 . 2009-10-27 15:05 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll

2009-10-27 15:05 . 2009-10-27 15:05 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll

2009-10-27 15:05 . 2009-10-27 15:05 3502080 ----a-w- c:\windows\system32\bcmihvui.dll

2009-10-27 15:05 . 2009-10-27 15:05 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS

2009-10-20 18:34 . 2009-10-20 18:34 219664 ----a-w- c:\windows\system32\klogon.dll

2009-10-14 19:18 . 2009-10-14 19:18 36880 ----a-w- c:\windows\system32\drivers\klbg.sys

2009-10-08 21:08 . 2009-11-17 14:54 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2009-10-08 21:08 . 2009-11-17 14:54 234496 ----a-w- c:\windows\system32\oleacc.dll

2009-10-08 21:07 . 2009-11-17 14:54 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2009-02-28 14:50 . 2009-02-28 14:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-12-16 2002160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-06-03 450652]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-20 149280]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456]

"a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2010-01-02 3280712]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]

2009-11-11 15:18 870400 ----a-w- c:\program files\ALLPlayer\ALLUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer for HP TouchSmart]

2008-12-25 12:41 189736 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]

2008-11-28 17:04 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]

2008-06-09 09:16 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]

2009-11-10 14:39 5244216 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]

2008-10-10 11:24 206128 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-11-10 22:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler]

2009-11-09 02:14 605944 ----a-w- c:\program files\Registry Clean Expert\RCHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]

2008-11-18 18:35 914224 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2009-11-23 00:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]

2008-12-25 12:41 1316136 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent]

2009-05-08 16:32 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2008-11-14 21:02 218408 ------w- c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]

2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]

2008-10-30 10:51 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDIRShortCut]

2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]

2008-11-26 10:34 210216 ------w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]

2008-12-08 10:25 432432 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(:50,9d,48,44,6b,59,ca,01

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [14-10-2009 20:18 36880]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [3-11-2009 16:33 21520]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [16-12-2009 16:26 9968]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [16-12-2009 16:26 74480]

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/10/27 16:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [28-11-2008 18:04 87536]

R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [3-1-2010 19:35 1858144]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe [2-3-2009 18:43 81920]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 3:23 21504]

R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18-3-2008 16:24 19456]

R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [28-2-2009 9:34 365952]

R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [26-11-2008 17:13 296320]

R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [26-11-2008 17:13 116096]

R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [4-9-2008 18:47 54784]

R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [23-10-2008 10:42 107360]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [2-10-2009 18:39 19472]

S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [3-12-2009 16:19 691696]

S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?]

S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [28-2-2009 7:50 222512]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-1-2008 3:23 21504]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16-12-2009 16:27 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

2009-12-26 c:\windows\Tasks\HPCeeScheduleForhome.job

- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-28 10:34]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.nl/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: {{7A0815F1-6B65-4e3a-B198-709807B4042A} - {1EC035CE-090E-4AF7-B6DF-AD11C2F0F9C9} - c:\program files\XstreamRadio 3.02\RadioHelper.dll

TCP: {5BB7BBF4-5484-4488-9278-0AEBB2BEBADE} = 195.241.77.55,195.241.77.58

FF - ProfilePath - c:\users\home\AppData\Roaming\Mozilla\Firefox\Profiles\2e1wqqg9.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - component: c:\program files\Mozilla Firefox 3.6 Beta 2\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll

FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-01-05 18:15

Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Norton Internet Security]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"

.

Voltooingstijd: 2010-01-05 18:19:30

ComboFix-quarantined-files.txt 2010-01-05 17:19

ComboFix2.txt 2010-01-05 16:13

ComboFix3.txt 2010-01-05 10:52

ComboFix4.txt 2010-01-04 20:57

Pre-Run: 206.638.387.200 bytes beschikbaar

Post-Run: 206.651.293.696 bytes beschikbaar

- - End Of File - - 45C703FA7F9CC54C5D47C66A0F1B4411

kape · 5 januari 2010

Dit ziet er prima uit. Nog merkbare problemen nu ?

daveEHV · 5 januari 2010

nee geen merkbare dingen je hoort hem ook niet meer zo blazen harstikke bedankt voor je tijd en de moeite die je er in hebt gestoken om te helpen.

mvg dave

daveEHV · 5 januari 2010

heb toch wat te vroeg gejuicht hij draait nu goed maar hij blaast toch nog wel eens en heb in mij taakbeheer toch nog wat dingen gezien die me lieten twijffelen heb 3 processen die ik niet kan thuis brengen zou je daar nog even naar kunnen kijken

Ati2evxx.exe

csrss.exe

winlogon.exe

zal er ook een pic toe voegen dat je ze ziet

Image - TinyPic - Free Image Hosting, Photo Sharing & Video Hosting

mvg dave

kape · 5 januari 2010

ati2evxx.exe is de External Event Utility voor ATI Grafische kaarten.

csrss.exe staat voluit voor Microsoft Client-Server Runtime Server Subsystem en regelt de meeste visuele aspecten in je Windows omgeving.

winlogon.exe behoort tot de Windows login manager en zorgt voor alle procedures voor login en logout op je PC.

daveEHV · 6 januari 2010

thanks dan is alles perfect

Inloggen

vraagje/probleem

Aanbevolen berichten

daveEHV

Link naar reactie

Delen op andere sites

kape

Link naar reactie

Delen op andere sites

daveEHV

Link naar reactie

Delen op andere sites

daveEHV

Link naar reactie

Delen op andere sites

kape

Link naar reactie

Delen op andere sites

daveEHV

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie