Ga naar inhoud

perflib_perfdata_174 en 220


sers

Aanbevolen berichten

hallo,

Ik heb een probleempje met het copieren van alle windows programma naar mijn externe schijf (backup)

Als ik op het mapje windows druk en het wil copieeren naar mijn F schijf (extern) stop het proces en verschijnt er een pop-up dat Perflib_Perdata_220 in gebruik is door een ander programma. Ik heb het al eerder gedan en toen kwam de pop-up met Perflib_Perdata_174

Ik heb het hele systeem uitgebreid gescanned met Avast en Anti Malware (malwarebyte's)

Ik heb het geprobeerd met Avast uitgeschakeld. Ook niets.

Alle programma's )zover ik weet) waren gesloten

Wie kan me helpen

Alvast bedankt

---------- Post toegevoegd om 10:32 ---------- Vorige post was om 10:30 ----------

Ik heb ook nog geprobeerd om via het Windows zoekprogramma's Perflib_Perdata_220 op te zoeken maar zonder resultaat

Link naar reactie
Delen op andere sites

Het bestand Perflip_Perdata behoort toe aan een service van Windows: Performance Logs and Alerts service. Volg onderstaande instructies en probeer daarna of het kopiëren wel lukt.

Om de service uit te schakelen doe je het volgende:

Ga naar Start -->Configuratiescherm.

Open het onderdeel Administratie tools. (Ik werk met een Engelstalige versie van xp dus waarschijnlijk noemt het anders bij jou)

Open het onderdeel Services.

Zoek de service Performance Logs and Alerts.

Klik hier op met de rechtermuisknop en kies voor Stop.

Laat daarna je pc eens opkuisen met CCleaner:

Download Ccleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites

heel duiidelijk! Bedankt ga ik doen

Een vraagje nog

Als ik kijk naar Performance LOgs and Alert dan staat er OPSTART TYPE HANDMATIG en Aanmelden als Netwerkservice.

Moet ik nadat ik het bovenstaande heb gedaan dit weer terug zetten zoals het nu is

alvast bedankt

---------- Post toegevoegd om 14:28 ---------- Vorige post was om 14:25 ----------

Nu ik er nog eens naar kijk denk ik dat hij al gestopt was omdat ik alleen de optie starten en allen starten en vernieuwen open heb staan. Stoppen is niet aanklikbaar

Dus wat nu te doen

Link naar reactie
Delen op andere sites

Dan worden deze bestanden waarschijnlijk ook nog door andere services aangemaakt. De vraag is natuurlijk welke services nu juist. Ik kan je een programma geven die een overzicht geeft van dergelijke services, maar eerst mag je een scan doen met Hijackthis. Je hebt je pc al gecontroleerd met avast en malwarebytes, maar misschien draait er toch nog een overbodige service die we er zo kunnen uithalen.

Download HijackThis.

Klik bij "HijackThis Downloads" op "Installer".

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.

2. Klik op de snelkoppeling om HijackThis te starten

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis. (Bekijk hier de afbeelding ---> Bijlage 12634)

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER

3. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou verder door het ganse proces.

Link naar reactie
Delen op andere sites

hier is het log

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:15:01 AM, on 10/1/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Maxtor\Sync\SyncServices.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE

C:\Program Files\SweetIM\Messenger\SweetIM.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE

C:\WINDOWS\msagent\AgentSvr.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll

O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll

O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE

O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Golden Tiger Casino - {75AABD81-2A24-404E-8389-067312F231D7} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://gocanaria.ath.cx:8000/kxhcm10.ocx

O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} (pmjpegaudio Class) - http://www.bartboos.com:88/JpegInst.cab

O16 - DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} (PlaNet SysInfo Agent) - http://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab

O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - Windows Live OneCare

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sers10.spaces.live.com/PhotoUpload/MsnPUpld.cab

O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp.com/rdqemea/downloads/msxml4.cab

O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://83.84.124.118:9999/activex/AMC.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://rivernile.microgaming.com/rivernile/FlashAX2.cab

O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe

--

End of file - 9992 bytes

Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll

O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll

O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE

O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe

O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll

Klik op 'Fix checked' om de items te verwijderen.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht, samen met een nieuw log van HijackThis.

Link naar reactie
Delen op andere sites

daar ben ik weer. Bovenstaande instructies uitgevoerd. zie log files below.

Maar eerst het volgende. Nadat Combofix klaar was kam er een pop-up met """"kan het bestand c:\docume>>>\eige>>>\Del\locals>>>\Temp\log.txt niet vinden. Ja nee of annuleren. Ik heb maar op ja gedrukt en een leeg kladblok kwam op. De >>> staat voor een liggende S (Kan het ymbool niet vinden)

Verder Toen ik op internet kwam vroeg een pop-Up of ik I.E. Explorer als default browser wilde instellen. ook daar heb ik ja gezegd. Heb ik dat alles goed gedaan???

zie onder de log files:

3 files van combofix kwamen er op: MIsschien zit er een bij van een oudere datum?

1)

ComboFix 11-10-02.01 - Eigenaar 10/02/2011 12:55:21.3.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2558.2058 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\QueryScan

c:\documents and settings\Eigenaar.DELL\Application Data\completescan

c:\documents and settings\Eigenaar.DELL\Application Data\install

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\1.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\a.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\b.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\c.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\d.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\e.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\f.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\g.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\h.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\i.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\J.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\k.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\l.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\m.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\n.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\o.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\p.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\q.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\r.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\s.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\t.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\u.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\v.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\w.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\x.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\y.xml

c:\documents and settings\Eigenaar.DELL\Application Data\PriceGong\Data\z.xml

c:\program files\google\common\google updater\googleupdaterservice.exe

c:\program files\MPAccess

c:\program files\QueryScan

c:\program files\QueryScan\uninstall.exe

c:\windows\Downloaded Program Files\Install.inf

c:\windows\IsUn0413.exe

c:\windows\system32\comct332.ocx

c:\windows\system32\DC120fc7_32.dll

F:\autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_MYWEBSEARCHSERVICE

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-09-02 to 2011-10-02 ))))))))))))))))))))))))))))))

.

.

2011-10-01 08:13 . 2011-10-01 08:13 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-09-30 18:37 . 2011-10-02 08:07 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend

2011-09-28 09:22 . 2011-09-28 10:15 -------- d-----w- c:\program files\Cobian Backup 10

2011-09-27 10:04 . 2011-09-27 10:04 -------- d-----w- c:\program files\DIFX

2011-09-24 14:37 . 2011-09-24 14:37 -------- d-----w- c:\program files\Speccy

2011-09-18 10:35 . 2011-09-18 10:35 -------- dc----w- c:\documents and settings\All Users\Application Data\NCH Software

2011-09-18 10:33 . 2011-09-18 10:33 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\NCH Software

2011-09-18 08:55 . 2011-09-18 08:55 -------- dc----w- c:\documents and settings\All Users\Application Data\Socusoft

2011-09-12 20:53 . 2011-09-12 20:53 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\nl.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1

2011-09-09 09:12 . 2011-09-09 09:12 602624 -c----w- c:\windows\system32\dllcache\crypt32.dll

2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

2011-09-04 21:01 . 2011-09-04 21:01 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys

2011-09-04 08:06 . 2011-09-04 08:06 0 ---ha-w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\BIT9.tmp

2011-09-03 13:04 . 2007-01-31 17:01 256000 ----a-r- c:\windows\system32\drivers\netr73.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-09-25 19:29 . 2011-05-19 09:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-09 09:12 . 2004-08-04 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll

2011-09-06 20:45 . 2010-08-14 15:28 41184 ----a-w- c:\windows\avastSS.scr

2011-09-06 20:45 . 2010-08-14 15:28 199304 ----a-w- c:\windows\system32\aswBoot.exe

2011-09-06 20:38 . 2011-02-23 21:39 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-09-06 20:37 . 2010-08-14 15:28 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-09-06 20:36 . 2010-08-14 15:28 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-09-06 20:36 . 2010-08-14 15:28 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-09-06 20:36 . 2010-08-14 15:28 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2011-09-06 20:36 . 2010-08-14 15:28 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys

2011-09-06 20:36 . 2010-08-14 15:28 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-09-06 20:33 . 2010-08-14 15:28 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2011-08-31 15:00 . 2010-08-07 18:12 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-15 13:29 . 2004-08-04 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-08 14:02 . 2004-08-04 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

1999-05-03 14:01 . 1999-05-03 14:01 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL

1998-12-08 23:53 . 1998-12-08 23:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL

1998-12-08 23:53 . 1998-12-08 23:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL

1998-12-08 23:53 . 1998-12-08 23:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL

1998-12-08 23:53 . 1998-12-08 23:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL

1998-12-08 23:53 . 1998-12-08 23:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-09-06 20:45 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-10 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver\LVCOMS.EXE" [2001-09-06 94208]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-02-10 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-10 118784]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk]

backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Reality Fusion GameCam SE.lnk]

backup=c:\windows\pss\Reality Fusion GameCam SE.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^hpqtra08.exe]

path=c:\documents and settings\Eigenaar.DELL\Menu Start\Programma's\Opstarten\hpqtra08.exe

backup=c:\windows\pss\hpqtra08.exeStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]

backup=c:\windows\pss\Secunia PSI.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]

2010-10-27 09:00 1015808 ----a-w- c:\program files\Ares\Ares.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2004-02-10 09:51 118784 ----a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2008-06-02 07:28 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2004-02-10 09:55 155648 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]

2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]

2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]

2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2010-12-20 21:18 20480 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2011-03-10 22:04 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\WINDOWS\\system32\\mmc.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqusgm.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqusgh.exe"=

"c:\\Program Files\\Hp\\HP Software Update\\HPWUCli.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"=

"c:\\Program Files\\iMesh Applications\\MediaBar\\Datamngr\\ToolBar\\dtUser.exe"=

"c:\\Program Files\\Ares\\Ares.exe"=

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/23/2011 11:39 PM 442200]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/14/2010 5:28 PM 320856]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/14/2010 5:28 PM 20568]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/20/2010 4:38 PM 136176]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8/20/2010 4:38 PM 136176]

S3 netr73;Sitecom RT73 Wireless Driver for Vista;c:\windows\system32\drivers\netr73.sys [9/3/2011 3:04 PM 256000]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

getPlusHelper REG_MULTI_SZ getPlusHelper

.

Inhoud van de 'Gedeelde Taken' map

.

2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 14:38]

.

2011-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 14:38]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.nu.nl/

mSearch Bar = hxxp://www.google.com

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.0.1

DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} - hxxp://gocanaria.ath.cx:8000/kxhcm10.ocx

DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-10 - (no file)

AddRemove-PuzzelMatch Kleurboek 1-2-3 nr.1 - c:\windows\IsUn0413.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-10-02 13:13

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(2488)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Maxtor\Sync\SyncServices.exe

.

**************************************************************************

.

Voltooingstijd: 2011-10-02 13:25:24 - machine werd herstart

ComboFix-quarantined-files.txt 2011-10-02 11:25

ComboFix2.txt 2010-08-08 10:25

.

Pre-Run: 37,192,286,208 bytes beschikbaar

Post-Run: 37,104,869,376 bytes beschikbaar

.

- - End Of File - - F286D03A71D870152913FDFD5EBB0E74

2)

2011-10-02 11:23:28 . 2011-10-02 11:23:28 662 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-PuzzelMatch Kleurboek 1-2-3 nr.1.reg.dat

2011-10-02 11:21:34 . 2011-10-02 11:21:34 159 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-10.reg.dat

2011-10-02 11:13:49 . 2011-10-02 11:13:49 313 -c--a-w- C:\Qoobox\Quarantine\F\av2.zip

2011-10-02 11:13:45 . 2010-08-08 10:32:46 55 -c--a-w- C:\Qoobox\Quarantine\F\autorun.inf.vir

2011-10-02 11:05:50 . 2011-10-02 11:05:50 892 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\Legacy_MYWEBSEARCHSERVICE.reg.dat

2011-10-02 11:05:23 . 2011-10-02 11:05:23 9,828 -c--a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg

2011-10-02 10:52:16 . 2011-10-02 10:52:16 51 -c--a-w- C:\Qoobox\Quarantine\catchme.log

2011-07-01 06:48:40 . 2011-07-02 10:24:56 80,770 ----a-w- C:\Qoobox\Quarantine\C\Program Files\QueryScan\uninstall.exe.vir

2011-06-20 20:10:25 . 2011-06-20 20:13:34 5,120 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\mru.xml.vir

2011-05-30 04:20:36 . 2011-05-30 04:20:36 45,048 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\w.xml.vir

2011-05-30 04:20:36 . 2011-05-30 04:20:36 4,760 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\x.xml.vir

2011-05-30 04:20:36 . 2011-05-30 04:20:36 13,264 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\y.xml.vir

2011-05-30 04:20:36 . 2011-05-30 04:20:36 12,784 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\z.xml.vir

2011-05-30 04:20:34 . 2011-05-30 04:20:34 116,328 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\t.xml.vir

2011-05-30 04:20:34 . 2011-05-30 04:20:34 23,936 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\u.xml.vir

2011-05-30 04:20:34 . 2011-05-30 04:20:34 31,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\v.xml.vir

2011-05-30 04:20:32 . 2011-05-30 04:20:32 203,952 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\s.xml.vir

2011-05-30 04:20:28 . 2011-05-30 04:20:28 45,656 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\r.xml.vir

2011-05-30 04:20:26 . 2011-05-30 04:20:26 101,376 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\p.xml.vir

2011-05-30 04:20:26 . 2011-05-30 04:20:26 6,712 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\q.xml.vir

2011-05-30 04:20:24 . 2011-05-30 04:20:24 38,048 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\n.xml.vir

2011-05-30 04:20:24 . 2011-05-30 04:20:24 43,024 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\o.xml.vir

2011-05-30 04:20:22 . 2011-05-30 04:20:22 109,664 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\m.xml.vir

2011-05-30 04:20:20 . 2011-05-30 04:20:20 38,776 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\k.xml.vir

2011-05-30 04:20:20 . 2011-05-30 04:20:20 78,400 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\l.xml.vir

2011-05-30 04:20:18 . 2011-05-30 04:20:18 58,272 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\h.xml.vir

2011-05-30 04:20:18 . 2011-05-30 04:20:18 51,728 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\i.xml.vir

2011-05-30 04:20:18 . 2011-05-30 04:20:18 36,216 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\J.xml.vir

2011-05-30 04:20:16 . 2011-05-30 04:20:16 83,136 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\g.xml.vir

2011-05-30 04:20:14 . 2011-05-30 04:20:14 115,448 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\e.xml.vir

2011-05-30 04:20:14 . 2011-05-30 04:20:14 70,088 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\f.xml.vir

2011-05-30 04:20:12 . 2011-05-30 04:20:12 107,272 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\d.xml.vir

2011-05-30 04:20:10 . 2011-05-30 04:20:10 176,896 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\c.xml.vir

2011-05-30 04:20:06 . 2011-05-30 04:20:06 161,632 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\b.xml.vir

2011-05-30 04:20:04 . 2011-05-30 04:20:04 141,592 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\a.xml.vir

2011-05-30 04:20:02 . 2011-05-30 04:20:02 38,584 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\PriceGong\Data\1.xml.vir

2011-04-30 20:44:28 . 2011-04-30 21:17:17 6 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\completescan.vir

2011-04-30 20:40:33 . 2011-04-30 20:41:01 10 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Eigenaar.DELL\Application Data\install.vir

2011-03-10 22:04:23 . 2011-03-10 22:04:23 182,768 ----a-w- C:\Qoobox\Quarantine\C\Program Files\Google\Common\Google Updater\googleupdaterservice.exe.vir

2010-03-04 08:22:42 . 2010-03-04 08:22:42 462 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\Install.inf.vir

2008-02-09 16:56:10 . 1999-08-04 11:00:00 522,752 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\DC120fc7_32.dll.vir

2008-01-29 20:39:23 . 1998-11-13 12:08:20 308,224 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\IsUn0413.exe.vir

2008-01-18 16:02:21 . 1999-05-07 12:24:20 414,944 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\comct332.ocx.vir

3)

ComboFix 10-08-07.02 - Eigenaar 08/08/2010 12:10:43.2.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.325 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Eigenaar.DELL\Mijn documenten\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Panda Security

c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2KRN_DATA

c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM

c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM2

c:\program files\Panda Security\ActiveScan 2.0\nanocache.fil2

c:\program files\Panda Security\ActiveScan 2.0\pav.sig

c:\program files\Panda Security\ActiveScan 2.0\pavvts.dat

c:\program files\Panda Security\ActiveScan 2.0\psnengav.nsc

c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF

c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext

F:\autorun.inf

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))

.

2010-08-08 08:19 . 2010-08-08 09:54 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend

2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Malwarebytes

2010-08-07 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-08-07 18:12 . 2010-08-07 18:12 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-08-07 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-08-07 13:17 . 2010-08-07 13:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira

2010-08-07 12:06 . 2010-08-07 12:06 -------- d-----r- c:\documents and settings\LocalService\Favorieten

2010-08-07 09:59 . 2010-08-07 09:59 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Avira

2010-08-07 09:53 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys

2010-08-07 09:53 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-08-07 09:53 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2010-08-07 09:53 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2010-08-07 09:53 . 2010-08-07 09:53 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira

2010-08-07 09:53 . 2010-08-07 09:53 -------- d-----w- c:\program files\Avira

2010-08-07 09:12 . 2010-08-07 09:12 -------- d-----w- c:\program files\Trend Micro

2010-08-06 09:17 . 2010-08-06 09:17 -------- d-----w- c:\program files\Uniblue

2010-08-06 08:51 . 2010-08-06 08:51 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Agics

2010-08-04 14:03 . 2010-08-04 14:03 -------- d-----w- c:\windows\system32\wbem\Repository

2010-08-03 09:27 . 2010-08-04 14:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-07-29 22:31 . 2010-07-29 22:31 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\IsolatedStorage

2010-07-13 21:09 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-07 09:12 . 2010-08-07 09:12 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-08-06 09:28 . 2008-08-18 08:22 -------- d-----w- c:\program files\CCleaner

2010-08-06 09:17 . 2009-08-14 21:28 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Uniblue

2010-08-05 13:31 . 2010-08-05 13:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcp71.dll

2010-08-05 13:31 . 2010-08-05 13:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\jmc.dll

2010-08-05 13:31 . 2010-08-05 13:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcr71.dll

2010-08-05 13:31 . 2010-08-05 13:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-sse.dll

2010-08-05 13:31 . 2010-08-05 13:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-d3d.dll

2010-08-04 14:02 . 2009-06-27 20:28 -------- d-----w- c:\program files\Free Offers from Freeze.com

2010-07-29 09:32 . 2009-08-28 22:22 -------- d-----w- c:\program files\Defraggler

2010-07-16 22:30 . 2010-07-16 22:30 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_hellboy.0200f4406079039e4f9f4fd4269c6144.dll

2010-07-16 22:30 . 2010-07-16 22:30 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_hellboy.2389dbbb7a92af30b5bb4e62701f18a5.dll

2010-07-16 22:28 . 2010-07-16 22:28 626688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jan_2010.114da6697b16a4308920de3f00df9d11.dll

2010-07-16 22:27 . 2010-07-16 22:27 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jan_2010.6ce545b01335b0127c2a55cc392a24e6.dll

2010-07-16 22:15 . 2010-07-16 22:15 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jan_2010.d3c0a2c195757b5887793e496479436f.dll

2010-07-16 22:15 . 2010-07-16 22:15 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_jan_2010.734d2ae11536c3d1a34ecdb91aaab798.dll

2010-07-16 11:38 . 2010-07-16 11:38 1298432 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_fairdrivebonus.c758372be753af44acdea3ddd4c0b015.dll

2010-07-16 11:37 . 2010-07-16 11:37 1306624 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_greenbonus.6150c13bb168b4b80750f08a02e28a9e.dll

2010-07-16 11:27 . 2010-07-16 11:27 1011712 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_july_2010.934131b7e2f15e0deb06b4e317c6c108.dll

2010-07-16 11:27 . 2010-07-16 11:27 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_july_2010.9c1607d40a53de9ef91918fa73cf99d0.dll

2010-07-16 11:27 . 2010-07-16 11:27 696320 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_july_2010.23b0661a6bd3570a6d2da1750a0085ca.dll

2010-07-16 11:27 . 2010-07-16 11:27 1286144 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\dragonladybonus.2ddbbf43b6d3b001ca5ad84e9dc4e54d.dll

2010-07-16 11:27 . 2010-07-16 11:27 2052096 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_july_2010.9f48110b234a40c3be22491a86bde221.dll

2010-07-16 11:27 . 2010-07-16 11:27 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_july_2010.3e886f3e2ac4872e018f5e377cc83ee6.dll

2010-07-16 11:06 . 2010-07-16 11:06 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010.efc83f7d6106f6f7311664ff1b2b2a32.dll

2010-07-16 11:06 . 2010-07-16 11:06 897024 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglecollectbonus.596cdc646662e46fb224ad69f0d29c52.dll

2010-07-16 11:02 . 2010-07-16 11:02 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010_ts2.010d658f2ae9013a31869ea2a90f670a.dll

2010-07-16 11:02 . 2010-07-16 11:02 1253376 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglebonus.1a195cb4fbfbdacf89c6d27c99a6de3d.dll

2010-07-16 11:01 . 2010-07-16 11:01 1273856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\progressivepickxofybonus_gao_may_2010_ts2.3570ad65954894854a4b31a8a356f0d8.dll

2010-07-16 11:00 . 2010-07-16 11:00 1654784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010.e60a82cb58fa330160e763dfeb0216d7.dll

2010-07-16 10:55 . 2010-07-16 10:55 962560 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickuntilbonus_gao_may_2010.51a9dc144ac371f77832e6c933f17727.dll

2010-07-16 10:54 . 2010-07-16 10:54 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010_ts2.0452ecc824ce8f16f726aeca77ff7172.dll

2010-07-16 10:52 . 2010-07-16 10:52 647168 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jun_2010.d455e3e6fd646b2b4ff2d1415e18a526.dll

2010-07-16 10:44 . 2010-07-16 10:44 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010.2405f0d3d8c04e05ae817cdad30d69ce.dll

2010-07-16 10:44 . 2010-07-16 10:44 2023424 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010_ts2.f8d4d9cfbfb83922a1dd69fdf7c205ec.dll

2010-07-16 10:33 . 2010-07-16 10:33 1691648 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_jun_2010.e94e166b3e5fdfc627184eb59be56c08.dll

2010-07-16 10:33 . 2010-07-16 10:33 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jun_2010.a30d1768b69cfafa9177550a249e5143.dll

2010-07-16 10:33 . 2010-07-16 10:33 905216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\soccerbonus.e748cc00ac46bd91666eb47f10b5b6e5.dll

2010-07-16 10:29 . 2010-07-16 10:29 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jun_2010.671a4e67b9b7512fd028318bbf42d763.dll

2010-07-16 10:20 . 2010-07-16 10:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_may_2010.327983cc45ba0730f50c5a42b7bffc26.dll

2010-07-16 10:20 . 2010-07-16 10:20 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_hellboy.ee1c177b2b367dc15184591e57db5798.dll

2010-07-15 21:23 . 2010-07-15 21:23 1650688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_mar_2010.011b7c042032e11252156706d78b5e83.dll

2010-07-15 21:22 . 2010-07-15 21:22 708608 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_mar_2010.00e558dbf98f160d236f0e738de93c37.dll

2010-07-15 21:20 . 2010-07-15 21:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_mar_2010.e5e91d49a18e4440b5a76ddd6446140c.dll

2010-07-15 21:19 . 2010-07-15 21:19 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_mar_2010.05a7fd71980574f91eb4c1420f71b1f7.dll

2010-07-11 11:13 . 2008-02-11 14:36 -------- dc----w- c:\documents and settings\All Users\Application Data\MGS

2010-07-11 11:09 . 2010-07-11 11:09 225552 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\videopokersuite1.e45a40be28c5bc5514b9e806f30cdc6f.dll

2010-07-11 11:09 . 2010-07-11 11:09 536576 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldplugin.a5e08942278dbb53df46a8a9523a445b.dll

2010-07-11 11:09 . 2010-07-11 11:09 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll

2010-07-11 11:08 . 2010-07-11 11:08 602112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.f7a40649bbd758b8f99cf67e1769d71c.dll

2010-07-11 11:08 . 2010-07-11 11:08 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll

2010-07-11 11:01 . 2010-07-11 11:01 372736 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_threereelslottour.56771e0804a357b382c833fa1cc8338b.dll

2010-07-11 11:00 . 2010-07-11 11:00 212992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_type_3reelnormal1_2.a6fd3910e9b23c299d2e5b44aaea7530.dll

2010-07-11 10:59 . 2010-07-11 10:59 307300 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjackplugin.0b33c40e992b0cec60ff557d251457d2.dll

2010-07-11 10:59 . 2010-07-11 10:59 335976 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvtabletournamentlobby.fc620794b1b18938b640573c722b3922.dll

2010-07-11 10:58 . 2010-07-11 10:58 311398 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjacktourxxx.96f2985eb296e0eeb1592aacd45d6e4c.dll

2010-07-11 10:43 . 2010-07-11 10:43 188416 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptleaderboard.4146c172bd98dcfce86f1098fd229eb4.dll

2010-07-11 10:42 . 2010-07-11 10:42 94208 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.461d2601d0d39d2e2d5cd4a02a2b3087.dll

2010-07-11 10:42 . 2010-07-11 10:42 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunetransition.cdb6c11f100d3a3cb0c0550c21b277e4.dll

2010-07-11 10:41 . 2010-07-11 10:41 1568768 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune.b328b57943682e2d7fd4847916ff9b2b.dll

2010-07-11 10:41 . 2010-07-11 10:41 913680 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.1f8183fa66e67576038aca6f8bbaa5aa.dll

2010-07-11 10:40 . 2010-07-11 10:40 1232896 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_gspider.770d41ad6c8d6246716f0968e4501795.dll

2010-07-11 10:39 . 2010-07-11 10:39 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_septgao_09.7dc488ed3eadaa7b6b5d08dbca4c71cf.dll

2010-07-11 10:39 . 2010-07-11 10:39 1236992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_spiderbonus.c6f7df06987955caf77bb513ebf7e5b5.dll

2010-07-11 10:36 . 2010-07-11 10:36 1609728 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_tggg.1a1d0cf38dbf32cac78a651320f71d98.dll

2010-07-11 10:36 . 2010-07-11 10:36 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunexxx.88b69b79191872d92329d1cfa9817586.dll

2010-07-11 10:36 . 2010-07-11 10:36 376832 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.c25cbc913a8fbff25d5ff4436d66df8a.dll

2010-07-11 10:35 . 2010-07-11 10:35 1478656 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.1d6c52060a19ffc8e8529c6648d8f610.dll

2010-07-11 10:35 . 2010-07-11 10:35 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp2.46a4643f83fb4fee5edbd7b72ebf781d.dll

2010-07-11 10:35 . 2010-07-11 10:35 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_crankbonus.79fd1aae910e128f743d90232d089b3b.dll

2010-07-11 10:34 . 2010-07-11 10:34 1638400 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.246c971e5683180dd3d0e381fb6d8651.dll

2010-07-11 10:34 . 2010-07-11 10:34 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1.a5649140bdbd3a1f7c08b381be6f0a22.dll

2010-07-11 10:33 . 2010-07-11 10:33 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_octgao_09.27dbd220adee9f16140622d34764fadb.dll

2010-07-11 10:33 . 2010-07-11 10:33 1626112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_flightzone.120e06d45a565cdc8a97a294773b7eb8.dll

2010-07-11 10:31 . 2010-07-11 10:31 246032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\powerpokersuite1_nl.4b954e6e9e7bfe3947a12889040c706e.dll

2010-07-11 10:28 . 2010-07-11 10:28 65536 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\void.df7f7ef643b2f9803f9738f1b85d08e7.dll

2010-07-11 10:27 . 2010-07-11 10:27 471040 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.165da379d8a0adee611c449ba3662532.dll

2010-07-10 17:04 . 2009-09-04 21:07 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT

2010-07-10 17:03 . 2009-09-04 20:47 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT

2010-06-28 20:15 . 2009-12-20 13:15 -------- d-----w- c:\program files\EUcasino

2010-06-24 21:10 . 2010-06-24 21:08 -------- d-----w- c:\program files\RadioBar

2010-06-24 21:08 . 2010-06-24 21:08 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\RadioBar

2010-06-23 14:31 . 2004-08-04 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat

2010-06-23 14:31 . 2004-08-04 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat

2010-06-14 14:31 . 2008-01-18 14:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-01 17:37 . 2010-05-12 08:14 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-24 08:31 . 2010-05-24 08:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcp71.dll

2010-05-24 08:31 . 2010-05-24 08:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\jmc.dll

2010-05-24 08:31 . 2010-05-24 08:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcr71.dll

2010-05-24 08:31 . 2010-05-24 08:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-sse.dll

2010-05-24 08:31 . 2010-05-24 08:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-d3d.dll

2010-05-12 12:22 . 2010-05-12 12:22 393216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll

2010-05-12 12:22 . 2010-05-12 12:22 352256 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll

2010-05-12 12:13 . 2010-05-12 12:13 1171456 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll

2010-05-12 12:11 . 2010-05-12 12:11 1204224 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll

2010-05-12 12:03 . 2010-05-12 12:03 1142784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll

2010-05-12 12:01 . 2010-05-12 12:01 1290240 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll

2010-05-12 12:01 . 2010-05-12 12:01 827392 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll

2010-05-12 12:01 . 2010-05-12 12:01 1196032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll

2010-05-12 11:39 . 2010-05-12 11:39 499984 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll

.

((((((((((((((((((((((((((((( SnapShot@2010-08-08_09.24.58 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-08-08 09:40 . 2010-08-08 09:40 16384 c:\windows\Temp\Perflib_Perfdata_6b0.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Sitecom Wireless Network USB Adapter Turbo G WL-172\Installer\WLANUTL.EXE [2010-3-31 913408]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk]

backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]

backup=c:\windows\pss\Secunia PSI.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2003-04-06 22:07 114688 -c--a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2008-03-13 08:34 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2003-04-06 22:19 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]

2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]

2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]

2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2007-03-04 16:06 673280 ----a-w- c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/7/2010 11:53 AM 135336]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

getPlusHelper REG_MULTI_SZ getPlusHelper

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.nu.nl/

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-08 12:19

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(656)

c:\windows\system32\NTMARTA.DLL

.

Voltooingstijd: 2010-08-08 12:25:19

ComboFix-quarantined-files.txt 2010-08-08 10:25

ComboFix2.txt 2010-08-08 09:30

Pre-Run: 53,177,044,992 bytes beschikbaar

Post-Run: 53,187,727,360 bytes beschikbaar

- - End Of File - - 1CC087BCCF9A9AEF8DB9BE617CC23E59

HijckThis

ComboFix 10-08-07.02 - Eigenaar 08/08/2010 12:10:43.2.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.510.325 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Eigenaar.DELL\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Eigenaar.DELL\Mijn documenten\CFScript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Panda Security

c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2KRN_DATA

c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM

c:\program files\Panda Security\ActiveScan 2.0\ee366d2b2e4ede8287de879e85a0dcc2PSK_NM2

c:\program files\Panda Security\ActiveScan 2.0\nanocache.fil2

c:\program files\Panda Security\ActiveScan 2.0\pav.sig

c:\program files\Panda Security\ActiveScan 2.0\pavvts.dat

c:\program files\Panda Security\ActiveScan 2.0\psnengav.nsc

c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF

c:\program files\Panda Security\ActiveScan 2.0\psqstore\Invent.QCF.ext

F:\autorun.inf

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-07-08 to 2010-08-08 ))))))))))))))))))))))))))))))

.

2010-08-08 08:19 . 2010-08-08 09:54 -------- d--h--r- c:\documents and settings\Eigenaar.DELL\Onlangs geopend

2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Malwarebytes

2010-08-07 18:12 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-08-07 18:12 . 2010-08-07 18:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-08-07 18:12 . 2010-08-07 18:12 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-08-07 18:12 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-08-07 13:17 . 2010-08-07 13:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\Avira

2010-08-07 12:06 . 2010-08-07 12:06 -------- d-----r- c:\documents and settings\LocalService\Favorieten

2010-08-07 09:59 . 2010-08-07 09:59 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Avira

2010-08-07 09:53 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys

2010-08-07 09:53 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-08-07 09:53 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2010-08-07 09:53 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2010-08-07 09:53 . 2010-08-07 09:53 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira

2010-08-07 09:53 . 2010-08-07 09:53 -------- d-----w- c:\program files\Avira

2010-08-07 09:12 . 2010-08-07 09:12 -------- d-----w- c:\program files\Trend Micro

2010-08-06 09:17 . 2010-08-06 09:17 -------- d-----w- c:\program files\Uniblue

2010-08-06 08:51 . 2010-08-06 08:51 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Agics

2010-08-04 14:03 . 2010-08-04 14:03 -------- d-----w- c:\windows\system32\wbem\Repository

2010-08-03 09:27 . 2010-08-04 14:02 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-07-29 22:31 . 2010-07-29 22:31 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Local Settings\Application Data\IsolatedStorage

2010-07-13 21:09 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-07 09:12 . 2010-08-07 09:12 388096 ----a-r- c:\documents and settings\Eigenaar.DELL\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-08-06 09:28 . 2008-08-18 08:22 -------- d-----w- c:\program files\CCleaner

2010-08-06 09:17 . 2009-08-14 21:28 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\Uniblue

2010-08-05 13:31 . 2010-08-05 13:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcp71.dll

2010-08-05 13:31 . 2010-08-05 13:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\jmc.dll

2010-08-05 13:31 . 2010-08-05 13:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6f59acf2-n\msvcr71.dll

2010-08-05 13:31 . 2010-08-05 13:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-sse.dll

2010-08-05 13:31 . 2010-08-05 13:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-49c79afb-n\decora-d3d.dll

2010-08-04 14:02 . 2009-06-27 20:28 -------- d-----w- c:\program files\Free Offers from Freeze.com

2010-07-29 09:32 . 2009-08-28 22:22 -------- d-----w- c:\program files\Defraggler

2010-07-16 22:30 . 2010-07-16 22:30 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_hellboy.0200f4406079039e4f9f4fd4269c6144.dll

2010-07-16 22:30 . 2010-07-16 22:30 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_hellboy.2389dbbb7a92af30b5bb4e62701f18a5.dll

2010-07-16 22:28 . 2010-07-16 22:28 626688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jan_2010.114da6697b16a4308920de3f00df9d11.dll

2010-07-16 22:27 . 2010-07-16 22:27 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jan_2010.6ce545b01335b0127c2a55cc392a24e6.dll

2010-07-16 22:15 . 2010-07-16 22:15 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jan_2010.d3c0a2c195757b5887793e496479436f.dll

2010-07-16 22:15 . 2010-07-16 22:15 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_jan_2010.734d2ae11536c3d1a34ecdb91aaab798.dll

2010-07-16 11:38 . 2010-07-16 11:38 1298432 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_fairdrivebonus.c758372be753af44acdea3ddd4c0b015.dll

2010-07-16 11:37 . 2010-07-16 11:37 1306624 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\theargyleopen_greenbonus.6150c13bb168b4b80750f08a02e28a9e.dll

2010-07-16 11:27 . 2010-07-16 11:27 1011712 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_july_2010.934131b7e2f15e0deb06b4e317c6c108.dll

2010-07-16 11:27 . 2010-07-16 11:27 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_july_2010.9c1607d40a53de9ef91918fa73cf99d0.dll

2010-07-16 11:27 . 2010-07-16 11:27 696320 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_july_2010.23b0661a6bd3570a6d2da1750a0085ca.dll

2010-07-16 11:27 . 2010-07-16 11:27 1286144 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\dragonladybonus.2ddbbf43b6d3b001ca5ad84e9dc4e54d.dll

2010-07-16 11:27 . 2010-07-16 11:27 2052096 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_july_2010.9f48110b234a40c3be22491a86bde221.dll

2010-07-16 11:27 . 2010-07-16 11:27 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_july_2010.3e886f3e2ac4872e018f5e377cc83ee6.dll

2010-07-16 11:06 . 2010-07-16 11:06 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010.efc83f7d6106f6f7311664ff1b2b2a32.dll

2010-07-16 11:06 . 2010-07-16 11:06 897024 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglecollectbonus.596cdc646662e46fb224ad69f0d29c52.dll

2010-07-16 11:02 . 2010-07-16 11:02 1318912 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_may_2010_ts2.010d658f2ae9013a31869ea2a90f670a.dll

2010-07-16 11:02 . 2010-07-16 11:02 1253376 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\q\queenofthejunglebonus.1a195cb4fbfbdacf89c6d27c99a6de3d.dll

2010-07-16 11:01 . 2010-07-16 11:01 1273856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\progressivepickxofybonus_gao_may_2010_ts2.3570ad65954894854a4b31a8a356f0d8.dll

2010-07-16 11:00 . 2010-07-16 11:00 1654784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010.e60a82cb58fa330160e763dfeb0216d7.dll

2010-07-16 10:55 . 2010-07-16 10:55 962560 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickuntilbonus_gao_may_2010.51a9dc144ac371f77832e6c933f17727.dll

2010-07-16 10:54 . 2010-07-16 10:54 761856 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010_ts2.0452ecc824ce8f16f726aeca77ff7172.dll

2010-07-16 10:52 . 2010-07-16 10:52 647168 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_gao_jun_2010.d455e3e6fd646b2b4ff2d1415e18a526.dll

2010-07-16 10:44 . 2010-07-16 10:44 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_may_2010.2405f0d3d8c04e05ae817cdad30d69ce.dll

2010-07-16 10:44 . 2010-07-16 10:44 2023424 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_may_2010_ts2.f8d4d9cfbfb83922a1dd69fdf7c205ec.dll

2010-07-16 10:33 . 2010-07-16 10:33 1691648 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_jun_2010.e94e166b3e5fdfc627184eb59be56c08.dll

2010-07-16 10:33 . 2010-07-16 10:33 712704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_jun_2010.a30d1768b69cfafa9177550a249e5143.dll

2010-07-16 10:33 . 2010-07-16 10:33 905216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\soccerbonus.e748cc00ac46bd91666eb47f10b5b6e5.dll

2010-07-16 10:29 . 2010-07-16 10:29 1228800 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_jun_2010.671a4e67b9b7512fd028318bbf42d763.dll

2010-07-16 10:20 . 2010-07-16 10:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_may_2010.327983cc45ba0730f50c5a42b7bffc26.dll

2010-07-16 10:20 . 2010-07-16 10:20 925696 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_hellboy.ee1c177b2b367dc15184591e57db5798.dll

2010-07-15 21:23 . 2010-07-15 21:23 1650688 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_gao_mar_2010.011b7c042032e11252156706d78b5e83.dll

2010-07-15 21:22 . 2010-07-15 21:22 708608 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_gao_mar_2010.00e558dbf98f160d236f0e738de93c37.dll

2010-07-15 21:20 . 2010-07-15 21:20 950272 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofybonus_gao_mar_2010.e5e91d49a18e4440b5a76ddd6446140c.dll

2010-07-15 21:19 . 2010-07-15 21:19 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_gao_mar_2010.05a7fd71980574f91eb4c1420f71b1f7.dll

2010-07-11 11:13 . 2008-02-11 14:36 -------- dc----w- c:\documents and settings\All Users\Application Data\MGS

2010-07-11 11:09 . 2010-07-11 11:09 225552 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\videopokersuite1.e45a40be28c5bc5514b9e806f30cdc6f.dll

2010-07-11 11:09 . 2010-07-11 11:09 536576 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldplugin.a5e08942278dbb53df46a8a9523a445b.dll

2010-07-11 11:09 . 2010-07-11 11:09 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mhbjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll

2010-07-11 11:08 . 2010-07-11 11:08 602112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.f7a40649bbd758b8f99cf67e1769d71c.dll

2010-07-11 11:08 . 2010-07-11 11:08 512000 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.e2caa9292f5de8579a9ad479e877ced8.dll

2010-07-11 11:01 . 2010-07-11 11:01 372736 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_threereelslottour.56771e0804a357b382c833fa1cc8338b.dll

2010-07-11 11:00 . 2010-07-11 11:00 212992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpv_type_3reelnormal1_2.a6fd3910e9b23c299d2e5b44aaea7530.dll

2010-07-11 10:59 . 2010-07-11 10:59 307300 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjackplugin.0b33c40e992b0cec60ff557d251457d2.dll

2010-07-11 10:59 . 2010-07-11 10:59 335976 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvtabletournamentlobby.fc620794b1b18938b640573c722b3922.dll

2010-07-11 10:58 . 2010-07-11 10:58 311398 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mpvblackjacktourxxx.96f2985eb296e0eeb1592aacd45d6e4c.dll

2010-07-11 10:43 . 2010-07-11 10:43 188416 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptleaderboard.4146c172bd98dcfce86f1098fd229eb4.dll

2010-07-11 10:42 . 2010-07-11 10:42 94208 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.461d2601d0d39d2e2d5cd4a02a2b3087.dll

2010-07-11 10:42 . 2010-07-11 10:42 684032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunetransition.cdb6c11f100d3a3cb0c0550c21b277e4.dll

2010-07-11 10:41 . 2010-07-11 10:41 1568768 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune.b328b57943682e2d7fd4847916ff9b2b.dll

2010-07-11 10:41 . 2010-07-11 10:41 913680 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp.1f8183fa66e67576038aca6f8bbaa5aa.dll

2010-07-11 10:40 . 2010-07-11 10:40 1232896 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_gspider.770d41ad6c8d6246716f0968e4501795.dll

2010-07-11 10:39 . 2010-07-11 10:39 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_septgao_09.7dc488ed3eadaa7b6b5d08dbca4c71cf.dll

2010-07-11 10:39 . 2010-07-11 10:39 1236992 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_spiderbonus.c6f7df06987955caf77bb513ebf7e5b5.dll

2010-07-11 10:36 . 2010-07-11 10:36 1609728 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_tggg.1a1d0cf38dbf32cac78a651320f71d98.dll

2010-07-11 10:36 . 2010-07-11 10:36 1064960 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortunexxx.88b69b79191872d92329d1cfa9817586.dll

2010-07-11 10:36 . 2010-07-11 10:36 376832 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mptadvancedslots.c25cbc913a8fbff25d5ff4436d66df8a.dll

2010-07-11 10:35 . 2010-07-11 10:35 1478656 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.1d6c52060a19ffc8e8529c6648d8f610.dll

2010-07-11 10:35 . 2010-07-11 10:35 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_temp2.46a4643f83fb4fee5edbd7b72ebf781d.dll

2010-07-11 10:35 . 2010-07-11 10:35 1224704 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\arcticfortune_crankbonus.79fd1aae910e128f743d90232d089b3b.dll

2010-07-11 10:34 . 2010-07-11 10:34 1638400 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.246c971e5683180dd3d0e381fb6d8651.dll

2010-07-11 10:34 . 2010-07-11 10:34 823568 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1.a5649140bdbd3a1f7c08b381be6f0a22.dll

2010-07-11 10:33 . 2010-07-11 10:33 1482752 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_octgao_09.27dbd220adee9f16140622d34764fadb.dll

2010-07-11 10:33 . 2010-07-11 10:33 1626112 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_flightzone.120e06d45a565cdc8a97a294773b7eb8.dll

2010-07-11 10:31 . 2010-07-11 10:31 246032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\powerpokersuite1_nl.4b954e6e9e7bfe3947a12889040c706e.dll

2010-07-11 10:28 . 2010-07-11 10:28 65536 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\void.df7f7ef643b2f9803f9738f1b85d08e7.dll

2010-07-11 10:27 . 2010-07-11 10:27 471040 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.165da379d8a0adee611c449ba3662532.dll

2010-07-10 17:04 . 2009-09-04 21:07 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdw.DAT

2010-07-10 17:03 . 2009-09-04 20:47 20 -c-h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT

2010-06-28 20:15 . 2009-12-20 13:15 -------- d-----w- c:\program files\EUcasino

2010-06-24 21:10 . 2010-06-24 21:08 -------- d-----w- c:\program files\RadioBar

2010-06-24 21:08 . 2010-06-24 21:08 -------- d-----w- c:\documents and settings\Eigenaar.DELL\Application Data\RadioBar

2010-06-23 14:31 . 2004-08-04 12:00 86022 ----a-w- c:\windows\system32\perfc013.dat

2010-06-23 14:31 . 2004-08-04 12:00 498912 ----a-w- c:\windows\system32\perfh013.dat

2010-06-14 14:31 . 2008-01-18 14:09 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-01 17:37 . 2010-05-12 08:14 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-24 08:31 . 2010-05-24 08:31 503808 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcp71.dll

2010-05-24 08:31 . 2010-05-24 08:31 499712 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\jmc.dll

2010-05-24 08:31 . 2010-05-24 08:31 348160 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-388f59d2-n\msvcr71.dll

2010-05-24 08:31 . 2010-05-24 08:31 61440 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-sse.dll

2010-05-24 08:31 . 2010-05-24 08:31 12800 ----a-w- c:\documents and settings\Eigenaar.DELL\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b9ebb3b-n\decora-d3d.dll

2010-05-12 12:22 . 2010-05-12 12:22 393216 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll

2010-05-12 12:22 . 2010-05-12 12:22 352256 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll

2010-05-12 12:13 . 2010-05-12 12:13 1171456 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll

2010-05-12 12:11 . 2010-05-12 12:11 1204224 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll

2010-05-12 12:03 . 2010-05-12 12:03 1142784 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll

2010-05-12 12:01 . 2010-05-12 12:01 1290240 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll

2010-05-12 12:01 . 2010-05-12 12:01 827392 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll

2010-05-12 12:01 . 2010-05-12 12:01 1196032 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll

2010-05-12 11:39 . 2010-05-12 11:39 499984 -c--a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll

.

((((((((((((((((((((((((((((( SnapShot@2010-08-08_09.24.58 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-08-08 09:40 . 2010-08-08 09:40 16384 c:\windows\Temp\Perflib_Perfdata_6b0.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Sitecom Wireless Utility.lnk - c:\program files\Sitecom\Sitecom Wireless Network USB Adapter Turbo G WL-172\Installer\WLANUTL.EXE [2010-3-31 913408]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]

backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Poort voor Symantec Fax Starter Edition.lnk]

backup=c:\windows\pss\Poort voor Symantec Fax Starter Edition.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar.DELL^Menu Start^Programma's^Opstarten^Secunia PSI.lnk]

backup=c:\windows\pss\Secunia PSI.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2003-04-06 22:07 114688 -c--a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2008-03-25 20:27 49152 -c--a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2008-03-13 08:34 81920 ----a-w- c:\program files\Hp\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2003-04-06 22:19 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]

2003-12-06 00:12 102400 ----a-w- c:\program files\Common Files\Logitech\PDDriver\LVComS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mxomssmenu]

2008-07-21 15:16 169312 ----a-w- c:\program files\Maxtor\OneTouch Status\MaxMenuMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]

2008-09-30 12:06 485208 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2007-03-04 16:06 673280 ----a-w- c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office\\1043\\WFXMSRVR.EXE"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpsapp.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqpse.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqsudi.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqgpc01.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/7/2010 11:53 AM 135336]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/21/2008 11:56 AM 20160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

getPlusHelper REG_MULTI_SZ getPlusHelper

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.nu.nl/

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

DPF: {3E90FFF5-1347-45B9-91F6-DA47926E9697} - hxxp://online-virusscan.casema.nl/systemcheck/PlaNetSysInfo.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://83.84.124.118:9999/activex/AMC.cab

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-08 12:19

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1177238915-484061587-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(656)

c:\windows\system32\NTMARTA.DLL

.

Voltooingstijd: 2010-08-08 12:25:19

ComboFix-quarantined-files.txt 2010-08-08 10:25

ComboFix2.txt 2010-08-08 09:30

Pre-Run: 53,177,044,992 bytes beschikbaar

Post-Run: 53,187,727,360 bytes beschikbaar

- - End Of File - - 1CC087BCCF9A9AEF8DB9BE617CC23E59

---------- Post toegevoegd om 13:45 ---------- Vorige post was om 13:43 ----------

Ik doe verder nog maar even niets tot ik van u verdere instructies krijg

alvast bedankt!

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.