Ga naar inhoud

hoog CPU en vastlopen


Stilste

Aanbevolen berichten

malwarebytes is nog aant scannen, maar hier alvast mijn nieuwe log nadat ik die dingen heb verwijderd.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:18:21, on 14-1-2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe

C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Secunia\PSI\PSIA.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Program Files\IObit\IObit Malware Fighter\IMF.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\System32\snmp.exe

C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ASUSTeK Computer Inc.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com

O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe

O24 - Desktop Component 0: (no name) - (no file)

--

End of file - 10839 bytes

Link naar reactie
Delen op andere sites

  • Reacties 36
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

dit is het logje van de snalle scan van malware.

Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.0.1800

www.malwarebytes.org

Databaseversie: v2012.01.08.02

Windows XP Service Pack 3 x86 FAT32

Internet Explorer 8.0.6001.18702

Andre :: ASUS [administrator]

Realtime bescherming: Ingeschakeld

14-1-2012 10:52:37

mbam-log-2012-01-14 (10-52-37).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstarten | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 193986

Verstreken tijd: 13 minuut/minuten, 29 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

ben nu nog eens een volledige scan aant proberen. eerst alleen de c, als dat lukt ook nog de d schijf.

Link naar reactie
Delen op andere sites

Dit ziet er netjes uit ... doe dit er maar achteraan :

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

cf-rc-auto.jpg

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

rc-auto-done.jpg

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

hier is mijn lag van combofix

ComboFix 12-01-13.05 - Andre 14-01-2012 11:59:51.1.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.409 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Andre\Bureaublad\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Administrator\WINDOWS

c:\documents and settings\All Users\Application Data\ACD Systems\ACDSee\ImageDB.ddf

c:\documents and settings\All Users\Application Data\log.txt

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\All Users\Application Data\TEMP\012BC84F.TMP

c:\documents and settings\All Users\Application Data\TEMP\0785072C.TMP

c:\documents and settings\All Users\Application Data\TEMP\0FB1B14D.TMP

c:\documents and settings\All Users\Application Data\TEMP\14B2E0BD.TMP

c:\documents and settings\All Users\Application Data\TEMP\16F24F2E.TMP

c:\documents and settings\All Users\Application Data\TEMP\18DEBC51.TMP

c:\documents and settings\All Users\Application Data\TEMP\20EB6823.TMP

c:\documents and settings\All Users\Application Data\TEMP\26499772.TMP

c:\documents and settings\All Users\Application Data\TEMP\2652902F.TMP

c:\documents and settings\All Users\Application Data\TEMP\28BEC2EC.TMP

c:\documents and settings\All Users\Application Data\TEMP\29B37860.TMP

c:\documents and settings\All Users\Application Data\TEMP\2F8138B7.TMP

c:\documents and settings\All Users\Application Data\TEMP\33B04540.TMP

c:\documents and settings\All Users\Application Data\TEMP\35CEC035.TMP

c:\documents and settings\All Users\Application Data\TEMP\38D2EA83.TMP

c:\documents and settings\All Users\Application Data\TEMP\4149A170.TMP

c:\documents and settings\All Users\Application Data\TEMP\474022C7.TMP

c:\documents and settings\All Users\Application Data\TEMP\4C3D5A8B.TMP

c:\documents and settings\All Users\Application Data\TEMP\65C4D44A.TMP

c:\documents and settings\All Users\Application Data\TEMP\678F890D.TMP

c:\documents and settings\All Users\Application Data\TEMP\6EE8565A.TMP

c:\documents and settings\All Users\Application Data\TEMP\767A78E5.TMP

c:\documents and settings\All Users\Application Data\TEMP\774C075A.TMP

c:\documents and settings\All Users\Application Data\TEMP\80FE037D.TMP

c:\documents and settings\All Users\Application Data\TEMP\92DB4653.TMP

c:\documents and settings\All Users\Application Data\TEMP\AD2DB2F9.TMP

c:\documents and settings\All Users\Application Data\TEMP\B3C7433B.TMP

c:\documents and settings\All Users\Application Data\TEMP\B4258C5D.TMP

c:\documents and settings\All Users\Application Data\TEMP\D026A5A4.TMP

c:\documents and settings\All Users\Application Data\TEMP\D6B71B40.TMP

c:\documents and settings\All Users\Application Data\TEMP\DBC3D477.TMP

c:\documents and settings\All Users\Application Data\TEMP\DDD1277F.TMP

c:\documents and settings\All Users\Application Data\TEMP\E0888117.TMP

c:\documents and settings\All Users\Application Data\TEMP\EC3A9923.TMP

c:\documents and settings\All Users\Application Data\TEMP\ED0B32CA.TMP

c:\documents and settings\All Users\Application Data\TEMP\ED2D63E4.TMP

c:\documents and settings\All Users\Application Data\TEMP\F26F5952.TMP

c:\documents and settings\All Users\Application Data\TEMP\F5D01D7C.TMP

c:\documents and settings\All Users\Application Data\TEMP\F610C203.TMP

c:\documents and settings\All Users\Application Data\TEMP\F942EC78.TMP

c:\documents and settings\All Users\Application Data\TEMP\FB4262DE.TMP

c:\documents and settings\Andre\Application Data\Adobe\plugs

c:\documents and settings\Andre\Application Data\Adobe\shed

c:\documents and settings\Andre\Application Data\PriceGong

c:\documents and settings\Andre\Application Data\PriceGong\Data\1.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\4489.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\a.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\b.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\c.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\d.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\e.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\f.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\g.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\h.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\i.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\j.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\k.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\l.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\m.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Andre\Application Data\PriceGong\Data\n.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\o.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\p.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\q.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\r.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\s.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\t.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\u.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\v.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\w.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\x.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\y.txt

c:\documents and settings\Andre\Application Data\PriceGong\Data\z.txt

c:\documents and settings\Andre\WINDOWS

c:\documents and settings\Default User\WINDOWS

c:\windows\IsUn0413.exe

c:\windows\iun6002.exe

c:\windows\system32\config\systemprofile\WINDOWS

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\system32\kernel1.exe

c:\windows\system32\roboot.exe

c:\windows\system32\SET4F.tmp

c:\windows\WindowsUpdate.log

D:\Setup.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-14 to 2012-01-14 ))))))))))))))))))))))))))))))

.

.

2012-01-14 11:28 . 2012-01-14 11:28 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7AC5C2C-7F93-4002-8C1F-32A2E3F75164}\offreg.dll

2012-01-14 08:15 . 2012-01-14 08:15 -------- d--h--r- c:\documents and settings\Andre\Onlangs geopend

2012-01-12 16:16 . 2012-01-12 16:16 -------- d-----w- c:\documents and settings\Andre\Application Data\Friday's games

2012-01-12 14:44 . 2012-01-12 14:44 0 ---ha-w- c:\documents and settings\Andre\Local Settings\Application Data\BIT12.tmp

2012-01-11 15:28 . 2012-01-11 15:28 388096 ----a-r- c:\documents and settings\Andre\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-01-11 15:28 . 2012-01-11 15:28 -------- d-----w- c:\program files\Trend Micro

2012-01-11 15:13 . 2012-01-11 15:13 -------- d-----w- c:\program files\Speccy

2012-01-10 15:55 . 2012-01-10 15:55 -------- d-----w- C:\FOUND.030

2012-01-08 16:27 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7AC5C2C-7F93-4002-8C1F-32A2E3F75164}\mpengine.dll

2012-01-08 09:15 . 2012-01-08 09:15 -------- d-----w- c:\documents and settings\Andre\Application Data\Gogii

2012-01-07 11:28 . 2004-08-04 13:00 30208 ----a-w- c:\windows\system32\dllcache\sm87w.dll

2012-01-07 11:28 . 2004-08-04 13:00 30208 ----a-w- c:\windows\system32\dllcache\sm81w.dll

2012-01-07 11:28 . 2004-08-04 13:00 25088 ----a-w- c:\windows\system32\dllcache\sm59w.dll

2012-01-07 11:28 . 2008-04-13 19:46 11136 ----a-w- c:\windows\system32\dllcache\slip.sys

2012-01-07 11:27 . 2004-08-03 21:31 63547 ----a-w- c:\windows\system32\dllcache\sla30nd5.sys

2012-01-07 11:27 . 2001-08-17 19:12 91294 ----a-w- c:\windows\system32\dllcache\skfpwin.sys

2012-01-07 11:27 . 2001-09-06 19:53 95146 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys

2012-01-07 11:27 . 2001-09-06 20:26 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll

2012-01-07 11:27 . 2001-08-17 19:50 50432 ----a-w- c:\windows\system32\dllcache\sisv.sys

2012-01-07 11:27 . 2004-08-03 21:31 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys

2012-01-07 11:27 . 2001-09-06 20:27 238592 ----a-w- c:\windows\system32\dllcache\sisgrv.dll

2012-01-07 11:27 . 2001-08-17 19:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys

2012-01-07 11:27 . 2001-09-06 20:26 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll

2012-01-07 11:27 . 2001-08-17 19:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys

2012-01-07 11:27 . 2001-09-06 20:26 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll

2012-01-07 11:27 . 2001-08-17 19:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys

2012-01-07 11:26 . 2001-09-06 19:49 161760 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

2012-01-07 11:26 . 2001-07-21 21:29 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys

2012-01-07 11:26 . 2001-08-17 19:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys

2012-01-07 11:26 . 2001-09-06 20:26 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll

2012-01-07 11:26 . 2001-08-17 19:19 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys

2012-01-07 11:26 . 2001-09-06 19:47 6912 ----a-w- c:\windows\system32\dllcache\serscan.sys

2012-01-07 11:26 . 2001-09-06 19:47 18176 ----a-w- c:\windows\system32\dllcache\sermouse.sys

2012-01-07 11:26 . 2001-09-06 20:27 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll

2012-01-07 11:25 . 2001-08-17 20:53 6912 ----a-w- c:\windows\system32\dllcache\seaddsmc.sys

2012-01-07 11:25 . 2008-04-13 19:45 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys

2012-01-07 11:25 . 2001-08-17 20:52 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys

2012-01-07 11:25 . 2001-09-06 20:27 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll

2012-01-07 11:25 . 2001-09-06 19:44 17536 ----a-w- c:\windows\system32\dllcache\scr111.sys

2012-01-07 11:25 . 2001-09-06 19:44 16768 ----a-w- c:\windows\system32\dllcache\scmstcs.sys

2012-01-07 11:25 . 2001-08-17 20:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys

2012-01-07 11:25 . 2001-09-06 19:42 23936 ----a-w- c:\windows\system32\dllcache\sccmn50m.sys

2012-01-07 11:25 . 2008-04-13 19:40 43904 ----a-w- c:\windows\system32\dllcache\sbp2port.sys

2012-01-07 11:25 . 2001-09-06 20:27 495616 ----a-w- c:\windows\system32\dllcache\sblfx.dll

2012-01-07 11:25 . 2001-08-17 19:50 75392 ----a-w- c:\windows\system32\dllcache\s3savmxm.sys

2012-01-07 11:23 . 2004-08-03 21:31 20992 ----a-w- c:\windows\system32\dllcache\rtl8139.sys

2012-01-07 11:23 . 2001-08-17 19:12 19017 ----a-w- c:\windows\system32\dllcache\rtl8029.sys

2012-01-07 11:23 . 2001-08-17 19:19 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys

2012-01-07 11:23 . 2001-09-06 20:27 10240 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll

2012-01-07 11:23 . 2001-08-17 19:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys

2012-01-07 11:23 . 2008-04-14 17:34 79360 ----a-w- c:\windows\system32\dllcache\rocket.sys

2012-01-07 11:23 . 2001-08-17 19:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys

2012-01-07 11:23 . 2001-09-06 20:27 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll

2012-01-07 11:23 . 2001-09-06 20:27 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe

2012-01-07 11:23 . 2004-08-04 13:00 14848 ----a-w- c:\windows\system32\dllcache\register.exe

2012-01-07 11:22 . 2001-09-06 19:29 715210 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys

2012-01-07 11:22 . 2001-09-06 19:29 899594 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys

2012-01-07 11:22 . 2001-09-06 20:27 41984 ----a-w- c:\windows\system32\dllcache\qvusd.dll

2012-01-07 11:22 . 2001-08-17 20:53 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys

2012-01-07 11:22 . 2004-08-04 13:00 16896 ----a-w- c:\windows\system32\dllcache\quser.exe

2012-01-07 11:22 . 2004-08-04 13:00 9728 ----a-w- c:\windows\system32\dllcache\query.exe

2012-01-07 11:22 . 2001-08-17 20:52 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys

2012-01-07 11:22 . 2001-08-17 20:52 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys

2012-01-07 11:22 . 2001-08-17 20:52 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys

2012-01-07 11:20 . 2001-08-17 20:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys

2012-01-07 11:20 . 2004-08-04 13:00 131584 ----a-w- c:\windows\system32\dllcache\pmxviceo.dll

2012-01-07 11:20 . 2004-08-04 13:00 6144 ----a-w- c:\windows\system32\dllcache\pmxgl.dll

2012-01-07 11:20 . 2004-08-04 13:00 11264 ----a-w- c:\windows\system32\dllcache\pmxmcro.dll

2012-01-07 11:20 . 2001-09-06 20:27 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll

2012-01-07 11:20 . 2001-08-17 21:07 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys

2012-01-07 11:20 . 2001-08-17 21:04 92416 ----a-w- c:\windows\system32\dllcache\phildec.sys

2012-01-07 11:20 . 2001-08-17 21:04 173696 ----a-w- c:\windows\system32\dllcache\philcam2.sys

2012-01-07 11:20 . 2001-08-17 21:04 75776 ----a-w- c:\windows\system32\dllcache\philcam1.sys

2012-01-07 11:20 . 2001-09-06 20:27 16896 ----a-w- c:\windows\system32\dllcache\philcam1.dll

2012-01-07 11:20 . 2008-04-14 18:01 259328 ----a-w- c:\windows\system32\dllcache\perm3dd.dll

2012-01-07 11:18 . 2001-09-06 20:27 42496 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll

2012-01-07 11:17 . 2001-08-17 19:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys

2012-01-07 11:17 . 2001-08-17 19:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys

2012-01-07 11:17 . 2001-09-06 20:26 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll

2012-01-07 11:17 . 2001-08-17 19:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys

2012-01-07 11:17 . 2001-09-06 20:27 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll

2012-01-07 11:17 . 2001-09-06 18:49 9472 ----a-w- c:\windows\system32\dllcache\ntapm.sys

2012-01-07 11:17 . 2001-08-17 20:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys

2012-01-07 11:17 . 2008-04-13 19:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys

2012-01-07 11:16 . 2001-08-17 19:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys

2012-01-07 11:16 . 2001-08-17 19:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys

2012-01-07 11:16 . 2001-08-17 19:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys

2012-01-07 11:16 . 2004-08-03 23:57 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys

2012-01-07 11:16 . 2001-09-06 18:39 66334 ----a-w- c:\windows\system32\dllcache\netflx3.sys

2012-01-07 11:16 . 2001-08-17 19:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys

2012-01-07 11:16 . 2001-09-06 20:26 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll

2012-01-07 11:16 . 2001-08-17 20:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys

2012-01-07 11:16 . 2008-04-13 19:46 10880 ----a-w- c:\windows\system32\dllcache\ndisip.sys

2012-01-07 11:14 . 2004-08-04 13:00 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll

2012-01-07 11:14 . 2001-08-17 19:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys

2012-01-07 11:14 . 2008-04-13 19:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys

2012-01-07 11:14 . 2008-04-13 19:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

2012-01-07 11:14 . 2001-08-17 20:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2012-01-07 11:13 . 2001-08-17 21:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

2012-01-07 11:13 . 2004-08-04 13:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

2012-01-07 11:13 . 2001-08-17 21:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

2012-01-07 11:13 . 2001-08-17 20:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

2012-01-07 11:13 . 2008-04-13 19:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys

2012-01-07 11:13 . 2001-08-17 20:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

2012-01-07 11:12 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys

2012-01-07 11:12 . 2001-08-17 20:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

2012-01-07 11:12 . 2001-08-17 20:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys

2012-01-07 11:12 . 2004-08-04 13:00 34816 ----a-w- c:\windows\system32\dllcache\migisol.exe

2012-01-07 11:12 . 2001-09-06 17:59 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys

2012-01-07 11:12 . 2001-09-06 20:26 235648 ----a-w- c:\windows\system32\dllcache\mgaud.dll

2012-01-07 11:12 . 2004-08-04 13:00 92416 ----a-w- c:\windows\system32\dllcache\mga.sys

2012-01-07 11:12 . 2004-08-04 13:00 92032 ----a-w- c:\windows\system32\dllcache\mga.dll

2012-01-07 11:12 . 2008-04-13 19:41 26112 ----a-w- c:\windows\system32\dllcache\memstpci.sys

2012-01-07 11:10 . 2004-08-03 23:58 607132 ----a-w- c:\windows\system32\dllcache\ltmdmnt.sys

2012-01-07 11:10 . 2001-09-06 17:39 728234 ----a-w- c:\windows\system32\dllcache\ltck000c.sys

2012-01-07 11:10 . 2001-08-17 20:53 4992 ----a-w- c:\windows\system32\dllcache\loop.sys

2012-01-07 11:10 . 2001-08-17 19:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys

2012-01-07 11:10 . 2001-08-17 19:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys

2012-01-07 11:10 . 2001-08-17 19:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys

2012-01-07 11:10 . 2001-09-06 17:35 15872 ----a-w- c:\windows\system32\dllcache\lit220p.sys

2012-01-07 11:10 . 2008-04-13 19:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys

2012-01-07 11:10 . 2001-09-06 17:32 26922 ----a-w- c:\windows\system32\dllcache\lanepic5.sys

2012-01-07 11:10 . 2001-08-17 19:12 19016 ----a-w- c:\windows\system32\dllcache\ktc111.sys

2012-01-07 11:10 . 2001-09-06 20:26 37888 ----a-w- c:\windows\system32\dllcache\kousd.dll

2012-01-07 11:10 . 2004-08-04 13:00 70656 ----a-w- c:\windows\system32\dllcache\korwbrkr.dll

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-08 07:25 . 2011-06-29 16:38 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-10 14:24 . 2011-12-11 11:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-01 12:12 . 2011-07-01 15:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-23 14:40 . 2004-10-26 10:46 1859712 ----a-w- c:\windows\system32\win32k.sys

2011-11-21 10:47 . 2011-06-27 09:39 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-11-15 13:29 . 2011-06-25 14:44 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-11-04 19:13 . 2004-10-26 10:46 916992 ----a-w- c:\windows\system32\wininet.dll

2011-11-04 19:13 . 2007-04-25 08:45 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-04 19:13 . 2004-10-26 10:46 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-11-04 11:25 . 2004-10-26 10:46 385024 ----a-w- c:\windows\system32\html.iec

2011-11-01 16:07 . 2004-10-26 10:46 1288192 ----a-w- c:\windows\system32\ole32.dll

2011-10-28 05:32 . 2004-10-26 10:46 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-10-26 10:50 . 2004-10-26 10:46 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-10-26 10:50 . 2004-08-03 23:58 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-10-19 21:16 . 2011-11-25 17:14 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2011-10-18 11:13 . 2004-10-26 10:46 186880 ----a-w- c:\windows\system32\encdec.dll

2009-09-23 16:43 . 2009-09-23 16:43 288560 ----a-w- c:\program files\utorrent.exe

2007-04-09 21:54 . 2007-05-25 20:56 9650176 ----a-w- c:\program files\Unique.dll

2011-11-10 05:44 . 2011-06-25 15:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-13 289072]

"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-11-07 67456]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-09-29 4441944]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

2005-05-31 21:46 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ASUS ChkMail.lnk]

backup=c:\windows\pss\ASUS ChkMail.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Cisco Systems VPN Client.lnk]

backup=c:\windows\pss\Cisco Systems VPN Client.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Music Anywhere Settings.lnk]

backup=c:\windows\pss\Logitech Music Anywhere Settings.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Secunia PSI Tray.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Secunia PSI Tray.lnk

backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk]

path=c:\documents and settings\Andre\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk

backup=c:\windows\pss\Adobe Gamma.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^utorrent.lnk]

backup=c:\windows\pss\utorrent.lnkStartup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\µTorrent

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]

2011-09-07 14:53 40376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-06-06 11:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]

2011-12-11 11:44 619352 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

2005-05-03 05:43 69632 ------r- c:\windows\Alcmtr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]

2003-09-19 11:54 172032 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

2005-08-30 20:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 18:02 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp]

2005-05-31 21:50 356352 ----a-w- c:\program files\Intel\Wireless\Bin\EOUWiz.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]

2005-07-28 08:29 102400 ----a-w- c:\windows\ATK0100\HControl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

2007-03-12 17:53 1055792 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]

2005-06-03 00:31 385024 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]

2005-05-31 21:46 401408 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2008-09-10 15:40 289576 ----a-w- D:\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

2011-12-24 16:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 18:03 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NB Probe]

2005-07-27 16:07 765952 ----a-w- c:\program files\Asus\NB Probe\NBProbe.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-09 17:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear]

2005-06-16 14:48 86016 ----a-w- c:\program files\Asus\Power4 Gear\BatteryLife.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]

2011-11-07 08:26 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2005-09-06 07:39 14850560 ------r- c:\windows\RTHDCPL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]

2007-03-12 17:54 1626160 ----a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-09-01 21:36 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-09-23 14:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]

2006-12-06 16:59 4820992 ----a-w- c:\program files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2009-10-13 07:57 289072 ----a-w- c:\program files\uTorrent\uTorrent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console]

2005-07-22 13:36 57344 ----a-w- c:\program files\Asus\Wireless Console\wcourier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"PhotoshopElementsDeviceConnect"=2 (0x2)

"ose"=3 (0x3)

"InCDsrv"=2 (0x2)

"CVPND"=3 (0x3)

"AdobeActiveFileMonitor"=2 (0x2)

"Adobe LM Service"=3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Messenger\\MSMSGS.EXE"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\DiskTrix\\UltimateDefrag\\UDefrag.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\System32\\dplaysvr.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"d:\\iTunes.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3587:TCP"= 3587:TCP:Windows Peer-to-Peer-groepering

"3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

.

R0 R592;R592;c:\windows\system32\drivers\R592.sys [15-10-2004 19:26 57088]

R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [15-10-2004 19:26 27264]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [6-9-2011 17:50 14776]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [25-11-2011 17:32 494424]

R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7-8-2011 17:08 820568]

R2 Iprip;RIP-listener;c:\windows\System32\svchost.exe -k netsvcs [26-10-2004 11:46 14336]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11-12-2011 12:59 652872]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [19-4-2011 8:44 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [19-4-2011 8:44 399416]

R3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [25-6-2011 15:41 20160]

R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [3-10-2011 16:49 239600]

R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13-6-2011 22:09 267568]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11-12-2011 12:58 20464]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1-9-2010 10:30 15544]

R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [3-10-2011 16:49 30368]

R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [3-10-2011 16:49 16208]

S0 onbbbelh;onbbbelh;c:\windows\system32\drivers\ojddtl.sys --> c:\windows\system32\drivers\ojddtl.sys [?]

S1 MpKsl0094bc82;MpKsl0094bc82; [x]

S1 MpKsl04e76432;MpKsl04e76432; [x]

S1 MpKsl06873a5c;MpKsl06873a5c; [x]

S1 MpKsl09c6dfa7;MpKsl09c6dfa7; [x]

S1 MpKsl0b15c8d9;MpKsl0b15c8d9; [x]

S1 MpKsl10fed5fd;MpKsl10fed5fd; [x]

S1 MpKsl13ac65f5;MpKsl13ac65f5; [x]

S1 MpKsl1477e8f1;MpKsl1477e8f1; [x]

S1 MpKsl1ac94e99;MpKsl1ac94e99; [x]

S1 MpKsl29adacb2;MpKsl29adacb2; [x]

S1 MpKsl2a2b07fb;MpKsl2a2b07fb; [x]

S1 MpKsl32aded72;MpKsl32aded72; [x]

S1 MpKsl33ba61df;MpKsl33ba61df; [x]

S1 MpKsl3c286d8f;MpKsl3c286d8f; [x]

S1 MpKsl41cc1b22;MpKsl41cc1b22; [x]

S1 MpKsl4ad2084b;MpKsl4ad2084b; [x]

S1 MpKsl4d033b75;MpKsl4d033b75; [x]

S1 MpKsl5367b813;MpKsl5367b813; [x]

S1 MpKsl598a9d50;MpKsl598a9d50; [x]

S1 MpKsl5ae15f13;MpKsl5ae15f13; [x]

S1 MpKsl5dc52109;MpKsl5dc52109; [x]

S1 MpKsl5e9e962e;MpKsl5e9e962e; [x]

S1 MpKsl5febda57;MpKsl5febda57; [x]

S1 MpKsl67f9f463;MpKsl67f9f463; [x]

S1 MpKsl6800f251;MpKsl6800f251; [x]

S1 MpKsl7f2be814;MpKsl7f2be814; [x]

S1 MpKsl94b2e61f;MpKsl94b2e61f; [x]

S1 MpKsl96fa3423;MpKsl96fa3423; [x]

S1 MpKsl9ee409ad;MpKsl9ee409ad; [x]

S1 MpKsl9f11b47c;MpKsl9f11b47c; [x]

S1 MpKsl9fb3e33d;MpKsl9fb3e33d; [x]

S1 MpKsla6146225;MpKsla6146225; [x]

S1 MpKslacda6667;MpKslacda6667; [x]

S1 MpKslb5605f26;MpKslb5605f26; [x]

S1 MpKslb682949e;MpKslb682949e; [x]

S1 MpKslbabde6b7;MpKslbabde6b7; [x]

S1 MpKslbf4695c0;MpKslbf4695c0; [x]

S1 MpKslc0a1d097;MpKslc0a1d097; [x]

S1 MpKslc5158823;MpKslc5158823; [x]

S1 MpKslcbc9d5a6;MpKslcbc9d5a6; [x]

S1 MpKsld064a4d0;MpKsld064a4d0; [x]

S1 MpKsld06c79b2;MpKsld06c79b2; [x]

S1 MpKsld2702395;MpKsld2702395; [x]

S1 MpKsld4b2a5c3;MpKsld4b2a5c3; [x]

S1 MpKsldc479c11;MpKsldc479c11; [x]

S1 MpKsle3aa683d;MpKsle3aa683d; [x]

S1 MpKsle41698f4;MpKsle41698f4; [x]

S1 MpKsle7a0dc9a;MpKsle7a0dc9a; [x]

S1 MpKslfa76ecb2;MpKslfa76ecb2; [x]

S1 snrvuqwz;snrvuqwz; [x]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15-8-2008 5:46 284016]

S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]

S3 esgiguard;esgiguard; [x]

S3 filtertdidriver;filtertdidriver;c:\windows\system32\drivers\ewfiltertdidriver.sys --> c:\windows\system32\drivers\ewfiltertdidriver.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]

S3 p2a4miw.sys;p2a4miw.sys; [x]

S3 Ql1wd_lm;Ql1wd_lm;c:\windows\system32\drivers\ipinip.sys [26-10-2004 11:46 20864]

S3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]

S3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-14 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-23 19:53]

.

2012-01-14 c:\windows\Tasks\MpIdleTask.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]

.

2012-01-14 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]

.

2012-01-14 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-12-11 08:26]

.

2011-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

.

2012-01-14 c:\windows\Tasks\User_Feed_Synchronization-{71673891-80D4-4E2D-B3CF-38391A22FE15}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]

.

2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13]

.

2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13]

.

2012-01-14 c:\windows\Tasks\SmartDefrag_Startup.job

- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-08-07 09:35]

.

2012-01-14 c:\windows\Tasks\ConfigExec.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09]

.

2012-01-14 c:\windows\Tasks\DataUpload.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = hxxp://www.asus.com/

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\documents and settings\Andre\Application Data\Mozilla\Firefox\Profiles\5ss3w2qh.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F} - (no file)

MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe

AddRemove-Ulead Photo Express 3.0 - c:\windows\IsUn0413.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-14 12:30

Windows 5.1.2600 Service Pack 3 FAT NTAPI

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG08.00.00.01WORKSTATION"="2978D6FA26A2180403FCA2509DDF555A027093B09872F3B586E1F26063344884863165A68E334C5173CFA691282368EDBCD4D80DF78CC9EC525A64C257DD4775C62DE4D1903C585871CE2852D1321E83B0C73CACB224F337AEC491B6419C9D1840082131A8DDF7094CAB350663554159C6AF2FDEF94670BE3DDB6B8A5C611A246FF12EAEBB1069477829A1D00725239F0D04E3A6E352BF2145EDA8BC46700EC5712D6168929AEEEA0DA0048FCE1216FA3453D33DE87A65F02E5DBF0302FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6675D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CC3D94E70D4318B3897CBEC77DE64E612F472D09248338C427D902BC25FCAB74B06270351A38E15B94C4CB3DC2A75997B7D8EB972C97E46BF136FCDB61FA4A0697BE552A45DF90D920C770E53E9BC7320D060BED2D30831DF21C5EA968E145FC10A7E197105856513846AC61A79C960578055B44E37825626BCF385F6118C3AA0EC63A8E43485BF71B5441999C47281E0725E6725D5E473F94F5A15101F44ADB6B10746CF1812F3C5712A395A514FA9605CF195B9A769FA27966287BB45B56518BDDFAAA7F2068E0F6045CD0AB2BEE2DA4D097313B80D905CA4F43BFBA52247BDC4EB83051902CDAD7F42ED7B1460E83A26A1A6DBA6138EADDF008474718BE60353A971A4F36AA5679C512AA4349AAD4E9ABCCB632680821201F72B6C713990A9489C88678168BE66DDA7839E65175449B361709BFDA02E6617536C5004364255D44C52D2D266F1B6B8FCF0288CC035C04E97971C88028667020B772F1751AD0F02C5CC0F8B165249F90F5A22A44A5E2E1C6EB89FB7F4B53AF99EF0BD309E3B422916686AE7E920F5C09DA0133DA98EF2A077BF858B1019668612EFD3E7750440F8D38953B21CD474826F93A4F6153B4FB4478ACF9DAE425606E980EDE96FD6BCF4158A614EA71BE105497A26898D8CE98678EB27186EF5DAAAB2232AF66DB6D0F2F4374B304CD3C165FA8E073E51DFCE15A72C533B322F26FAF94C4D621159789F14D06FE08E10F613D4FDDEF266456936F785C6599D1A4FCE5263C01642A91377968D4E7DB69ACBD1A96B679A16810E918DA692D99D19D255D2448D8CAB47674EA2158B38516B6DB8546C7DBB6E0BF22613B36DB7DE411090964066D5BD021C4B658472D52E35EEB5300B2570BE91B242B6C13283D35CC9D53B999C182AE33EE80DED6E306159C2851EC582E59D74CA0C28DEE0DFB2E728CEE309AA8BE824BD764E541034C2EF453E838DDEE0E2C61F7C1F079B8376943578373B2B7A35B36F9461B38D62EE45B1C6C749AA352DD2F3DFD32F293A5B49E1A5DFCFDCC68DB30B3C0076BED1C6D72B5AD853F54EDC95F55605BD"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1820)

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\WRLogonNTF.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

c:\program files\Intel\Wireless\Bin\LgNotify.dll

.

- - - - - - - > 'explorer.exe'(3996)

c:\progra~1\WINDOW~2\wmpband.dll

c:\windows\system32\webcheck.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Intel\Wireless\Bin\S24EvMon.exe

c:\windows\system32\Ati2evxx.exe

c:\progra~1\Intel\Wireless\Bin\1XConfig.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Intel\Wireless\Bin\OProtSvc.exe

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\windows\system32\tcpsvcs.exe

c:\windows\System32\snmp.exe

c:\program files\ASUS\NB Probe\SPM\spmgr.exe

c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

c:\windows\system32\wdfmgr.exe

c:\program files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\taskmgr.exe

.

**************************************************************************

.

Voltooingstijd: 2012-01-14 12:39:11 - machine werd herstart

ComboFix-quarantined-files.txt 2012-01-14 11:39

.

Pre-Run: 8.144.322.560 bytes beschikbaar

Post-Run: 8.100.773.888 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP" /noexecute=optin /fastdetect

.

- - End Of File - - 0043590A72365667CF0FE0C4C3E9BE92

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\documents and settings\Andre\Local Settings\Application Data\BIT12.tmp

c:\windows\system32\drivers\ojddtl.sys

Folder::

C:\FOUND.030

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

Driver::

onbbbelh

MpKsl0094bc82

MpKsl04e76432

MpKsl06873a5c

MpKsl09c6dfa7

MpKsl0b15c8d9

MpKsl10fed5fd

MpKsl13ac65f5

MpKsl1477e8f1

MpKsl1ac94e99

MpKsl29adacb2

MpKsl2a2b07fb

MpKsl32aded72

MpKsl33ba61df

MpKsl3c286d8f

MpKsl41cc1b22

MpKsl4ad2084b

MpKsl4d033b75

MpKsl5367b813

MpKsl598a9d50

MpKsl5ae15f13

MpKsl5dc52109

MpKsl5e9e962e

MpKsl5febda57

MpKsl67f9f463

MpKsl6800f251

MpKsl7f2be814

MpKsl94b2e61f

MpKsl96fa3423

MpKsl9ee409ad

MpKsl9f11b47c

MpKsl9fb3e33d

MpKsla6146225

MpKslacda6667

MpKslb5605f26

MpKslb682949e

MpKslbabde6b7

MpKslbf4695c0

MpKslc0a1d097

MpKslc5158823

MpKslcbc9d5a6

MpKsld064a4d0

MpKsld06c79b2

MpKsld2702395

MpKsld4b2a5c3

MpKsldc479c11

MpKsle3aa683d

MpKsle41698f4

MpKsle7a0dc9a

MpKslfa76ecb2

snrvuqw

p2a4miw.sys

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites

bij deze mijn nieuwe logje:

ComboFix 12-01-13.05 - Andre 14-01-2012 16:53:23.2.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.430 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Andre\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Andre\Bureaublad\CFScript.txt.txt

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

FILE ::

"c:\documents and settings\Andre\Local Settings\Application Data\BIT12.tmp"

"c:\windows\system32\drivers\ojddtl.sys"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\FOUND.030

c:\found.030\FILE0000.CHK

c:\found.030\FILE0001.CHK

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_MPKSL0094BC82

-------\Legacy_MPKSL04E76432

-------\Legacy_MPKSL06873A5C

-------\Legacy_MPKSL09C6DFA7

-------\Legacy_MPKSL0B15C8D9

-------\Legacy_MPKSL10FED5FD

-------\Legacy_MPKSL13AC65F5

-------\Legacy_MPKSL1477E8F1

-------\Legacy_MPKSL1AC94E99

-------\Legacy_MPKSL29ADACB2

-------\Legacy_MPKSL2A2B07FB

-------\Legacy_MPKSL33BA61DF

-------\Legacy_MPKSL41CC1B22

-------\Legacy_MPKSL4AD2084B

-------\Legacy_MPKSL4D033B75

-------\Legacy_MPKSL5367B813

-------\Legacy_MPKSL5AE15F13

-------\Legacy_MPKSL5DC52109

-------\Legacy_MPKSL5E9E962E

-------\Legacy_MPKSL5FEBDA57

-------\Legacy_MPKSL67F9F463

-------\Legacy_MPKSL6800F251

-------\Legacy_MPKSL7F2BE814

-------\Legacy_MPKSL96FA3423

-------\Legacy_MPKSL9F11B47C

-------\Legacy_MPKSL9FB3E33D

-------\Legacy_MPKSLA6146225

-------\Legacy_MPKSLACDA6667

-------\Legacy_MPKSLB5605F26

-------\Legacy_MPKSLB682949E

-------\Legacy_MPKSLBABDE6B7

-------\Legacy_MPKSLBF4695C0

-------\Legacy_MPKSLC0A1D097

-------\Legacy_MPKSLC5158823

-------\Legacy_MPKSLCBC9D5A6

-------\Legacy_MPKSLD064A4D0

-------\Legacy_MPKSLD06C79B2

-------\Legacy_MPKSLD2702395

-------\Legacy_MPKSLD4B2A5C3

-------\Legacy_MPKSLDC479C11

-------\Legacy_MPKSLE3AA683D

-------\Legacy_MPKSLE41698F4

-------\Legacy_MPKSLE7A0DC9A

-------\Legacy_MPKSLFA76ECB2

-------\Legacy_P2A4MIW.SYS

-------\Service_MpKsl0094bc82

-------\Service_MpKsl04e76432

-------\Service_MpKsl06873a5c

-------\Service_MpKsl09c6dfa7

-------\Service_MpKsl0b15c8d9

-------\Service_MpKsl10fed5fd

-------\Service_MpKsl13ac65f5

-------\Service_MpKsl1477e8f1

-------\Service_MpKsl1ac94e99

-------\Service_MpKsl29adacb2

-------\Service_MpKsl2a2b07fb

-------\Service_MpKsl32aded72

-------\Service_MpKsl33ba61df

-------\Service_MpKsl3c286d8f

-------\Service_MpKsl41cc1b22

-------\Service_MpKsl4ad2084b

-------\Service_MpKsl4d033b75

-------\Service_MpKsl5367b813

-------\Service_MpKsl598a9d50

-------\Service_MpKsl5ae15f13

-------\Service_MpKsl5dc52109

-------\Service_MpKsl5e9e962e

-------\Service_MpKsl5febda57

-------\Service_MpKsl67f9f463

-------\Service_MpKsl6800f251

-------\Service_MpKsl7f2be814

-------\Service_MpKsl94b2e61f

-------\Service_MpKsl96fa3423

-------\Service_MpKsl9ee409ad

-------\Service_MpKsl9f11b47c

-------\Service_MpKsl9fb3e33d

-------\Service_MpKsla6146225

-------\Service_MpKslacda6667

-------\Service_MpKslb5605f26

-------\Service_MpKslb682949e

-------\Service_MpKslbabde6b7

-------\Service_MpKslbf4695c0

-------\Service_MpKslc0a1d097

-------\Service_MpKslc5158823

-------\Service_MpKslcbc9d5a6

-------\Service_MpKsld064a4d0

-------\Service_MpKsld06c79b2

-------\Service_MpKsld2702395

-------\Service_MpKsld4b2a5c3

-------\Service_MpKsldc479c11

-------\Service_MpKsle3aa683d

-------\Service_MpKsle41698f4

-------\Service_MpKsle7a0dc9a

-------\Service_MpKslfa76ecb2

-------\Service_onbbbelh

-------\Service_p2a4miw.sys

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-14 to 2012-01-14 ))))))))))))))))))))))))))))))

.

.

2012-01-14 16:14 . 2012-01-14 16:14 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\offreg.dll

2012-01-14 16:13 . 2012-01-14 16:13 -------- d-----w- C:\FOUND.030

2012-01-14 11:43 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\mpengine.dll

2012-01-14 08:15 . 2012-01-14 08:15 -------- d--h--r- c:\documents and settings\Andre\Onlangs geopend

2012-01-12 16:16 . 2012-01-12 16:16 -------- d-----w- c:\documents and settings\Andre\Application Data\Friday's games

2012-01-12 14:44 . 2012-01-12 14:44 0 ---ha-w- c:\documents and settings\Andre\Local Settings\Application Data\BIT12.tmp

2012-01-11 15:28 . 2012-01-11 15:28 388096 ----a-r- c:\documents and settings\Andre\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-01-11 15:28 . 2012-01-11 15:28 -------- d-----w- c:\program files\Trend Micro

2012-01-11 15:13 . 2012-01-11 15:13 -------- d-----w- c:\program files\Speccy

2012-01-08 09:15 . 2012-01-08 09:15 -------- d-----w- c:\documents and settings\Andre\Application Data\Gogii

2012-01-07 11:27 . 2001-08-17 19:12 91294 ----a-w- c:\windows\system32\dllcache\skfpwin.sys

2012-01-07 11:27 . 2001-09-06 19:53 95146 ----a-w- c:\windows\system32\dllcache\sk98xwin.sys

2012-01-07 11:27 . 2001-09-06 20:26 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll

2012-01-07 11:27 . 2001-08-17 19:50 50432 ----a-w- c:\windows\system32\dllcache\sisv.sys

2012-01-07 11:27 . 2004-08-03 21:31 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys

2012-01-07 11:27 . 2001-09-06 20:27 238592 ----a-w- c:\windows\system32\dllcache\sisgrv.dll

2012-01-07 11:27 . 2001-08-17 19:50 104064 ----a-w- c:\windows\system32\dllcache\sisgrp.sys

2012-01-07 11:27 . 2001-09-06 20:26 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll

2012-01-07 11:27 . 2001-08-17 19:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys

2012-01-07 11:27 . 2001-09-06 20:26 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll

2012-01-07 11:27 . 2001-08-17 19:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys

2012-01-07 11:26 . 2001-09-06 19:49 161760 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

2012-01-07 11:26 . 2001-07-21 21:29 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys

2012-01-07 11:26 . 2001-08-17 19:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys

2012-01-07 11:26 . 2001-09-06 20:26 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll

2012-01-07 11:26 . 2001-08-17 19:19 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys

2012-01-07 11:26 . 2001-09-06 19:47 6912 ----a-w- c:\windows\system32\dllcache\serscan.sys

2012-01-07 11:26 . 2001-09-06 19:47 18176 ----a-w- c:\windows\system32\dllcache\sermouse.sys

2012-01-07 11:26 . 2001-09-06 20:27 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll

2012-01-07 11:25 . 2001-08-17 20:53 6912 ----a-w- c:\windows\system32\dllcache\seaddsmc.sys

2012-01-07 11:25 . 2008-04-13 19:45 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys

2012-01-07 11:25 . 2001-08-17 20:52 11648 ----a-w- c:\windows\system32\dllcache\scsiprnt.sys

2012-01-07 11:25 . 2001-09-06 20:27 57856 ----a-w- c:\windows\system32\dllcache\EXCH_scripto.dll

2012-01-07 11:25 . 2001-09-06 19:44 17536 ----a-w- c:\windows\system32\dllcache\scr111.sys

2012-01-07 11:25 . 2001-09-06 19:44 16768 ----a-w- c:\windows\system32\dllcache\scmstcs.sys

2012-01-07 11:25 . 2001-08-17 20:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys

2012-01-07 11:25 . 2001-09-06 19:42 23936 ----a-w- c:\windows\system32\dllcache\sccmn50m.sys

2012-01-07 11:25 . 2008-04-13 19:40 43904 ----a-w- c:\windows\system32\dllcache\sbp2port.sys

2012-01-07 11:25 . 2001-09-06 20:27 495616 ----a-w- c:\windows\system32\dllcache\sblfx.dll

2012-01-07 11:25 . 2001-08-17 19:50 75392 ----a-w- c:\windows\system32\dllcache\s3savmxm.sys

2012-01-07 11:23 . 2004-08-03 21:31 20992 ----a-w- c:\windows\system32\dllcache\rtl8139.sys

2012-01-07 11:23 . 2001-08-17 19:12 19017 ----a-w- c:\windows\system32\dllcache\rtl8029.sys

2012-01-07 11:23 . 2001-08-17 19:19 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys

2012-01-07 11:23 . 2001-09-06 20:27 10240 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll

2012-01-07 11:23 . 2001-08-17 19:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys

2012-01-07 11:23 . 2008-04-14 17:34 79360 ----a-w- c:\windows\system32\dllcache\rocket.sys

2012-01-07 11:23 . 2001-08-17 19:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys

2012-01-07 11:23 . 2001-09-06 20:27 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll

2012-01-07 11:23 . 2001-09-06 20:27 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe

2012-01-07 11:23 . 2004-08-04 13:00 14848 ----a-w- c:\windows\system32\dllcache\register.exe

2012-01-07 11:22 . 2001-09-06 19:29 715210 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys

2012-01-07 11:22 . 2001-09-06 19:29 899594 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys

2012-01-07 11:22 . 2001-09-06 20:27 41984 ----a-w- c:\windows\system32\dllcache\qvusd.dll

2012-01-07 11:22 . 2001-08-17 20:53 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys

2012-01-07 11:22 . 2004-08-04 13:00 16896 ----a-w- c:\windows\system32\dllcache\quser.exe

2012-01-07 11:22 . 2004-08-04 13:00 9728 ----a-w- c:\windows\system32\dllcache\query.exe

2012-01-07 11:22 . 2001-08-17 20:52 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys

2012-01-07 11:22 . 2001-08-17 20:52 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys

2012-01-07 11:22 . 2001-08-17 20:52 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys

2012-01-07 11:20 . 2001-08-17 20:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys

2012-01-07 11:20 . 2004-08-04 13:00 131584 ----a-w- c:\windows\system32\dllcache\pmxviceo.dll

2012-01-07 11:20 . 2004-08-04 13:00 6144 ----a-w- c:\windows\system32\dllcache\pmxgl.dll

2012-01-07 11:20 . 2004-08-04 13:00 11264 ----a-w- c:\windows\system32\dllcache\pmxmcro.dll

2012-01-07 11:20 . 2001-09-06 20:27 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll

2012-01-07 11:20 . 2001-08-17 21:07 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys

2012-01-07 11:20 . 2001-08-17 21:04 92416 ----a-w- c:\windows\system32\dllcache\phildec.sys

2012-01-07 11:20 . 2001-08-17 21:04 173696 ----a-w- c:\windows\system32\dllcache\philcam2.sys

2012-01-07 11:20 . 2001-08-17 21:04 75776 ----a-w- c:\windows\system32\dllcache\philcam1.sys

2012-01-07 11:20 . 2001-09-06 20:27 16896 ----a-w- c:\windows\system32\dllcache\philcam1.dll

2012-01-07 11:20 . 2008-04-14 18:01 259328 ----a-w- c:\windows\system32\dllcache\perm3dd.dll

2012-01-07 11:18 . 2001-09-06 20:27 42496 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll

2012-01-07 11:17 . 2001-08-17 19:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys

2012-01-07 11:17 . 2001-08-17 19:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys

2012-01-07 11:17 . 2001-09-06 20:26 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll

2012-01-07 11:17 . 2001-08-17 19:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys

2012-01-07 11:17 . 2001-09-06 20:27 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll

2012-01-07 11:17 . 2001-09-06 18:49 9472 ----a-w- c:\windows\system32\dllcache\ntapm.sys

2012-01-07 11:17 . 2001-08-17 20:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys

2012-01-07 11:17 . 2008-04-13 19:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys

2012-01-07 11:16 . 2001-08-17 19:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys

2012-01-07 11:16 . 2001-08-17 19:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys

2012-01-07 11:16 . 2001-08-17 19:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys

2012-01-07 11:16 . 2004-08-03 23:57 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys

2012-01-07 11:16 . 2001-09-06 18:39 66334 ----a-w- c:\windows\system32\dllcache\netflx3.sys

2012-01-07 11:16 . 2001-08-17 19:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys

2012-01-07 11:16 . 2001-09-06 20:26 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll

2012-01-07 11:16 . 2001-08-17 20:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys

2012-01-07 11:16 . 2008-04-13 19:46 10880 ----a-w- c:\windows\system32\dllcache\ndisip.sys

2012-01-07 11:14 . 2004-08-04 13:00 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll

2012-01-07 11:14 . 2001-08-17 19:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys

2012-01-07 11:14 . 2008-04-13 19:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys

2012-01-07 11:14 . 2008-04-13 19:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

2012-01-07 11:14 . 2001-08-17 20:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2012-01-07 11:13 . 2001-08-17 21:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

2012-01-07 11:13 . 2004-08-04 13:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

2012-01-07 11:13 . 2001-08-17 21:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

2012-01-07 11:13 . 2001-08-17 20:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

2012-01-07 11:13 . 2008-04-13 19:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys

2012-01-07 11:13 . 2001-08-17 20:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

2012-01-07 11:12 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys

2012-01-07 11:12 . 2001-08-17 20:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

2012-01-07 11:12 . 2001-08-17 20:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys

2012-01-07 11:12 . 2004-08-04 13:00 34816 ----a-w- c:\windows\system32\dllcache\migisol.exe

2012-01-07 11:12 . 2001-09-06 17:59 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys

2012-01-07 11:12 . 2001-09-06 20:26 235648 ----a-w- c:\windows\system32\dllcache\mgaud.dll

2012-01-07 11:12 . 2004-08-04 13:00 92416 ----a-w- c:\windows\system32\dllcache\mga.sys

2012-01-07 11:12 . 2004-08-04 13:00 92032 ----a-w- c:\windows\system32\dllcache\mga.dll

2012-01-07 11:12 . 2008-04-13 19:41 26112 ----a-w- c:\windows\system32\dllcache\memstpci.sys

2012-01-07 11:10 . 2004-08-03 23:58 607132 ----a-w- c:\windows\system32\dllcache\ltmdmnt.sys

2012-01-07 11:10 . 2001-09-06 17:39 728234 ----a-w- c:\windows\system32\dllcache\ltck000c.sys

2012-01-07 11:10 . 2001-08-17 20:53 4992 ----a-w- c:\windows\system32\dllcache\loop.sys

2012-01-07 11:10 . 2001-08-17 19:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys

2012-01-07 11:10 . 2001-08-17 19:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys

2012-01-07 11:10 . 2001-08-17 19:11 25065 ----a-w- c:\windows\system32\dllcache\lmndis3.sys

2012-01-07 11:10 . 2001-09-06 17:35 15872 ----a-w- c:\windows\system32\dllcache\lit220p.sys

2012-01-07 11:10 . 2008-04-13 19:40 34688 ----a-w- c:\windows\system32\dllcache\lbrtfdc.sys

2012-01-07 11:10 . 2001-09-06 17:32 26922 ----a-w- c:\windows\system32\dllcache\lanepic5.sys

2012-01-07 11:10 . 2001-08-17 19:12 19016 ----a-w- c:\windows\system32\dllcache\ktc111.sys

2012-01-07 11:10 . 2001-09-06 20:26 37888 ----a-w- c:\windows\system32\dllcache\kousd.dll

2012-01-07 11:10 . 2004-08-04 13:00 70656 ----a-w- c:\windows\system32\dllcache\korwbrkr.dll

2012-01-07 11:08 . 2001-08-17 20:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys

2012-01-07 11:08 . 2001-08-17 20:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys

2012-01-07 11:08 . 2001-08-17 19:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys

2012-01-07 11:08 . 2001-09-06 20:26 90200 ----a-w- c:\windows\system32\dllcache\io8ports.dll

2012-01-07 11:08 . 2001-08-17 20:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-08 07:25 . 2011-06-29 16:38 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-12-10 14:24 . 2011-12-11 11:58 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-01 12:12 . 2011-07-01 15:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-25 21:57 . 2004-10-26 10:46 293888 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 14:40 . 2004-10-26 10:46 1859712 ----a-w- c:\windows\system32\win32k.sys

2011-11-21 10:47 . 2011-06-27 09:39 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-11-20 06:12 . 2004-10-26 10:46 60928 ----a-w- c:\windows\system32\packager.exe

2011-11-15 13:29 . 2011-06-25 14:44 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-11-04 19:13 . 2004-10-26 10:46 916992 ----a-w- c:\windows\system32\wininet.dll

2011-11-04 19:13 . 2007-04-25 08:45 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-04 19:13 . 2004-10-26 10:46 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-11-04 11:25 . 2004-10-26 10:46 385024 ----a-w- c:\windows\system32\html.iec

2011-11-03 15:29 . 2004-10-26 10:46 386560 ----a-w- c:\windows\system32\qdvd.dll

2011-11-03 15:29 . 2004-10-26 10:46 1296384 ----a-w- c:\windows\system32\quartz.dll

2011-11-01 16:07 . 2004-10-26 10:46 1288192 ----a-w- c:\windows\system32\ole32.dll

2011-10-28 05:32 . 2004-10-26 10:46 33280 ----a-w- c:\windows\system32\csrsrv.dll

2011-10-26 10:50 . 2004-10-26 10:46 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-10-26 10:50 . 2004-08-03 23:58 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-10-19 21:16 . 2011-11-25 17:14 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2011-10-18 11:13 . 2004-10-26 10:46 186880 ----a-w- c:\windows\system32\encdec.dll

2009-09-23 16:43 . 2009-09-23 16:43 288560 ----a-w- c:\program files\utorrent.exe

2007-04-09 21:54 . 2007-05-25 20:56 9650176 ----a-w- c:\program files\Unique.dll

2011-11-10 05:44 . 2011-06-25 15:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-13 289072]

"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-11-07 67456]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-09-29 4441944]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

2005-05-31 21:46 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Speed Launch.lnk

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ASUS ChkMail.lnk]

backup=c:\windows\pss\ASUS ChkMail.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Cisco Systems VPN Client.lnk]

backup=c:\windows\pss\Cisco Systems VPN Client.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Logitech Music Anywhere Settings.lnk]

backup=c:\windows\pss\Logitech Music Anywhere Settings.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Secunia PSI Tray.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Secunia PSI Tray.lnk

backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk]

path=c:\documents and settings\Andre\Menu Start\Programma's\Opstarten\Adobe Gamma.lnk

backup=c:\windows\pss\Adobe Gamma.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^Andre^Menu Start^Programma's^Opstarten^utorrent.lnk]

backup=c:\windows\pss\utorrent.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]

2011-09-07 14:53 40376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-06-06 11:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]

2011-12-11 11:44 619352 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]

2003-09-19 11:54 172032 ----a-w- c:\program files\Asus\ASUS Live Update\ALU.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

2005-08-30 20:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-03-12 12:49 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 18:02 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EOUApp]

2005-05-31 21:50 356352 ----a-w- c:\program files\Intel\Wireless\Bin\EOUWiz.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControl]

2005-07-28 08:29 102400 ----a-w- c:\windows\ATK0100\HControl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

2007-03-12 17:53 1055792 ----a-w- c:\program files\Nero\Nero 7\InCD\InCD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]

2005-06-03 00:31 385024 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]

2005-05-31 21:46 401408 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2008-09-10 15:40 289576 ----a-w- D:\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]

2011-12-24 16:50 460872 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 18:03 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NB Probe]

2005-07-27 16:07 765952 ----a-w- c:\program files\Asus\NB Probe\NBProbe.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-09 17:53 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear]

2005-06-16 14:48 86016 ----a-w- c:\program files\Asus\Power4 Gear\BatteryLife.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]

2011-11-07 08:26 67456 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2005-09-06 07:39 14850560 ------r- c:\windows\RTHDCPL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]

2007-03-12 17:54 1626160 ----a-w- c:\program files\Nero\Nero 7\InCD\NBHGui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-09-01 21:36 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2008-09-23 14:46 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]

2006-12-06 16:59 4820992 ----a-w- c:\program files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2009-10-13 07:57 289072 ----a-w- c:\program files\uTorrent\uTorrent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console]

2005-07-22 13:36 57344 ----a-w- c:\program files\Asus\Wireless Console\wcourier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"PhotoshopElementsDeviceConnect"=2 (0x2)

"ose"=3 (0x3)

"InCDsrv"=2 (0x2)

"CVPND"=3 (0x3)

"AdobeActiveFileMonitor"=2 (0x2)

"Adobe LM Service"=3 (0x3)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Messenger\\MSMSGS.EXE"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\DiskTrix\\UltimateDefrag\\UDefrag.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\WINDOWS\\System32\\dplaysvr.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"d:\\iTunes.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"3587:TCP"= 3587:TCP:Windows Peer-to-Peer-groepering

"3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

.

R0 R592;R592;c:\windows\system32\drivers\R592.sys [15-10-2004 19:26 57088]

R0 risdpntk;risdpntk;c:\windows\system32\drivers\risdpntk.sys [15-10-2004 19:26 27264]

R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [6-9-2011 17:50 14776]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [25-11-2011 17:32 494424]

R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7-8-2011 17:08 820568]

R2 Iprip;RIP-listener;c:\windows\System32\svchost.exe -k netsvcs [26-10-2004 11:46 14336]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11-12-2011 12:59 652872]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [19-4-2011 8:44 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [19-4-2011 8:44 399416]

R3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [25-6-2011 15:41 20160]

R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [3-10-2011 16:49 239600]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11-12-2011 12:58 20464]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1-9-2010 10:30 15544]

R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [3-10-2011 16:49 30368]

R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [3-10-2011 16:49 16208]

S1 MpKsl6f619427;MpKsl6f619427;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKsl6f619427.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKsl6f619427.sys [?]

S1 MpKslc2905bf7;MpKslc2905bf7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKslc2905bf7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CF894ECF-209B-4C95-8B47-7B35241F4981}\MpKslc2905bf7.sys [?]

S1 snrvuqwz;snrvuqwz; [x]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15-8-2008 5:46 284016]

S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]

S3 esgiguard;esgiguard; [x]

S3 filtertdidriver;filtertdidriver;c:\windows\system32\drivers\ewfiltertdidriver.sys --> c:\windows\system32\drivers\ewfiltertdidriver.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:13 135664]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [13-6-2011 22:09 267568]

S3 Ql1wd_lm;Ql1wd_lm;c:\windows\system32\drivers\ipinip.sys [26-10-2004 11:46 20864]

S3 xcpip;Stuurprogramma voor TCP/IP-protocol;c:\windows\system32\drivers\xcpip.sys --> c:\windows\system32\drivers\xcpip.sys [?]

S3 xpsec;IPSEC-stuurprogramma;c:\windows\system32\drivers\xpsec.sys --> c:\windows\system32\drivers\xpsec.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-14 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-23 19:53]

.

2012-01-14 c:\windows\Tasks\MpIdleTask.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]

.

2012-01-14 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]

.

2012-01-14 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-12-11 08:26]

.

2011-12-23 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

.

2012-01-14 c:\windows\Tasks\User_Feed_Synchronization-{71673891-80D4-4E2D-B3CF-38391A22FE15}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]

.

2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13]

.

2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:13]

.

2012-01-14 c:\windows\Tasks\SmartDefrag_Startup.job

- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-08-07 09:35]

.

2012-01-14 c:\windows\Tasks\ConfigExec.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09]

.

2012-01-14 c:\windows\Tasks\DataUpload.job

- c:\program files\Microsoft Fix it Center\MatsApi.dll [2011-06-13 21:09]

.

.

------- Bijkomende Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = hxxp://www.asus.com/

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.254

FF - ProfilePath - c:\documents and settings\Andre\Application Data\Mozilla\Firefox\Profiles\5ss3w2qh.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl/

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-14 17:16

Windows 5.1.2600 Service Pack 3 FAT NTAPI

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG08.00.00.01WORKSTATION"="2978D6FA26A2180403FCA2509DDF555A027093B09872F3B586E1F26063344884863165A68E334C5173CFA691282368EDBCD4D80DF78CC9EC525A64C257DD4775C62DE4D1903C585871CE2852D1321E83B0C73CACB224F337AEC491B6419C9D1840082131A8DDF7094CAB350663554159C6AF2FDEF94670BE3DDB6B8A5C611A246FF12EAEBB1069477829A1D00725239F0D04E3A6E352BF2145EDA8BC46700EC5712D6168929AEEEA0DA0048FCE1216FA3453D33DE87A65F02E5DBF0302FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6675D575E7D6A3B98085D575E7D6A3B98089DB7CE019D40AA5CC3D94E70D4318B3897CBEC77DE64E612F472D09248338C427D902BC25FCAB74B06270351A38E15B94C4CB3DC2A75997B7D8EB972C97E46BF136FCDB61FA4A0697BE552A45DF90D920C770E53E9BC7320D060BED2D30831DF21C5EA968E145FC10A7E197105856513846AC61A79C960578055B44E37825626BCF385F6118C3AA0EC63A8E43485BF71B5441999C47281E0725E6725D5E473F94F5A15101F44ADB6B10746CF1812F3C5712A395A514FA9605CF195B9A769FA27966287BB45B56518BDDFAAA7F2068E0F6045CD0AB2BEE2DA4D097313B80D905CA4F43BFBA52247BDC4EB83051902CDAD7F42ED7B1460E83A26A1A6DBA6138EADDF008474718BE60353A971A4F36AA5679C512AA4349AAD4E9ABCCB632680821201F72B6C713990A9489C88678168BE66DDA7839E65175449B361709BFDA02E6617536C5004364255D44C52D2D266F1B6B8FCF0288CC035C04E97971C88028667020B772F1751AD0F02C5CC0F8B165249F90F5A22A44A5E2E1C6EB89FB7F4B53AF99EF0BD309E3B422916686AE7E920F5C09DA0133DA98EF2A077BF858B1019668612EFD3E7750440F8D38953B21CD474826F93A4F6153B4FB4478ACF9DAE425606E980EDE96FD6BCF4158A614EA71BE105497A26898D8CE98678EB27186EF5DAAAB2232AF66DB6D0F2F4374B304CD3C165FA8E073E51DFCE15A72C533B322F26FAF94C4D621159789F14D06FE08E10F613D4FDDEF266456936F785C6599D1A4FCE5263C01642A91377968D4E7DB69ACBD1A96B679A16810E918DA692D99D19D255D2448D8CAB47674EA2158B38516B6DB8546C7DBB6E0BF22613B36DB7DE411090964066D5BD021C4B658472D52E35EEB5300B2570BE91B242B6C13283D35CC9D53B999C182AE33EE80DED6E306159C2851EC582E59D74CA0C28DEE0DFB2E728CEE309AA8BE824BD764E541034C2EF453E838DDEE0E2C61F7C1F079B8376943578373B2B7A35B36F9461B38D62EE45B1C6C749AA352DD2F3DFD32F293A5B49E1A5DFCFDCC68DB30B3C0076BED1C6D72B5AD853F54EDC95F55605BD"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(1820)

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\WRLogonNTF.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

c:\program files\Intel\Wireless\Bin\LgNotify.dll

.

- - - - - - - > 'explorer.exe'(7816)

c:\progra~1\WINDOW~2\wmpband.dll

c:\windows\system32\webcheck.dll

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Intel\Wireless\Bin\S24EvMon.exe

c:\windows\system32\Ati2evxx.exe

c:\progra~1\Intel\Wireless\Bin\1XConfig.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Intel\Wireless\Bin\OProtSvc.exe

c:\program files\Uniblue\RegistryBooster\registrybooster.exe

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\windows\system32\tcpsvcs.exe

c:\windows\System32\snmp.exe

c:\program files\ASUS\NB Probe\SPM\spmgr.exe

c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

c:\windows\system32\wdfmgr.exe

c:\program files\Hitman Pro\downloads\Webroot\Spy Sweeper\SpySweeper.exe

c:\windows\system32\wscntfy.exe

c:\program files\IObit\IObit Malware Fighter\IMFUpdater.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\windows\system32\logon.scr

.

**************************************************************************

.

Voltooingstijd: 2012-01-14 17:29:19 - machine werd herstart

ComboFix-quarantined-files.txt 2012-01-14 16:29

ComboFix2.txt 2012-01-14 11:39

.

Pre-Run: 7.951.515.648 bytes beschikbaar

Post-Run: 7.793.115.136 bytes beschikbaar

.

- - End Of File - - 4063C9055065167B932D9B84D9BCDB83

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.