Pagina 2 van 2 EersteEerste 12
Weergegeven resultaten: 11 t/m 14 van 14
  1. 7 September 2008, 22:03 #11
    tzwientjuh
    Gast



    ComboFix 08-09-05.03 - IannEefje 2008-09-07 21:54:31.1 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1043.18.2011 [GMT 2:00]
    Gestart vanuit: C:\Users\IannEefje\Downloads\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Windows\system32\cbXPgfff.dll
    C:\Windows\System32\DJlnmnnn.ini
    C:\Windows\System32\DJlnmnnn.ini2
    C:\Windows\system32\qoMdCrqo.dll
    .
    ---- Previous Run -------
    .
    C:\Users\IannEefje\AppData\Roaming\.#
    C:\Windows\system32\cbXPgfff.dll
    C:\Windows\System32\DJlnmnnn.ini
    C:\Windows\System32\DJlnmnnn.ini2
    C:\Windows\system32\qoMdCrqo.dll

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2008-08-07 to 2008-09-07 ))))))))))))))))))))))))))))))
    .

    2008-09-07 21:50 . 2008-09-07 21:54 <DIR> d-------- C:\327882R2FWJFW
    2008-09-07 21:16 . 2008-09-07 21:16 358,084,505 --a------ C:\Windows\MEMORY.DMP
    2008-09-07 19:03 . 2008-09-07 19:03 <DIR> d-------- C:\Program Files\Trend Micro
    2008-09-07 18:33 . 2008-05-10 05:35 885,248 --a------ C:\Windows\System32\RacEngn.dll
    2008-09-07 18:33 . 2008-05-10 00:22 9,127 --a------ C:\Windows\System32\RacUR.xml
    2008-09-07 18:33 . 2008-05-10 00:22 153 --a------ C:\Windows\System32\RacUREx.xml
    2008-09-06 21:28 . 2008-09-07 21:17 <DIR> d-------- C:\Users\All Users\Kaspersky Lab
    2008-09-06 21:28 . 2008-09-07 21:17 <DIR> d-------- C:\ProgramData\Kaspersky Lab
    2008-09-06 21:28 . 2008-09-06 22:30 <DIR> d-------- C:\Program Files\Kaspersky Lab
    2008-09-06 21:28 . 2008-09-07 21:57 3,146,784 --ahs---- C:\Windows\System32\drivers\fidbox.dat
    2008-09-06 21:28 . 2008-09-07 21:57 286,752 --ahs---- C:\Windows\System32\drivers\fidbox2.dat
    2008-09-06 21:28 . 2008-09-06 21:35 96,976 --a------ C:\Windows\System32\drivers\klin.dat
    2008-09-06 21:28 . 2008-09-06 21:28 87,855 --a------ C:\Windows\System32\drivers\klick.dat
    2008-09-06 21:28 . 2008-09-07 21:57 26,712 --ahs---- C:\Windows\System32\drivers\fidbox.idx
    2008-09-06 21:28 . 2008-09-07 21:57 3,108 --ahs---- C:\Windows\System32\drivers\fidbox2.idx
    2008-09-06 21:26 . 2008-09-06 21:26 <DIR> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
    2008-09-06 21:26 . 2008-09-06 21:26 <DIR> d-------- C:\ProgramData\Kaspersky Lab Setup Files
    2008-09-06 17:30 . 2004-08-18 05:14 442,368 -ra------ C:\Windows\System32\vp6vfw.dll
    2008-09-06 13:37 . 2008-09-06 16:59 <DIR> d-------- C:\Users\All Users\Codemasters
    2008-09-06 13:37 . 2008-09-06 16:59 <DIR> d-------- C:\ProgramData\Codemasters
    2008-09-06 13:28 . 2008-09-06 13:28 <DIR> d-------- C:\Program Files\OpenAL
    2008-09-06 13:27 . 2008-04-28 12:29 805,400 -ra------ C:\Windows\System32\tmp7DD7.tmp
    2008-09-06 12:28 . 2008-09-06 12:28 <DIR> d-------- C:\Program Files\Arena51 Community Tool
    2008-09-05 19:51 . 2008-09-05 19:51 0 --a------ C:\Windows\nsreg.dat
    2008-09-05 02:35 . 2008-09-05 02:35 <DIR> d-------- C:\Program Files\Nieuwe map
    2008-09-05 00:13 . 2008-09-05 00:13 <DIR> d-------- C:\Users\IannEefje\AppData\Roaming\InstallShield
    2008-09-05 00:13 . 2008-09-05 00:13 <DIR> d-------- C:\Intel
    2008-09-04 21:52 . 2008-09-04 21:52 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music
    2008-09-04 21:29 . 2008-09-04 21:29 <DIR> d-------- C:\Users\IannEefje\Bluetooth Software
    2008-09-04 20:25 . 2008-09-04 20:25 45 ---h----- C:\Windows\dace3778.dat
    2008-09-04 20:17 . 2008-09-04 20:26 <DIR> d-------- C:\Program Files\PhotoFiltre Studio
    2008-09-04 18:50 . 2008-09-04 18:50 <DIR> d-------- C:\Program Files\Common Files\Steam
    2008-09-04 17:31 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll
    2008-09-04 17:31 . 2007-05-16 16:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll
    2008-09-04 17:31 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll
    2008-09-04 17:31 . 2007-05-16 16:45 1,124,720 --a------ C:\Windows\System32\D3DCompiler_34.dll
    2008-09-04 17:31 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll
    2008-09-04 17:31 . 2007-05-16 16:45 443,752 --a------ C:\Windows\System32\d3dx10_34.dll
    2008-09-04 17:31 . 2007-04-04 18:53 81,768 --a------ C:\Windows\System32\xinput1_3.dll
    2008-09-04 16:58 . 2008-09-04 16:58 <DIR> d-------- C:\Users\IannEefje\AppData\Roaming\TuneUp Software
    2008-09-04 16:58 . 2008-09-04 16:58 307,968 --a------ C:\Windows\System32\TuneUpDefragService.exe
    2008-09-04 16:58 . 2008-02-27 13:15 28,416 --a------ C:\Windows\System32\uxtuneup.dll
    2008-09-04 16:58 . 2008-02-27 13:15 16,640 --a------ C:\Windows\System32\authuitu.dll
    2008-09-04 16:57 . 2008-09-04 16:57 <DIR> d-------- C:\Users\All Users\TuneUp Software
    2008-09-04 16:57 . 2008-09-04 16:57 <DIR> d-------- C:\ProgramData\TuneUp Software
    2008-09-04 16:57 . 2008-09-04 16:58 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
    2008-09-04 16:57 . 2008-09-04 16:57 <DIR> d-------- C:\Program Files\HDR
    2008-09-04 16:57 . 2008-09-04 16:57 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-09-04 16:11 . 2008-09-04 19:09 <DIR> d-------- C:\Program Files\SystemRequirementsLab
    2008-09-04 16:10 . 2008-09-04 16:10 0 --a------ C:\Users\IannEefje\AppData\Roaming\wklnhst.dat
    2008-09-04 14:39 . 2008-09-04 14:39 <DIR> d--hs---- C:\Diskeeper
    2008-09-04 14:26 . 2008-09-04 14:26 <DIR> d-------- C:\Program Files\CCleaner
    2008-09-04 14:24 . 2008-09-04 14:24 <DIR> d-------- C:\Program Files\Foxit Software
    2008-09-04 14:23 . 2008-09-04 14:23 <DIR> d-------- C:\Users\All Users\Diskeeper Corporation
    2008-09-04 14:23 . 2008-09-04 14:23 <DIR> d-------- C:\ProgramData\Diskeeper Corporation
    2008-09-04 14:23 . 2008-09-04 14:23 <DIR> d-------- C:\Program Files\Diskeeper Corporation
    2008-09-04 00:08 . 2008-09-04 00:08 <DIR> d-------- C:\Users\All Users\InterAction studios
    2008-09-04 00:08 . 2008-09-04 00:08 <DIR> d-------- C:\ProgramData\InterAction studios
    2008-09-03 23:10 . 2007-12-16 17:57 75,776 --a------ C:\Windows\System32\drivers\WSVD.sys
    2008-09-03 20:26 . 2008-09-04 16:26 <DIR> d-------- C:\Program Files\Google
    2008-09-03 20:25 . 2008-09-03 20:25 <DIR> d-------- C:\Program Files\Fraps
    2008-09-03 19:14 . 2008-09-04 19:18 0 --a------ C:\Windows\System32\LogConfigTemp.xml
    2008-09-03 19:13 . 2008-09-03 19:13 <DIR> d-------- C:\Program Files\Launch Manager
    2008-09-03 19:13 . 2008-09-03 19:13 83 --a------ C:\Windows\LManager.UNI
    2008-09-03 19:12 . 2007-10-23 10:56 200,704 --a------ C:\Windows\PLFSetI.exe
    2008-09-03 19:12 . 2008-01-10 13:56 57 --a------ C:\Windows\PidList.ini
    2008-09-03 19:10 . 2008-09-03 19:10 <DIR> d-------- C:\Windows\System32\es-MX
    2008-09-03 19:10 . 2008-09-03 19:10 <DIR> d-------- C:\Windows\System32\es-AR
    2008-09-03 19:10 . 2008-09-03 19:10 <DIR> d-------- C:\Program Files\WIDCOMM
    2008-09-03 19:10 . 2007-04-26 04:20 233,472 --a------ C:\Windows\System32\BtwRSupport.dll
    2008-09-03 19:10 . 2007-02-27 08:20 81,200 --a------ C:\Windows\System32\drivers\btwavdt.sys
    2008-09-03 19:10 . 2007-03-29 21:46 79,664 --a------ C:\Windows\System32\drivers\btwaudio.sys
    2008-09-03 19:10 . 2007-02-27 08:20 16,432 --a------ C:\Windows\System32\drivers\btwrchid.sys
    2008-09-03 19:09 . 2008-09-03 19:09 1,548,099 --a------ C:\Windows\System32\VMC3KAPI.dll
    2008-09-03 19:09 . 2008-09-03 19:09 114,688 --a------ C:\Windows\System32\VCryptAPI.dll
    2008-09-03 19:09 . 2008-09-03 19:09 23,040 --a------ C:\Windows\System32\ShlCmd.exe
    2008-09-03 19:09 . 2008-09-03 19:09 5,632 --a------ C:\Windows\System32\biologon.dll
    2008-09-03 19:08 . 2008-09-03 19:08 <DIR> d-------- C:\Program Files\Validity Sensors, Inc
    2008-09-03 19:08 . 2008-09-03 19:08 331,776 --a------ C:\Windows\System32\DrvCrypt.dll
    2008-09-03 19:08 . 2008-09-03 19:08 192,512 --a------ C:\Windows\System32\BioOne.dll
    2008-09-03 19:08 . 2008-09-03 19:08 189,952 --a------ C:\Windows\System32\PBAGUI.dll
    2008-09-03 19:08 . 2008-09-03 19:08 43,184 --a------ C:\Windows\System32\drivers\AlfaFF.sys
    2008-09-03 19:08 . 2008-09-03 19:08 16,384 --a------ C:\Windows\System32\AlfaFF.dll
    2008-09-03 19:07 . 2008-09-03 19:07 <DIR> d-------- C:\Windows\System32\NLD
    2008-09-03 19:07 . 2008-09-03 19:07 <DIR> d-------- C:\Windows\System32\Lang
    2008-09-03 19:07 . 2008-09-03 19:07 <DIR> d-------- C:\Users\All Users\NVIDIA
    2008-09-03 19:07 . 2008-09-03 19:07 <DIR> d-------- C:\ProgramData\NVIDIA
    2008-09-03 19:07 . 2008-09-03 13:45 <DIR> d--hs---- C:\$RECYCLE.BIN
    2008-09-03 19:07 . 2007-12-21 11:38 936,472 --a------ C:\Windows\System32\imsmudlg.exe
    2008-09-03 19:07 . 2006-11-10 09:25 319,456 --a------ C:\Windows\System32\difxapi.dll
    2008-09-03 19:03 . 2008-03-07 19:55 1,079,840 --a------ C:\Windows\System32\nvcpluir.dll
    2008-09-03 19:03 . 2008-03-07 19:55 764,448 --a------ C:\Windows\System32\nvcplui.exe
    2008-09-03 19:03 . 2008-03-07 19:55 442,368 --a------ C:\Windows\System32\nvuninst.exe
    2008-09-03 19:03 . 2008-03-07 19:55 420,384 --a------ C:\Windows\System32\nvcpl.cpl
    2008-09-03 19:03 . 2008-03-07 19:55 313,888 --a------ C:\Windows\System32\nvexpbar.dll
    2008-09-03 18:34 . 2008-09-04 15:44 <DIR> d-------- C:\Users\IannEefje\AppData\Roaming\eSobi
    2008-09-03 18:11 . 2008-09-03 18:11 <DIR> d--hs---- C:\Windows\ftpcache
    2008-09-03 17:21 . 2008-09-03 17:21 <DIR> d-------- C:\Program Files\PicLensIE
    2008-09-03 17:11 . 2008-09-03 17:11 <DIR> d-------- C:\Users\IannEefje\AppData\Roaming\Apple Computer
    2008-09-03 17:10 . 2008-09-03 17:11 <DIR> d-------- C:\Program Files\iTunes
    2008-09-03 17:10 . 2008-09-03 17:10 <DIR> d-------- C:\Program Files\iPod
    2008-09-03 17:10 . 2008-09-03 17:10 <DIR> d-------- C:\Program Files\Bonjour
    2008-09-03 17:09 . 2008-09-03 17:10 <DIR> d-------- C:\Users\All Users\Apple Computer
    2008-09-03 17:09 . 2008-09-03 17:09 <DIR> d-------- C:\Users\All Users\Apple
    2008-09-03 17:09 . 2008-09-03 17:10 <DIR> d-------- C:\ProgramData\Apple Computer
    2008-09-03 17:09 . 2008-09-03 17:09 <DIR> d-------- C:\ProgramData\Apple
    2008-09-03 17:09 . 2008-09-03 17:10 <DIR> d-------- C:\Program Files\QuickTime
    2008-09-03 17:09 . 2008-09-03 17:09 <DIR> d-------- C:\Program Files\Apple Software Update
    2008-09-03 16:45 . 2008-09-07 20:33 <DIR> d-a------ C:\Users\All Users\TEMP
    2008-09-03 16:45 . 2008-09-07 20:33 <DIR> d-a------ C:\ProgramData\TEMP
    2008-09-03 16:40 . 2008-09-03 16:40 <DIR> d-------- C:\Users\IannEefje\autocad
    2008-09-03 16:27 . 2008-09-05 17:11 <DIR> d-------- C:\Users\IannEefje\AppData\Roaming\Autodesk
    2008-09-03 16:27 . 2008-09-05 17:11 <DIR> d-------- C:\Users\All Users\Autodesk
    2008-09-03 16:27 . 2008-09-05 17:11 <DIR> d-------- C:\ProgramData\Autodesk
    2008-09-03 16:27 . 2008-09-03 16:30 <DIR> d-------- C:\Program Files\AutoCAD 2008
    2008-09-03 16:24 . 2008-09-03 16:30 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
    2008-09-03 16:24 . 2008-09-03 16:24 <DIR> d-------- C:\Program Files\Autodesk
    2008-09-03 16:08 . 2008-09-03 16:08 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
    2008-09-03 16:03 . 2008-09-03 16:03 <DIR> d-------- C:\Users\IannEefje\AppData\Roaming\DAEMON Tools
    2008-09-03 16:03 . 2008-09-03 16:03 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
    2008-09-03 15:46 . 2008-09-07 21:49 28,219 --a------ C:\Users\All Users\nvModes.dat
    2008-09-03 15:46 . 2008-09-07 21:49 28,219 --a------ C:\ProgramData\nvModes.dat
    2008-09-03 15:10 . 2008-09-07 21:57 12 --a------ C:\Windows\bthservsdp.dat
    2008-09-03 14:50 . 2008-09-03 14:50 <DIR> d-------- C:\Windows\System32\Futuremark
    2008-09-03 14:15 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2008-09-06 15:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-09-06 11:28 444,952 ----a-w C:\Windows\System32\wrap_oal.dll
    2008-09-06 11:28 109,080 ----a-w C:\Windows\System32\OpenAL32.dll
    2008-09-04 13:54 --------- d-----w C:\Program Files\Acer
    2008-09-04 13:44 --------- d-----w C:\ProgramData\eSobi
    2008-09-04 13:43 --------- d-----w C:\ProgramData\Microsoft Help
    2008-09-04 13:42 --------- d-----w C:\Program Files\Microsoft Works
    2008-09-03 20:02 --------- d-----w C:\ProgramData\McAfee
    2008-09-03 20:00 --------- d-----w C:\ProgramData\SiteAdvisor
    2008-09-03 17:07 --------- d-----w C:\Program Files\Intel
    2008-09-03 14:25 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-09-03 12:19 --------- d-----w C:\Program Files\Windows Mail
    2008-09-03 11:29 --------- d-sh--w C:\ProgramData\Sjablonen
    2008-09-03 11:29 --------- d-sh--w C:\ProgramData\Menu Start
    2008-09-03 11:29 --------- d-sh--w C:\ProgramData\Favorieten
    2008-09-03 11:29 --------- d-sh--w C:\ProgramData\Documenten
    2008-09-03 11:29 --------- d-sh--w C:\ProgramData\Bureaublad
    2008-07-29 18:21 218,376 ----a-w C:\Windows\System32\klogon.dll
    2008-07-29 18:20 24,774 ----a-w C:\Windows\system32\drivers\klopp.dat
    2008-07-22 09:58 47,616 ----a-w C:\Windows\system32\drivers\L1E60x86.sys
    2008-07-21 16:34 121,872 ----a-w C:\Windows\system32\drivers\kl1.sys
    2008-07-09 16:28 20,496 ----a-w C:\Windows\system32\drivers\klim6.sys
    2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
    2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 125952]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-03-07 13527584]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [2008-03-07 92704]
    "ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" [2008-09-03 3642368]
    "PLFSetI"="C:\Windows\PLFSetI.exe" [2007-10-23 200704]
    "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2008-03-13 805384]
    "WarReg_PopUp"="C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
    "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-07-29 206088]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-03-11 C:\Windows\RtHDVCpl.exe]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-24 723760]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKe y MC3000]
    2008-09-03 19:09 3024384 C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkb d.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^Acer VCM.lnk]
    path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
    backup=C:\Windows\pss\Acer VCM.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
    --a------ 2008-02-25 18:57 34040 C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2008-07-30 10:47 289064 C:\Program Files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1505938756-1031342763-1272919410-1000]
    "EnableNotificationsRef"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
    "{109AA567-30D2-4C19-8899-240672CE2254}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
    "{93B8E81E-B479-44F1-9B74-AF6288B70750}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
    "{39FA2BA1-7C34-4457-9964-09A266BAA928}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
    "{025F4D38-FCD7-487C-AF49-918268440A0A}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
    "{B5AB065D-CF8A-4C84-A954-EF87ADFCAD47}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
    "{D26DBDBC-565B-4FAA-9D22-86D072D38F3B}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
    "{D05C09F2-A4D5-4073-AF55-E91BF8582356}"= C:\Program Files\Acer\Acer VCM\VC.exe:Acer VCM
    "{36E3B7A1-8E39-4E7B-B8CE-A99EAD9528FD}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{EB17BEA8-5610-450C-91A2-F72F73419D49}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
    "{8FFF8801-7E0A-4C2C-9E38-10F4B2D34C18}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
    "{755371A6-6A55-40B1-A724-E447F7F2783E}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "{31B5B0D8-B157-49DD-8FF9-D95C3DE8280E}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
    "TCP Query User{38089FF6-A41B-4696-B9D7-238FF02CCC02}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Windows Sidebar
    "UDP Query User{6D0E0909-D58D-434D-957A-70717196B668}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Windows Sidebar
    "{B4AF9210-3D65-4C70-85CF-357B2BB8DA11}"= UDP:C:\Program Files\Codemasters\GRID Demo\GRID.exe:GRID Demo
    "{D8EDE7DF-874F-4A8C-811A-A218A7811511}"= TCP:C:\Program Files\Codemasters\GRID Demo\GRID.exe:GRID Demo

    R0 AlfaFF;AlfaFF File System mini-filter;C:\Windows\system32\Drivers\AlfaFF.sys [2008-09-03 43184]
    R0 klbg;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\drivers\klbg.sys [2008-01-29 32784]
    R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\Windows\system32\drivers\sfdrv01a.sys [2006-07-05 63352]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2008-07-09 20496]
    R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 21752]
    R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 49152]
    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 131072]
    R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\Windows\System32\svchost.exe [2008-01-21 21504]
    R2 vfsFPService;Validity Fingerprint Service;C:\Windows\system32\vfsFPService.exe [2008-02-15 595248]
    R3 AVerAF15;AVerMedia BDA Digital Tuner;C:\Windows\system32\Drivers\AVerAF15.sys [2008-01-16 281984]
    R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
    R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1E60x86.sy s [2008-07-22 47616]
    R3 vfs101x;vfs101x;C:\Windows\system32\drivers\vfs101 x.sys [2008-02-15 40752]
    S3 btwaudio;Bluetooth-audioapparaat;C:\Windows\system32\drivers\btwaudio .sys [2007-03-29 79664]
    S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
    S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwr chid.sys [2007-02-27 16432]
    S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys [2008-03-13 80912]
    S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-09-04 92656]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.ex e [2008-09-04 307968]
    S3 WSVD;WSVD;C:\Windows\system32\drivers\WSVD.sys [2007-12-16 75776]
    S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.s ys [2008-01-21 386616]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{a90e75b8-79d9-11dd-9e26-806e6f6e6963}]
    \shell\AutoRun\command - F:\Autorun.exe
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    - - - - ORPHANS REMOVED - - - -

    ShellExecuteHooks-{1FB5C8F6-82F0-49CE-BCD9-9C80DDA48E26} - C:\Windows\system32\qoMdCrqo.dll
    MSConfigStartUp-Adobe Reader Speed Launcher - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    MSConfigStartUp-AppleSyncNotifier - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    MSConfigStartUp-eAudio - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
    MSConfigStartUp-eDataSecurity Loader - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
    MSConfigStartUp-ePower_DMC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
    MSConfigStartUp-PlayMovie - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
    MSConfigStartUp-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe


    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Users\IannEefje\AppData\Roaming\Mozilla\Firefox \Profiles\gv6jejuz.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.be/
    FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    .

    ************************************************** ************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-09-07 21:58:59
    Windows 6.0.6001 Service Pack 1 NTFS

    scannen van verborgen processen ...

    scannen van verborgen autostart items ...

    scannen van verborgen bestanden ...

    Scan succesvol afgerond
    verborgen bestanden: 0

    ************************************************** ************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Windows\System32\nvvsvc.exe
    C:\Windows\System32\audiodg.exe
    C:\Windows\System32\agrsmsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
    C:\Windows\System32\conime.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Users\IANNEE~1\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\ehome\ehsched.exe
    C:\Windows\ehome\ehrecvr.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\System32\dllhost.exe
    .
    ************************************************** ************************
    .
    Voltooingstijd: 2008-09-07 22:01:18 - machine was rebooted [IannEefje]
    ComboFix-quarantined-files.txt 2008-09-07 20:01:13

    Pre-Run: 112,480,768,000 bytes beschikbaar
    Post-Run: 112,245,329,920 bytes beschikbaar

    320 --- E O F --- 2008-09-07 17:11:44



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:02:01, on 7/09/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conime.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Users\IANNEE~1\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\Explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
    O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark Measurement Services Client) - http://www.yougamers.com/systeminfo/MSC3.cab
    O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.cooliris.com/shared/plinstll.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA ~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
    O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

    --
    End of file - 6896 bytes
  2. 7 September 2008, 22:19 #12
    Juisterr
    Juisterr is offline
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    start opnieuw op en vertel even hoe het nu gaat.
    "
    "
  3. 7 September 2008, 22:30 #13
    tzwientjuh
    Gast
    Citaat Oorspronkelijk geplaatst door Juisterr Bekijk bericht
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    start opnieuw op en vertel even hoe het nu gaat.
    alles lijkt normaal :d fel bedankt voor je hulp
  4. 7 September 2008, 22:36 #14
    Juisterr
    Juisterr is offline
    Erelid   Juisterr's schermafbeelding
    Geregistreerd
    31 July 2006
    Locatie
    kotje aan de kust
    Berichten
    3.653
    Bedankjes
    1.008
    Bedankt
    2.268 keer in 1.411 posts
    Je mag alle gebruikte tools en aangemaakte mappen terug verwijderen.

    Verwijder ComboFix via Start > Uitvoeren, kopiëer en plak Combofix /U
    Klik op OK of toets Enter.
    Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.

    "
    "
« Vorige discussie | Volgende discussie »

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Ik Krijg Pictogram niet weg
    Door Bendegreef in forum Windows
    Reacties: 5
    Laatste bericht: 17 December 2007, 14:34
  2. [Win XP] Krijg XP Niet Geinstalleerd ....
    Door True_Challenge in forum Windows
    Reacties: 6
    Laatste bericht: 14 January 2007, 19:02
  3. krijg pc niet aan de praat
    Door Flippie in forum Volledige systemen, laptops en netbooks
    Reacties: 1
    Laatste bericht: 20 November 2006, 07:54
  4. krijg pc niet aan de praat
    Door dawson in forum Processoren, moederborden en geheugen
    Reacties: 9
    Laatste bericht: 18 August 2006, 12:55
  5. krijg dit niet weg , SchedLgu
    Door force38 in forum HijackThis
    Reacties: 5
    Laatste bericht: 28 January 2006, 23:53

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •  

Forumregels