ComboFix 09-01-21.04 - Mette 2009-01-22 22:00:14.1 - NTFSx86 Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1043.18.3571.2004 [GMT 1:00] Gestart vanuit: c:\users\Mette\Downloads\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((( Bestanden Gemaakt van 2008-12-22 to 2009-01-22 )))))))))))))))))))))))))))))) . 2009-01-22 20:38 . 2009-01-22 20:38 d-------- c:\program files\Trend Micro 2009-01-22 17:19 . 2009-01-22 17:19 d-------- c:\users\Mette\AppData\Roaming\PC Tools 2009-01-22 17:19 . 2009-01-22 17:19 d-------- c:\users\All Users\PC Tools 2009-01-22 17:19 . 2009-01-22 17:19 d-------- c:\programdata\PC Tools 2009-01-22 17:19 . 2009-01-22 22:04 d-------- c:\program files\Spyware Doctor 2009-01-22 17:19 . 2009-01-22 17:19 d-------- c:\program files\Common Files\PC Tools 2009-01-22 17:19 . 2008-07-28 12:29 160,792 --a------ c:\windows\System32\drivers\pctfw2.sys 2009-01-22 17:19 . 2008-08-25 12:36 81,288 --a------ c:\windows\System32\drivers\iksyssec.sys 2009-01-22 17:19 . 2008-08-25 12:36 66,952 --a------ c:\windows\System32\drivers\iksysflt.sys 2009-01-22 17:19 . 2008-08-25 12:36 40,840 --a------ c:\windows\System32\drivers\ikfilesec.sys 2009-01-22 17:19 . 2008-06-02 16:19 29,576 --a------ c:\windows\System32\drivers\kcom.sys 2009-01-22 16:00 . 2009-01-22 22:05 d-a------ c:\users\All Users\TEMP 2009-01-22 16:00 . 2009-01-22 22:05 d-a------ c:\programdata\TEMP 2009-01-21 14:52 . 2009-01-21 14:52 d-------- c:\users\Mette\AppData\Roaming\PeerNetworking 2009-01-19 17:26 . 2009-01-19 17:26 d-------- c:\users\Mette\AppData\Roaming\Maple 2009-01-14 10:25 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys 2008-12-26 22:26 . 2008-12-26 22:26 d-------- c:\program files\Common Files\SWF Studio 2008-12-26 22:25 . 2000-05-22 09:58 647,872 --------- c:\windows\System32\Mscomct2.ocx 2008-12-26 22:25 . 1999-10-11 02:00 41,984 --------- c:\windows\Ctregrun.exe 2008-12-26 22:21 . 2008-12-26 22:21 d-------- c:\users\Mette\AppData\Roaming\ArcSoft 2008-12-26 22:19 . 1995-07-31 13:44 212,480 --a------ c:\windows\PCDLIB32.DLL 2008-12-26 22:16 . 1998-11-13 13:08 308,224 --a------ c:\windows\IsUn0413.exe 2008-12-26 22:12 . 2004-10-22 03:15 86,016 --a------ c:\windows\CtDrvIns.exe 2008-12-23 21:25 . 2008-12-23 23:22 d-------- c:\program files\GameSpy Arcade . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-22 13:26 27,839 ----a-w c:\users\All Users\nvModes.dat 2009-01-22 13:26 27,839 ----a-w c:\programdata\nvModes.dat 2009-01-14 20:23 --------- d-----w c:\program files\Windows Mail 2009-01-13 10:07 --------- d-----w c:\program files\Roxio 2008-12-30 10:12 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-26 21:26 --------- d-----w c:\users\Mette\AppData\Roaming\Creative 2008-12-26 21:26 --------- d-----w c:\program files\Creative 2008-11-25 20:53 --------- d-----w c:\program files\DAEMON Tools Lite 2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll 2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll 2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe 2008-10-22 03:57 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll 2008-10-22 01:22 2,048 ----a-w c:\windows\System32\tzres.dll 2008-09-04 16:11 174 --sha-w c:\program files\desktop.ini 2004-03-15 16:51 114,688 ----a-w c:\program files\internet explorer\plugins\LV71ActiveXControl.dll 2003-05-01 08:36 114,688 ----a-w c:\program files\internet explorer\plugins\LV7ActiveXControl.dll 2005-10-12 15:04 131,072 ----a-w c:\program files\internet explorer\plugins\LV80ActiveXControl.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-02 196608] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-04 13543968] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-04 92704] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2008-07-04 96800] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2008-08-28 77824] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-15 178712] "ChangeTPMAuth"="c:\program files\Wave Systems Corp\Common\ChangeTPMAuth.exe" [2008-05-30 180224] "WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2008-05-14 99328] "SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2008-06-24 243000] "EmbassySecurityCheck"="c:\program files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" [2008-06-24 79160] "DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2008-05-30 593920] "DCPstrApp"="c:\program files\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe" [2008-08-04 6656] "DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2008-08-01 1486848] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-29 1261336] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-11 442467] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "niDevMon"="c:\program files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2005-10-06 263168] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-08-25 1168264] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-06-05 752168] Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2008-08-01 1180952] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=G [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 wvauth [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{43BD0AC3-22D3-4480-B321-586AF7679FDE}"= c:\program files\CyberLink\PowerDVD DX\PowerDVD.exe:CyberLink PowerDVD DX "{7A2A277B-A9CA-4577-9F97-B9625901E8C2}"= c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:CyberLink PowerDVD DX Resident Program "{F6D8558A-E1BC-40BA-874F-6D349BCAAE2E}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe "{09BFCEA1-3B7A-41B9-ABE4-F65ED4323F6F}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "{BE4A3D3F-A807-4D59-B916-6643773E9E4E}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{BD699A37-4D99-453A-9DB4-53B355CDCA5C}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord "UDP Query User{2F1485E6-61E7-415C-A396-AB735E12D2A6}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord "TCP Query User{8DFE0BF5-0D9B-4F64-8ED9-1ED785C30987}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper "UDP Query User{D664D3D8-5B93-4340-AD5A-E12C2524D44A}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper "TCP Query User{E2729D95-65BC-469B-8AB7-A32AB1DC406C}c:\\program files\\maple 12\\jre\\bin\\java.exe"= UDP:c:\program files\maple 12\jre\bin\java.exe:Java(TM) Platform SE binary "UDP Query User{51991B07-7105-4A26-B2B6-0D7B8E1B8429}c:\\program files\\maple 12\\jre\\bin\\java.exe"= TCP:c:\program files\maple 12\jre\bin\java.exe:Java(TM) Platform SE binary "TCP Query User{B04DCEA4-A446-4433-A064-8CFD2ADBEBCD}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord "UDP Query User{8F316616-5A6D-4D50-A8F7-63B5709785D7}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord "TCP Query User{2CCE6DA9-DB55-49EB-9A7E-9DBAB6C69FCD}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= UDP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion "UDP Query User{44706AB0-BA50-4E8B-82BA-952D9A41073F}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= TCP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion "TCP Query User{8E51AFD5-531E-42C2-ABC2-4193F0906CCB}c:\\program files\\national instruments\\labview 8.0\\labview.exe"= UDP:c:\program files\national instruments\labview 8.0\labview.exe:LabVIEW 8.0 Development System "UDP Query User{A319AEA3-A016-412F-ABA5-3476586F7C9F}c:\\program files\\national instruments\\labview 8.0\\labview.exe"= TCP:c:\program files\national instruments\labview 8.0\labview.exe:LabVIEW 8.0 Development System "TCP Query User{74124A78-5CBF-4D01-BBB0-7C6650C313DE}c:\\program files\\national instruments\\labview 8.0\\labview.exe"= UDP:c:\program files\national instruments\labview 8.0\labview.exe:LabVIEW 8.0 Development System "UDP Query User{43BED68C-8DCB-45F2-B332-FBB478A6CBE4}c:\\program files\\national instruments\\labview 8.0\\labview.exe"= TCP:c:\program files\national instruments\labview 8.0\labview.exe:LabVIEW 8.0 Development System "TCP Query User{FA840288-49FA-455F-95AD-1B64949DC5F4}c:\\windows\\system32\\dplaysvr.exe"= UDP:c:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper "UDP Query User{2DBA6079-3220-4156-AA3B-0AD369CCB059}c:\\windows\\system32\\dplaysvr.exe"= TCP:c:\windows\system32\dplaysvr.exe:Microsoft DirectPlay Helper "{C0F661E2-7468-433D-B3AC-ADC8C81042F0}"= UDP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade "{B343E347-EA71-4D42-B84E-D8AAF5ECCCD6}"= TCP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade "TCP Query User{89545784-E719-4AA1-AD98-20353F939B0D}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= UDP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion "UDP Query User{BA2FF577-0E08-472B-9813-ED17FD8B88D0}c:\\program files\\microsoft games\\age of empires ii\\age2_x1\\age2_x1.exe"= TCP:c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.exe:Age of Empires II Expansion R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2008-09-02 97928] R1 pctfw2;pctfw2;c:\windows\System32\drivers\pctfw2.sys [2009-01-22 160792] R3 AvgWfpX;AVG Free8 Firewall Driver x86;c:\windows\System32\drivers\avgwfpx.sys [2008-09-02 69128] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-08-28 29736] R3 cvusbdrv;Broadcom USH CV;c:\windows\System32\drivers\cvusbdrv.sys [2008-08-29 32808] R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\System32\drivers\e1y6032.sys [2008-08-29 224384] R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [2008-08-29 3662848] R3 nicdrk;nicdrk;c:\windows\System32\drivers\nicdrk.dll [2005-10-06 170496] R3 nimru2k;nimru2k;c:\windows\System32\drivers\nimru2k.dll [2005-09-28 231936] R3 nimsdrk;nimsdrk;c:\windows\System32\drivers\nimsdrk.dll [2005-10-06 131072] R3 nimstsk;nimstsk;c:\windows\System32\drivers\nimstsk.dll [2005-10-06 51200] R3 niscdk;niscdk;c:\windows\System32\drivers\niscdk.dll [2005-10-06 497664] R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\AEstSrv.exe [2008-08-29 77824] R4 alssvc;Ambient Light Sensor;c:\program files\Dell\Ambient Light Sensor\AlsSvc.exe [2008-06-03 382232] R4 ASFAgent;ASF Agent;c:\program files\Intel\ASF Agent\ASFAgent.exe [2007-04-19 133968] R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-09-02 875288] R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-02 231704] R4 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2008-06-03 386328] R4 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2008-07-31 808296] R4 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2008-07-31 21352] R4 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2008-08-01 455960] R4 gpib420;GPIB Analyzer;c:\windows\System32\drivers\gpib420.sys [2005-07-18 31334] R4 GpibPrtK;Gpib Port;c:\windows\System32\drivers\GpibPrtK.sys [2005-07-18 199783] R4 lvalarmk;lvalarmk;c:\windows\System32\drivers\lvalarmk.dll [2005-07-27 10829] R4 niarbk;niarbk;c:\windows\System32\drivers\niarbk.dll [2005-10-13 37376] R4 nibffrk;nibffrk;c:\windows\System32\drivers\nibffrk.dll [2005-10-13 21504] R4 Nidaq32k;Nidaq32k;c:\windows\System32\drivers\nidaq32k.sys [2005-10-13 674304] R4 nidevldu;nidevldu;system32\nipalsm.exe --> system32\nipalsm.exe [?] R4 nidimk;nidimk;c:\windows\System32\drivers\nidimk.dll [2005-09-28 141824] R4 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\System32\drivers\nidmmk.dll [2005-10-13 50688] R4 nidmxfk;nidmxfk;c:\windows\System32\drivers\nidmxfk.dll [2005-10-13 166912] R4 niemrk;niemrk;c:\windows\System32\drivers\niemrk.dll [2005-10-07 346624] R4 nifslk;nifslk;c:\windows\System32\drivers\nifslk.dll [2005-10-06 35328] R4 nimdsk;nimdsk;c:\windows\System32\drivers\nimdsk.dll [2005-10-13 30208] R4 nimxpk;nimxpk;c:\windows\System32\drivers\nimxpk.dll [2005-10-06 19456] R4 nipxirmk;nipxirmk;c:\windows\System32\drivers\nipxirmk.dll [2005-09-21 55296] R4 nistck;nistck;c:\windows\System32\drivers\niSTCk.dll [2005-10-13 111616] R4 niswdk;niswdk;c:\windows\System32\drivers\niswdk.dll [2005-10-08 476160] R4 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-01-22 356920] R4 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2008-08-01 69632] R4 usb6xxxk;usb6xxxk;c:\windows\System32\drivers\usb6xxxk.dll [2005-10-07 19968] S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-09-14 33752] S3 nidsark;nidsark;c:\windows\System32\drivers\nidsark.dll [2005-10-06 714752] S3 niesrk;niesrk;c:\windows\System32\drivers\niesrk.dll [2005-10-07 489984] S3 nimslk;nimslk;c:\windows\System32\drivers\nimslk.dll [2005-10-06 14464] S3 nimsrlk;nimsrlk;c:\windows\System32\drivers\nimsrlk.dll [2005-10-06 151683] S3 nipalusb;NI-PAL USB Driver;c:\windows\System32\drivers\nipalusb.sys [2005-09-22 106496] S3 nisdigk;nisdigk;c:\windows\System32\drivers\nisdigk.dll [2005-10-07 233472] S3 nisftk;nisftk;c:\windows\System32\drivers\nisftk.dll [2005-10-06 163328] S3 nispdk;nispdk;c:\windows\System32\drivers\nispdk.dll [2005-10-06 42496] S3 nissrk;nissrk;c:\windows\System32\drivers\nissrk.dll [2005-10-07 1058304] S3 nistc2k;nistc2k;c:\windows\System32\drivers\nistc2k.dll [2005-10-06 163328] S3 nistcrk;nistcrk;c:\windows\System32\drivers\nistcrk.dll [2005-10-10 110080] S3 nitiork;nitiork;c:\windows\System32\drivers\nitiork.dll [2005-10-07 692736] S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\System32\drivers\NiViFWK.sys [2005-10-12 8704] S3 NiViPciK;NI-VISA PCI Driver;c:\windows\System32\drivers\NiViPciK.sys [2005-10-12 37376] S3 NiViPxiK;NI-VISA PXI Driver;c:\windows\System32\drivers\NiViPxiK.sys [2005-10-12 10752] S3 niwfrk;niwfrk;c:\windows\System32\drivers\niwfrk.dll [2005-10-07 422400] S3 nixsrk;nixsrk;c:\windows\System32\drivers\nixsrk.dll [2005-10-07 926720] --- Andere Services/Drivers In Geheugen --- *Deregistered* - mchInjDrv *Deregistered* - sptd [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ . - - - - ORPHANS VERWIJDERD - - - - ShellIconOverlayIdentifiers-{022F2F51-CDDA-4873-8A29-72C66C808A3F} - mscoree.dll ShellIconOverlayIdentifiers-{661963C1-99A1-44e7-A671-1CF3768AE9D4} - mscoree.dll . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-22 22:06:53 Windows 6.0.6001 Service Pack 1 NTFS detected NTDLL code modification: ZwClose scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'lsass.exe'(660) c:\windows\system32\wvauth.dll c:\windows\system32\biolsp.dll - - - - - - - > 'Explorer.exe'(5928) c:\windows\system32\btmmhook.dll c:\program files\Microsoft Office\OFFICE11\msohev.dll c:\windows\system32\btncopy.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\System32\nvvsvc.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_2311653e\stacsv.exe c:\windows\System32\audiodg.exe c:\windows\System32\rundll32.exe c:\windows\System32\wlanext.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\System32\CTSVCCDA.EXE c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\windows\System32\lkcitdl.exe c:\windows\System32\lkads.exe c:\windows\System32\lktsrv.exe c:\program files\National Instruments\MAX\nimxs.exe c:\windows\System32\nisvcloc.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Spyware Doctor\pctsSvc.exe c:\progra~1\AVG\AVG8\avgrsx.exe c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe c:\windows\System32\nipalsm.exe c:\windows\System32\nipalsm.exe c:\windows\System32\conime.exe c:\windows\System32\rundll32.exe c:\windows\System32\rundll32.exe c:\program files\DellTPad\ApMsgFwd.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\DellTPad\hidfind.exe c:\program files\DellTPad\ApntEx.exe c:\program files\WIDCOMM\Bluetooth Software\BTStackServer.exe c:\combofix\hidec.exe c:\combofix\Catchme.tmp . ************************************************************************** . Voltooingstijd: 2009-01-22 22:11:48 - machine werd herstart ComboFix-quarantined-files.txt 2009-01-22 21:10:23 Pre-Run: 110.035.509.248 bytes beschikbaar Post-Run: 109,796,507,648 bytes beschikbaar 260 --- E O F --- 2009-01-22 15:29:00