ComboFix 10-07-01.02 - Eddy 07/07/2010  16:50:41.7.2 - x86
Microsoft Windows Vista Home Premium   6.0.6002.2.1252.32.1043.18.3071.1778 [GMT 2:00]
Gestart vanuit: c:\users\Eddy\Desktop\scan.exe
gebruikte Opdracht switches :: c:\users\Eddy\Desktop\cfscript.txt
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
AV: Windows Live OneCare *On-access scanning disabled* (Updated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Windows Live OneCare - Firewall *disabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Windows Live OneCare *disabled* (Updated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}
 * Aanwezig AV is actief


FILE ::
"C:\C-o-m-b-o-F-i-x.exe"
"C:\S-m-i-t-f-r-a-u-d-F-i-x.exe"
"c:\users\eddy\appdata\roaming\GetValue.vbs"
"c:\users\eddy\appdata\roaming\SetValue.bat"
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\C-o-m-b-o-F-i-x
C:\C-o-m-b-o-F-i-x.exe
c:\c-o-m-b-o-f-i-x\023.dat
c:\c-o-m-b-o-f-i-x\023v.dat
c:\c-o-m-b-o-f-i-x\023w7.dat
c:\c-o-m-b-o-f-i-x\appinit.bad
c:\c-o-m-b-o-f-i-x\asp.str
c:\c-o-m-b-o-f-i-x\Assoc.cmd
c:\c-o-m-b-o-f-i-x\ATTRIB.cfxxe
c:\c-o-m-b-o-f-i-x\Auto-RC.cmd
c:\c-o-m-b-o-f-i-x\av.cmd
c:\c-o-m-b-o-f-i-x\av.vbs
c:\c-o-m-b-o-f-i-x\AWF.cmd
c:\c-o-m-b-o-f-i-x\badclsid.c
c:\c-o-m-b-o-f-i-x\Boot-Rk.cmd
c:\c-o-m-b-o-f-i-x\Boot.bat
c:\c-o-m-b-o-f-i-x\BootSect.dll
c:\c-o-m-b-o-f-i-x\c.bat
c:\c-o-m-b-o-f-i-x\Catch-sub.cmd
c:\c-o-m-b-o-f-i-x\catchme.cfxxe
c:\c-o-m-b-o-f-i-x\CCS.bat
c:\c-o-m-b-o-f-i-x\CF-Script.cmd
c:\c-o-m-b-o-f-i-x\CF19668.cfxxe
c:\c-o-m-b-o-f-i-x\CFVersionOld
c:\c-o-m-b-o-f-i-x\CHCP.bat
c:\c-o-m-b-o-f-i-x\clsid.c
c:\c-o-m-b-o-f-i-x\cmd.cfxxe
c:\c-o-m-b-o-f-i-x\Combobatch.bat
c:\c-o-m-b-o-f-i-x\ComboFix-Download.cfxxe
c:\c-o-m-b-o-f-i-x\Create.cmd
c:\c-o-m-b-o-f-i-x\Creg.dat
c:\c-o-m-b-o-f-i-x\CregC.cmd
c:\c-o-m-b-o-f-i-x\CregC.dat
c:\c-o-m-b-o-f-i-x\CSCRIPT.cfxxe
c:\c-o-m-b-o-f-i-x\CSet.cmd
c:\c-o-m-b-o-f-i-x\dd.cfxxe
c:\c-o-m-b-o-f-i-x\ddsDo.sed
c:\c-o-m-b-o-f-i-x\DelClsid.bat
c:\c-o-m-b-o-f-i-x\DelClsid64.bat
c:\c-o-m-b-o-f-i-x\desktop.ini
c:\c-o-m-b-o-f-i-x\DPF.str
c:\c-o-m-b-o-f-i-x\dumphive.cfxxe
c:\c-o-m-b-o-f-i-x\embedded.sed
c:\c-o-m-b-o-f-i-x\ERDNT.e_e
c:\c-o-m-b-o-f-i-x\ERDNTDOS.LOC
c:\c-o-m-b-o-f-i-x\ERDNTWIN.LOC
c:\c-o-m-b-o-f-i-x\ERUNT.cfxxe
c:\c-o-m-b-o-f-i-x\erunt.dat
c:\c-o-m-b-o-f-i-x\ERUNT.LOC
c:\c-o-m-b-o-f-i-x\Exe.reg
c:\c-o-m-b-o-f-i-x\extract.cfxxe
c:\c-o-m-b-o-f-i-x\FD-SV.cmd
c:\c-o-m-b-o-f-i-x\ffdefstr.dll
c:\c-o-m-b-o-f-i-x\FileKill.cfxxe
c:\c-o-m-b-o-f-i-x\files.pif
c:\c-o-m-b-o-f-i-x\Fin.dat
c:\c-o-m-b-o-f-i-x\FIND3M.bat
c:\c-o-m-b-o-f-i-x\FIXLSP.bat
c:\c-o-m-b-o-f-i-x\FKMGen.cmd
c:\c-o-m-b-o-f-i-x\ForeignWht
c:\c-o-m-b-o-f-i-x\GetHive.cmd
c:\c-o-m-b-o-f-i-x\grep.cfxxe
c:\c-o-m-b-o-f-i-x\gsar.cfxxe
c:\c-o-m-b-o-f-i-x\handle.cfxxe
c:\c-o-m-b-o-f-i-x\hidec.exe
c:\c-o-m-b-o-f-i-x\history.bat
c:\c-o-m-b-o-f-i-x\iexplore.exe
c:\c-o-m-b-o-f-i-x\image001.gif
c:\c-o-m-b-o-f-i-x\Install-RC.cmd
c:\c-o-m-b-o-f-i-x\katch.cmd
c:\c-o-m-b-o-f-i-x\Kill-All.cmd
c:\c-o-m-b-o-f-i-x\kmd.dat
c:\c-o-m-b-o-f-i-x\Lang.bat
c:\c-o-m-b-o-f-i-x\List-B.bat
c:\c-o-m-b-o-f-i-x\List-C.bat
c:\c-o-m-b-o-f-i-x\List-D.bat
c:\c-o-m-b-o-f-i-x\List.bat
c:\c-o-m-b-o-f-i-x\lnkread.vbs
c:\c-o-m-b-o-f-i-x\LocalService.dat
c:\c-o-m-b-o-f-i-x\LocalServiceNetworkRestricted.dat
c:\c-o-m-b-o-f-i-x\LocalSystemNetworkRestricted.dat
c:\c-o-m-b-o-f-i-x\mbr.cfxxe
c:\c-o-m-b-o-f-i-x\md5sum.pif
c:\c-o-m-b-o-f-i-x\Mirrors
c:\c-o-m-b-o-f-i-x\MoveIt.bat
c:\c-o-m-b-o-f-i-x\mtee.cfxxe
c:\c-o-m-b-o-f-i-x\MUI
c:\c-o-m-b-o-f-i-x\mynul.dat
c:\c-o-m-b-o-f-i-x\n.pif
c:\c-o-m-b-o-f-i-x\N_\11392
c:\c-o-m-b-o-f-i-x\N_\13503
c:\c-o-m-b-o-f-i-x\N_\1445
c:\c-o-m-b-o-f-i-x\N_\15186
c:\c-o-m-b-o-f-i-x\N_\16662
c:\c-o-m-b-o-f-i-x\N_\17336
c:\c-o-m-b-o-f-i-x\N_\17944
c:\c-o-m-b-o-f-i-x\N_\18117
c:\c-o-m-b-o-f-i-x\N_\19650
c:\c-o-m-b-o-f-i-x\N_\21611
c:\c-o-m-b-o-f-i-x\N_\22467
c:\c-o-m-b-o-f-i-x\N_\23333
c:\c-o-m-b-o-f-i-x\N_\24510
c:\c-o-m-b-o-f-i-x\N_\27938
c:\c-o-m-b-o-f-i-x\N_\5611
c:\c-o-m-b-o-f-i-x\N_\8112
c:\c-o-m-b-o-f-i-x\N_\pingtest
c:\c-o-m-b-o-f-i-x\ncmd.com
c:\c-o-m-b-o-f-i-x\ND_.bat
c:\c-o-m-b-o-f-i-x\ndis_combofix.dat
c:\c-o-m-b-o-f-i-x\netsvc.bad.dat
c:\c-o-m-b-o-f-i-x\netsvc.dat
c:\c-o-m-b-o-f-i-x\netsvc.vista.dat
c:\c-o-m-b-o-f-i-x\netsvc.xp.dat
c:\c-o-m-b-o-f-i-x\NetworkService.dat
c:\c-o-m-b-o-f-i-x\NirCmd.cfxxe
c:\c-o-m-b-o-f-i-x\NircmdB.exe
c:\c-o-m-b-o-f-i-x\NirCmdC.cfxxe
c:\c-o-m-b-o-f-i-x\NlsLanguageDefault
c:\c-o-m-b-o-f-i-x\NT-OS.cmd
c:\c-o-m-b-o-f-i-x\NULL
c:\c-o-m-b-o-f-i-x\OSid.vbs
c:\c-o-m-b-o-f-i-x\OsVer
c:\c-o-m-b-o-f-i-x\PEV.cfxxe
c:\c-o-m-b-o-f-i-x\pev.exe
c:\c-o-m-b-o-f-i-x\PING.cfxxe
c:\c-o-m-b-o-f-i-x\Policies.dat
c:\c-o-m-b-o-f-i-x\Prep.inf
c:\c-o-m-b-o-f-i-x\Purity.dat
c:\c-o-m-b-o-f-i-x\PV.cfxxe
c:\c-o-m-b-o-f-i-x\pv.com
c:\c-o-m-b-o-f-i-x\RCLink.dat
c:\c-o-m-b-o-f-i-x\REGDACL.sed
c:\c-o-m-b-o-f-i-x\RegDo.sed
c:\c-o-m-b-o-f-i-x\region.dat
c:\c-o-m-b-o-f-i-x\RegScan.cmd
c:\c-o-m-b-o-f-i-x\RegScan64.cmd
c:\c-o-m-b-o-f-i-x\Resident.txt
c:\c-o-m-b-o-f-i-x\restore_pt.vbs
c:\c-o-m-b-o-f-i-x\Rkey.cmd
c:\c-o-m-b-o-f-i-x\rogues.dat
c:\c-o-m-b-o-f-i-x\ROUTE.cfxxe
c:\c-o-m-b-o-f-i-x\run2.sed
c:\c-o-m-b-o-f-i-x\Rust.str
c:\c-o-m-b-o-f-i-x\safeboot.dat
c:\c-o-m-b-o-f-i-x\safeboot.def.dat
c:\c-o-m-b-o-f-i-x\safeboot.def.vista.dat
c:\c-o-m-b-o-f-i-x\Safeboot.def.w7.dat
c:\c-o-m-b-o-f-i-x\sed.cfxxe
c:\c-o-m-b-o-f-i-x\SetEnvmt.bat
c:\c-o-m-b-o-f-i-x\setpath.cfxxe
c:\c-o-m-b-o-f-i-x\SF.exe
c:\c-o-m-b-o-f-i-x\sfx.cmd
c:\c-o-m-b-o-f-i-x\SnapShot.cmd
c:\c-o-m-b-o-f-i-x\SRestore.cmd
c:\c-o-m-b-o-f-i-x\srizbi.md5
c:\c-o-m-b-o-f-i-x\Start_dat
c:\c-o-m-b-o-f-i-x\SuppScan.cmd
c:\c-o-m-b-o-f-i-x\svc_wht.dat
c:\c-o-m-b-o-f-i-x\SvcDrv.vbs
c:\c-o-m-b-o-f-i-x\svchost.dat
c:\c-o-m-b-o-f-i-x\svchost.vista.dat
c:\c-o-m-b-o-f-i-x\svchost.w7.dat
c:\c-o-m-b-o-f-i-x\svchost.w7.x64.dat
c:\c-o-m-b-o-f-i-x\SWREG.cfxxe
c:\c-o-m-b-o-f-i-x\swreg.exe
c:\c-o-m-b-o-f-i-x\swsc.cfxxe
c:\c-o-m-b-o-f-i-x\swxcacls.cfxxe
c:\c-o-m-b-o-f-i-x\system_ini.dat
c:\c-o-m-b-o-f-i-x\tail.cfxxe
c:\c-o-m-b-o-f-i-x\toolbar.sed
c:\c-o-m-b-o-f-i-x\Update-CF.cmd
c:\c-o-m-b-o-f-i-x\VerCF.bat
c:\c-o-m-b-o-f-i-x\version.txt
c:\c-o-m-b-o-f-i-x\VInfo
c:\c-o-m-b-o-f-i-x\Vista.krl
c:\c-o-m-b-o-f-i-x\vistareg.dat
c:\c-o-m-b-o-f-i-x\vun.dat
c:\c-o-m-b-o-f-i-x\w_sock.dll
c:\c-o-m-b-o-f-i-x\w2k_sock.dll
c:\c-o-m-b-o-f-i-x\w2kreg.dat
c:\c-o-m-b-o-f-i-x\w7reg.dat
c:\c-o-m-b-o-f-i-x\Wmi_rem.vbs
c:\c-o-m-b-o-f-i-x\xpreg.dat
c:\c-o-m-b-o-f-i-x\zDomain.dat
c:\c-o-m-b-o-f-i-x\zhsvc.dat
c:\c-o-m-b-o-f-i-x\zip.cfxxe
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxAPI.dll
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DIFxInstallLog.txt
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\GEARAspiWDM.inf
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\gearaspiwdmx86.cat
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspi.dll
c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86\GEARAspiWDM.sys
C:\S-m-i-t-f-r-a-u-d-F-i-x.exe
C:\scan
c:\scan\CF18810.cfxxe
c:\scan\mbr.cfxxe
c:\scan\mbr.txt
C:\scan21652s
c:\scan21652s\023.dat
c:\scan21652s\023v.dat
c:\scan21652s\023w7.dat
c:\scan21652s\AllDrivesFolders
c:\scan21652s\appdata.folder.dat
c:\scan21652s\appinit.bad
c:\scan21652s\asp.str
c:\scan21652s\Assoc.cmd
c:\scan21652s\ATTRIB.cfxxe
c:\scan21652s\av.cmd
c:\scan21652s\av.vbs
c:\scan21652s\AWF.cmd
c:\scan21652s\badclsid
c:\scan21652s\BHO.dat
c:\scan21652s\BHOFiles.dat
c:\scan21652s\BHOQuery.dat
c:\scan21652s\BitsPath
c:\scan21652s\BitsStr
c:\scan21652s\Boot-Rk.cmd
c:\scan21652s\Boot.bat
c:\scan21652s\BootSect.dll
c:\scan21652s\c.mrk
c:\scan21652s\cache.folder.dat
c:\scan21652s\Catch-sub.cmd
c:\scan21652s\catch_E.dat
c:\scan21652s\catch_k.dat
c:\scan21652s\Catchlog
c:\scan21652s\catchme.cfxxe
c:\scan21652s\Catchme.tmp
c:\scan21652s\CCS.bat
c:\scan21652s\CF30187.cfxxe
c:\scan21652s\cfrun
c:\scan21652s\CFVersionOld
c:\scan21652s\CHCP.bat
c:\scan21652s\ClistB.dat
c:\scan21652s\clsid.dat
c:\scan21652s\ComboFix-Download.cfxxe
c:\scan21652s\ComboFix.txt
c:\scan21652s\ConEnv.sed
c:\scan21652s\Create.cmd
c:\scan21652s\Creg.dat
c:\scan21652s\CregB.dat
c:\scan21652s\CregC.cmd
c:\scan21652s\CregC.dat
c:\scan21652s\CSCRIPT.cfxxe
c:\scan21652s\CSet.cmd
c:\scan21652s\d-del4AV.dat
c:\scan21652s\dd.cfxxe
c:\scan21652s\ddsDo.sed
c:\scan21652s\DelClsid.bat
c:\scan21652s\delclsid00
c:\scan21652s\DelClsid64.bat
c:\scan21652s\dll_whitelist.dat
c:\scan21652s\dnd.dat
c:\scan21652s\dollar_log.dat
c:\scan21652s\DPF.str
c:\scan21652s\drev.dat
c:\scan21652s\Drive.folder.dat
c:\scan21652s\DrivesB.dat
c:\scan21652s\DrvRun.vbs
c:\scan21652s\dumphive.cfxxe
c:\scan21652s\Eddy.user.cf
c:\scan21652s\embedded.sed
c:\scan21652s\Env.sed
c:\scan21652s\ERDNT.e_e
c:\scan21652s\ERDNTDOS.LOC
c:\scan21652s\ERDNTWIN.LOC
c:\scan21652s\ErrTrap1
c:\scan21652s\ERUNT.cfxxe
c:\scan21652s\erunt.dat
c:\scan21652s\ERUNT.LOC
c:\scan21652s\Exe.reg
c:\scan21652s\extract.cfxxe
c:\scan21652s\f_system
c:\scan21652s\F3m.mrk
c:\scan21652s\FD-SV.cmd
c:\scan21652s\FdsvOK
c:\scan21652s\ffdefstr.dll
c:\scan21652s\FileKill.cfxxe
c:\scan21652s\files.pif
c:\scan21652s\Fin.dat
c:\scan21652s\FIND3M.bat
c:\scan21652s\FIXLSP.bat
c:\scan21652s\FKMGen.cmd
c:\scan21652s\ForeignWht
c:\scan21652s\Gateway
c:\scan21652s\GetHive.cmd
c:\scan21652s\grep.cfxxe
c:\scan21652s\gsar.cfxxe
c:\scan21652s\handle.cfxxe
c:\scan21652s\HDCntrl01
c:\scan21652s\hidec.exe
c:\scan21652s\history.bat
c:\scan21652s\iexplore.exe
c:\scan21652s\image001.gif
c:\scan21652s\index.dat
c:\scan21652s\katch.cmd
c:\scan21652s\katchNT-OS
c:\scan21652s\kmd.dat
c:\scan21652s\L_Beep00
c:\scan21652s\Lang.bat
c:\scan21652s\LegacyFull
c:\scan21652s\LegacyNoSvc
c:\scan21652s\lnkread.vbs
c:\scan21652s\localappdata.folder.dat
c:\scan21652s\LocalService.dat
c:\scan21652s\LocalServiceNetworkRestricted.dat
c:\scan21652s\LocalSettings.folder.dat
c:\scan21652s\LocalSystemNetworkRestricted.dat
c:\scan21652s\LSPDone
c:\scan21652s\mbr.cfxxe
c:\scan21652s\mbr.log
c:\scan21652s\mbr.txt
c:\scan21652s\mbr00
c:\scan21652s\mbr01
c:\scan21652s\md5sum.pif
c:\scan21652s\Mirrors
c:\scan21652s\MissingFiles.dat
c:\scan21652s\MoveIt.bat
c:\scan21652s\mtee.cfxxe
c:\scan21652s\MUI
c:\scan21652s\MWindows.dat
c:\scan21652s\mynul.dat
c:\scan21652s\mypictures.folder.dat
c:\scan21652s\n.pif
c:\scan21652s\N_\13505
c:\scan21652s\N_\17401
c:\scan21652s\N_\23431
c:\scan21652s\N_\25465
c:\scan21652s\N_\26142
c:\scan21652s\N_\26321
c:\scan21652s\N_\27801
c:\scan21652s\N_\29236
c:\scan21652s\N_\29798
c:\scan21652s\N_\3351
c:\scan21652s\N_\3749
c:\scan21652s\N_\5330
c:\scan21652s\N_\9199
c:\scan21652s\N_\9234
c:\scan21652s\ncmd.com
c:\scan21652s\ND_.bat
c:\scan21652s\ndis_combofix.dat
c:\scan21652s\netsvc.bad.dat
c:\scan21652s\netsvc.dat
c:\scan21652s\netsvc.xp.dat
c:\scan21652s\NetworkService.dat
c:\scan21652s\NirCmd.cfxxe
c:\scan21652s\NircmdB.exe
c:\scan21652s\NirCmdC.cfxxe
c:\scan21652s\NlsLanguageDefault
c:\scan21652s\notifykeys.dat
c:\scan21652s\notifykeysB.dat
c:\scan21652s\NoUpdateCF
c:\scan21652s\NoX2del
c:\scan21652s\NT-OS.cmd
c:\scan21652s\NULL
c:\scan21652s\OriO4Files.dat
c:\scan21652s\OsId.txt
c:\scan21652s\OSid.vbs
c:\scan21652s\OsVer
c:\scan21652s\patched.af
c:\scan21652s\PathSearch
c:\scan21652s\pend.txt
c:\scan21652s\PEV.cfxxe
c:\scan21652s\pev.exe
c:\scan21652s\PING.cfxxe
c:\scan21652s\Policies.dat
c:\scan21652s\powp.dat
c:\scan21652s\PreDIR
c:\scan21652s\Prep.inf
c:\scan21652s\Profiles.Folder.dat
c:\scan21652s\Profiles.Folder.folder.dat
c:\scan21652s\progfile.dat
c:\scan21652s\Purity.dat
c:\scan21652s\PV.cfxxe
c:\scan21652s\pv.com
c:\scan21652s\RCLink.dat
c:\scan21652s\RcVer00
c:\scan21652s\REGDACL.sed
c:\scan21652s\RegDo.sed
c:\scan21652s\region.dat
c:\scan21652s\RegRun01
c:\scan21652s\RegScan.cmd
c:\scan21652s\RegScan64.cmd
c:\scan21652s\REGT.cfxxe
c:\scan21652s\RenVDel.dat
c:\scan21652s\Resident.txt
c:\scan21652s\Rkey.cmd
c:\scan21652s\rogues.dat
c:\scan21652s\ROUTE.cfxxe
c:\scan21652s\run.sed
c:\scan21652s\run2.sed
c:\scan21652s\Rust.str
c:\scan21652s\safeboot.dat
c:\scan21652s\safeboot.def.dat
c:\scan21652s\safeboot.def.vista.dat
c:\scan21652s\Safeboot.def.w7.dat
c:\scan21652s\sed.cfxxe
c:\scan21652s\ServiceFiles.dat
c:\scan21652s\SetEnvmt.bat
c:\scan21652s\SetPath.bat
c:\scan21652s\setpath.cfxxe
c:\scan21652s\SF.exe
c:\scan21652s\sfx.cmd
c:\scan21652s\snapshot.00.dat
c:\scan21652s\SnapShot.cmd
c:\scan21652s\SRestore.cmd
c:\scan21652s\srizbi.md5
c:\scan21652s\Start_dat
c:\scan21652s\startup.folder.dat
c:\scan21652s\SuppScan.cmd
c:\scan21652s\suspect_netsvcs.dat
c:\scan21652s\SuspectB_netsvc.dat
c:\scan21652s\suspectSvc.dat
c:\scan21652s\svc_wht.dat
c:\scan21652s\SvcCovered
c:\scan21652s\SvcDiff
c:\scan21652s\SvcDrv.vbs
c:\scan21652s\SvcDump
c:\scan21652s\SvcDumpB
c:\scan21652s\SvcDumpFull
c:\scan21652s\SvcFull
c:\scan21652s\svchost.dat
c:\scan21652s\svchost.w7.dat
c:\scan21652s\svchost.w7.x64.dat
c:\scan21652s\svclist.dat
c:\scan21652s\SvcTarget.dat
c:\scan21652s\SvcTempAa
c:\scan21652s\SWREG.cfxxe
c:\scan21652s\swreg.exe
c:\scan21652s\swsc.cfxxe
c:\scan21652s\swxcacls.cfxxe
c:\scan21652s\SysPath.dat
c:\scan21652s\system_ini.dat
c:\scan21652s\tail.cfxxe
c:\scan21652s\temp0900
c:\scan21652s\temp2000
c:\scan21652s\temp4000
c:\scan21652s\temp5000
c:\scan21652s\Thumbs.db
c:\scan21652s\toolbar.sed
c:\scan21652s\unhand.dat
c:\scan21652s\Unhandled.dat
c:\scan21652s\Update-CF.cmd
c:\scan21652s\UploadThese
c:\scan21652s\V-FilesB.dat
c:\scan21652s\v-tmp.dat
c:\scan21652s\v_str.dat
c:\scan21652s\v_wht.dat
c:\scan21652s\VerCF.bat
c:\scan21652s\version.txt
c:\scan21652s\VikPev00
c:\scan21652s\Vikpev01
c:\scan21652s\Vipev.dat
c:\scan21652s\Vista.krl
c:\scan21652s\vRun_DLL
c:\scan21652s\vun.dat
c:\scan21652s\whiteAll.dat
c:\scan21652s\whitedir.dat
c:\scan21652s\whitedirCreated.dat
c:\scan21652s\Wmi_rem.vbs
c:\scan21652s\WrgNameDLL
c:\scan21652s\XPSBoot.reg
c:\scan21652s\zDomain.dat
c:\scan21652s\zip.cfxxe
c:\scan21652s\Zlob01
C:\SmitfraudFix
c:\smitfraudfix\404Fix.exe
c:\smitfraudfix\Agent.OMZ.Fix.exe
c:\smitfraudfix\beep_2K_original.sys
c:\smitfraudfix\beep_XP_original.sys
c:\smitfraudfix\dumphive.exe
c:\smitfraudfix\exit.exe
c:\smitfraudfix\GenericRenosFix.exe
c:\smitfraudfix\HostsChk.exe
c:\smitfraudfix\IEDFix.C.exe
c:\smitfraudfix\IEDFix.exe
c:\smitfraudfix\o4Patch.exe
c:\smitfraudfix\Policies.exe
c:\smitfraudfix\Process.exe
c:\smitfraudfix\ProxyDisable.exe
c:\smitfraudfix\Reboot.exe
c:\smitfraudfix\restart.exe
c:\smitfraudfix\SmitfraudFix.cmd
c:\smitfraudfix\SmiUpdate.exe
c:\smitfraudfix\SrchSTS.exe
c:\smitfraudfix\swreg.exe
c:\smitfraudfix\swsc.exe
c:\smitfraudfix\swxcacls.exe
c:\smitfraudfix\UIFix.exe
c:\smitfraudfix\unzip.exe
c:\smitfraudfix\VACFix.exe
c:\smitfraudfix\VCCLSID.exe
c:\smitfraudfix\WS2Fix.exe
c:\users\eddy\appdata\roaming\GetValue.vbs
c:\users\eddy\appdata\roaming\SetValue.bat

.
((((((((((((((((((((   Bestanden Gemaakt van 2010-06-07 to 2010-07-07  ))))))))))))))))))))))))))))))
.

2010-06-26 15:18 . 2010-06-26 15:20	305297	----a-w-	C:\BdUninstallTool2010.06.26-05.18.28.reg
2010-06-26 08:16 . 2010-06-26 08:16	--------	d-----w-	c:\program files\IncrediMail
2010-06-25 13:19 . 2010-06-25 13:19	--------	d-----w-	c:\program files\Common Files\Java
2010-06-25 10:18 . 2009-05-18 11:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2010-06-25 10:18 . 2008-04-17 10:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2010-06-25 10:17 . 2010-06-25 10:17	--------	d-----w-	c:\program files\iPod
2010-06-25 10:17 . 2010-06-25 10:18	--------	d-----w-	c:\program files\iTunes
2010-06-25 10:13 . 2010-06-25 10:13	--------	d-----w-	c:\program files\Bonjour
2010-06-25 10:12 . 2010-06-25 10:12	72504	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-24 09:27 . 2010-06-24 09:27	--------	d-----w-	c:\users\Eddy\AppData\Local\ReaJPEG
2010-06-24 08:45 . 2010-06-24 08:45	44544	------w-	c:\windows\AWuninstall.exe
2010-06-24 08:45 . 2010-06-24 08:45	--------	d-----w-	c:\program files\Lokas
2010-06-24 07:29 . 2009-11-08 08:55	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-06-24 07:29 . 2009-11-08 08:55	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-06-24 07:29 . 2009-11-08 08:55	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-06-24 07:29 . 2009-11-08 08:55	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-06-24 07:29 . 2009-11-08 08:55	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-06-24 05:45 . 2010-04-16 16:43	28672	----a-w-	c:\windows\system32\Apphlpdm.dll
2010-06-24 05:45 . 2010-04-16 14:39	4240384	----a-w-	c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-20 19:24 . 2010-06-20 19:24	--------	d-----w-	c:\programdata\PhotoMail
2010-06-20 19:24 . 2010-06-20 19:24	--------	d-----w-	c:\program files\PhotoMail Maker
2010-06-16 08:17 . 2010-06-16 08:17	--------	d-----w-	c:\users\Eddy\AppData\Roaming\No Company Name
2010-06-16 07:56 . 2010-06-16 07:56	--------	d-----w-	c:\programdata\eSellerate
2010-06-16 07:56 . 2010-06-16 13:55	--------	d-----w-	c:\programdata\SmartSound Software Inc
2010-06-16 07:56 . 2010-06-16 07:56	--------	d-----w-	c:\program files\SmartSound Software

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-07 13:07 . 2006-11-02 16:11	735382	----a-w-	c:\windows\system32\perfh013.dat
2010-07-07 13:07 . 2006-11-02 16:11	152096	----a-w-	c:\windows\system32\perfc013.dat
2010-07-06 12:49 . 2009-04-04 15:22	--------	d-----w-	c:\users\Eddy\AppData\Roaming\uTorrent
2010-07-05 15:18 . 2009-10-19 15:04	72784	----a-w-	c:\windows\system32\drivers\BdfNdisf6.sys
2010-07-05 15:11 . 2010-07-05 14:59	--------	d-----w-	c:\programdata\BitDefender
2010-07-05 15:00 . 2010-07-05 14:59	--------	d-----w-	c:\users\Eddy\AppData\Roaming\BitDefender
2010-07-05 15:00 . 2010-07-05 14:58	--------	d-----w-	c:\program files\Common Files\BitDefender
2010-07-05 14:59 . 2010-04-12 07:46	--------	d-----w-	c:\program files\BitDefender
2010-07-05 14:53 . 2010-07-05 14:51	227024	----a-w-	C:\BdUninstallTool2010.07.05-04.51.03.reg
2010-07-05 14:23 . 2009-05-14 10:53	--------	d-----w-	c:\programdata\Zylom
2010-06-30 13:57 . 2009-12-03 09:16	--------	d-----w-	c:\programdata\PrinterShare
2010-06-25 15:01 . 2009-06-12 16:01	--------	d-----w-	c:\users\Eddy\AppData\Roaming\Apple Computer
2010-06-25 13:19 . 2010-05-11 06:47	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-06-25 10:17 . 2009-06-12 15:58	--------	d-----w-	c:\program files\Common Files\Apple
2010-06-24 09:28 . 2010-04-24 13:24	--------	d-----w-	c:\program files\WatermarkSoftware
2010-06-17 06:45 . 2007-12-06 07:16	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-06-16 09:50 . 2009-07-05 14:42	--------	d-----w-	c:\users\Eddy\AppData\Roaming\Download Manager
2010-06-16 08:45 . 2008-05-27 14:31	108712	----a-w-	c:\users\Eddy\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-16 08:17 . 2009-04-04 11:28	--------	d-----w-	c:\programdata\FLEXnet
2010-06-16 07:54 . 2009-07-14 12:54	--------	d-----w-	c:\program files\Common Files\PX Storage Engine
2010-06-16 07:54 . 2007-12-06 07:59	--------	d-----w-	c:\program files\Common Files\Adobe
2010-06-09 08:17 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-06-09 07:31 . 2007-12-06 07:20	--------	d-----w-	c:\programdata\Microsoft Help
2010-06-05 08:21 . 2010-06-05 08:21	--------	d-----w-	c:\program files\Project1
2010-06-05 08:21 . 2010-06-05 08:05	249856	------w-	c:\windows\Setup1.exe
2010-06-05 08:21 . 2010-06-05 08:05	73216	----a-w-	c:\windows\ST6UNST.EXE
2010-06-05 08:09 . 2010-06-05 08:09	--------	d-----w-	c:\program files\LottoPro 2009
2010-06-04 07:35 . 2010-03-17 16:58	--------	d-----w-	c:\users\Eddy\AppData\Roaming\OxelonMC
2010-06-04 06:55 . 2008-05-28 09:18	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-06-04 06:38 . 2010-06-04 06:16	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-06-04 06:31 . 2010-06-04 06:31	34805	----a-w-	c:\programdata\nvModes.dat
2010-06-04 06:31 . 2007-12-06 07:12	--------	d-----w-	c:\programdata\NVIDIA
2010-06-03 17:25 . 2010-06-03 17:25	--------	d-----w-	c:\program files\Uniblue
2010-06-01 05:49 . 2010-06-01 05:49	4	----a-w-	c:\windows\system32\aspdict-en.dat
2010-06-01 05:49 . 2010-06-01 05:49	16	----a-w-	c:\windows\system32\asdict.dat
2010-05-29 09:40 . 2010-05-29 09:40	--------	d-----w-	c:\users\Eddy\AppData\Roaming\JLC's Software
2010-05-29 09:39 . 2010-05-29 09:39	--------	d-----w-	c:\program files\JLC's Software
2010-05-26 17:06 . 2010-06-09 05:44	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-09 05:44	289792	----a-w-	c:\windows\system32\atmfd.dll
2010-05-26 07:46 . 2009-04-04 09:27	--------	d-----w-	c:\program files\Microsoft
2010-05-21 12:14 . 2010-04-11 13:37	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-20 11:57 . 2009-05-24 08:57	--------	d-----w-	c:\users\Eddy\AppData\Roaming\Test-A
2010-05-18 14:35 . 2010-05-18 14:35	91424	----a-w-	c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35	197920	----a-w-	c:\windows\system32\dnssdX.dll
2010-05-18 14:35 . 2010-05-18 14:35	107808	----a-w-	c:\windows\system32\dns-sd.exe
2010-05-16 07:56 . 2009-04-13 11:10	--------	d-----w-	c:\program files\Google
2010-05-11 06:47 . 2009-04-04 07:16	--------	d-----w-	c:\program files\Java
2010-05-05 07:23 . 2010-05-05 07:23	--------	d-----w-	c:\windows\Fonts\Fonts
2010-05-04 05:59 . 2010-06-09 05:44	916480	----a-w-	c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-09 05:44	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-09 05:44	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-09 05:44	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-09 05:44	2037248	----a-w-	c:\windows\system32\win32k.sys
2010-05-01 06:36 . 2010-02-22 10:45	7592	----a-w-	c:\users\Eddy\AppData\Local\d3d9caps.dat
2010-04-28 12:53 . 2010-04-28 12:55	3974440	----a-w-	c:\windows\system32\AdvrCntr3.dll
2010-04-27 09:40 . 2010-05-20 12:00	16384	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\MTPC-MTTG\Syncfusion.Tools.Base.dll
2010-04-26 14:39 . 2010-05-20 12:00	24576	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\SystemInfo\SystemInfoLib.dll
2010-04-26 14:39 . 2010-05-20 12:00	20480	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\SystemInfo\SystemInfo.exe
2010-04-26 14:39 . 2010-05-20 12:00	11264	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\SystemInfo\PersonalCode.dll
2010-04-26 14:39 . 2010-05-20 12:00	61440	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\SystemInfo\MultitaxUtilities.dll
2010-04-26 14:39 . 2010-05-20 12:00	40960	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\SystemInfo\ITools.dll
2010-04-26 14:39 . 2010-05-20 12:00	24576	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\Starter\Updater.dll
2010-04-26 14:39 . 2010-05-20 12:00	1511424	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\Starter\MultitaxStarter.exe
2010-04-26 14:39 . 2010-05-20 12:00	36864	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\Starter\ITools.dll
2010-04-26 14:39 . 2010-05-20 12:00	217088	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\Starter\ICSharpCode.SharpZipLib.dll
2010-04-26 14:39 . 2010-05-20 12:00	24576	----a-w-	c:\users\Eddy\AppData\Roaming\Test-A\Multitax2010\2010\Starter\ExceptionHandler.dll
2010-04-23 14:13 . 2010-05-26 05:47	2048	----a-w-	c:\windows\system32\tzres.dll
2010-04-22 11:36 . 2010-04-22 11:36	283648	----a-w-	c:\windows\uninst.exe
2010-04-16 16:43 . 2010-06-24 05:45	173056	----a-w-	c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-24 05:45	458752	----a-w-	c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-24 05:45	542720	----a-w-	c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-24 05:45	2159616	----a-w-	c:\windows\AppPatch\AcGenral.dll
.

(((((((((((((((((((((((((((((   SnapShot_2010-07-05_17.58.52   )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-12-06 07:12 . 2010-07-07 10:22	93472              c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2006-11-02 13:05 . 2010-07-05 17:07	84424              c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-07-07 10:22	84424              c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-05-27 14:32 . 2010-07-07 10:22	18856              c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-786010562-3885121150-2963765948-1000_UserData.bin
- 2008-05-27 14:28 . 2010-07-05 17:04	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-05-27 14:28 . 2010-07-07 10:40	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-05-27 14:28 . 2010-07-07 10:40	65536              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-05-27 14:28 . 2010-07-05 17:04	65536              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-05-27 14:28 . 2010-07-05 17:04	16384              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-05-27 14:28 . 2010-07-07 10:40	16384              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-03 06:43 . 2010-07-06 07:15	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-03 06:43 . 2010-06-22 12:26	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-05-03 06:43 . 2010-07-06 07:15	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-03 06:43 . 2010-06-22 12:26	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-03 06:43 . 2010-07-06 07:15	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-05-03 06:43 . 2010-06-22 12:26	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-05 08:24 . 2010-07-05 17:04	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-05 08:24 . 2010-07-07 10:19	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-05-27 15:16 . 2010-07-05 17:05	40960              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\rtdrvmon.exe
+ 2008-05-27 15:16 . 2010-07-07 10:20	40960              c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\rtdrvmon.exe
- 2009-07-05 08:24 . 2010-07-05 17:04	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-05 08:24 . 2010-07-07 10:19	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-05 08:24 . 2010-07-07 10:19	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-05 08:24 . 2010-07-05 17:04	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-07 10:19 . 2010-07-07 10:19	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-07-05 17:04 . 2010-07-05 17:04	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-07-05 17:04 . 2010-07-05 17:04	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-07 10:19 . 2010-07-07 10:19	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2010-07-07 13:07	655196              c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-06-18 14:55	655196              c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-06-18 14:55	126298              c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-07-07 13:07	126298              c:\windows\System32\perfc009.dat
- 2009-05-01 17:33 . 2010-07-05 13:44	245760              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-05-01 17:33 . 2010-07-07 10:30	245760              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-06-03 15:38 . 2010-07-06 09:15	215650696              c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-04-13 12:47	121392	----a-w-	c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-03 39408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Google Update"="c:\users\Eddy\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-18 133104]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"CAHeadless"="c:\program files\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe" [2009-09-18 615808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 4702208]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-12-07 196128]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2009-04-13 526896]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152]
"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-03-18 1123360]
"AutoLockProcess"="c:\acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe" [2008-01-23 561152]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2006-12-25 319488]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-5-30 113664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-12-6 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
2010-06-30 14:32	353736	----a-w-	c:\program files\IncrediMail\Bin\IncMail.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 14:33	141624	----a-w-	c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-03-29 22:46	1086856	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Eddy\AppData\Local\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):1c,90,67,b4,0b,44,ca,01

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-16 136176]
R2 LMIRescue_c37e8bc0-fee3-400a-803c-3b5fdbaa6ae3;LogMeIn Rescue (c37e8bc0-fee3-400a-803c-3b5fdbaa6ae3);c:\users\Eddy\AppData\Local\Temp\LMI986C.tmp\LMI_Rescue_srv.exe [x]
R3 Arrakis3;BitDefender Arrakis-server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 183880]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2007-12-16 75776]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S0 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver;c:\windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [2008-01-10 22048]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2008-01-29 11392]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2010-07-05 72784]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-01-19 85128]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\DRIVERS\eLock2FSCTLDriver.sys [2008-01-23 86048]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-02-03 153448]


--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - 42FCA629
*NewlyCreated* - 4AC70A6C
*Deregistered* - 42fca629
*Deregistered* - 4ac70a6c

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bdx	REG_MULTI_SZ   	scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map

2010-07-07 c:\windows\Tasks\1-klik Onderhoud.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:51]

2010-07-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-13 08:46]

2010-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-16 07:54]

2010-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-16 07:54]

2010-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-786010562-3885121150-2963765948-1000Core.job
- c:\users\Eddy\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-18 14:49]

2010-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-786010562-3885121150-2963765948-1000UA.job
- c:\users\Eddy\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-18 14:49]

2010-07-07 c:\windows\Tasks\User_Feed_Synchronization-{4D4AA6C7-C1FB-4CD5-83A3-F10056D36B3F}.job
- c:\windows\system32\msfeedssync.exe [2010-06-09 04:30]
.
.
------- Bijkomende Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-07 17:24
Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-786010562-3885121150-2963765948-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BD04728F-9192-6B05-B051-4594A84D0BF9}*]
"hakmfkdlbpeomjbn"=hex:6a,61,65,70,6c,66,6e,65,67,6e,6a,6a,69,64,62,63,6b,66,
   63,6c,00,07
"iaincidjhffejbbbdd"=hex:6a,61,65,70,6c,66,6e,65,67,6e,6a,6a,69,64,62,63,6b,66,
   63,6c,00,08

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-07-07  17:33:39
ComboFix-quarantined-files.txt  2010-07-07 15:33
ComboFix2.txt  2010-07-07 09:19
ComboFix3.txt  2010-07-05 18:06
ComboFix4.txt  2010-07-03 10:20
ComboFix5.txt  2010-07-07 14:46

Pre-Run: 74.113.998.848 bytes beschikbaar
Post-Run: 73.834.749.952 bytes beschikbaar

- - End Of File - - 7A0749185FD6CB0DFE4972F1AA968D85
