Ok, bedankt voor je tijd en hulp!
Hieronder de Combofix log.
ComboFix 09-08-10.06 - Ewimas 13-08-2009 22:52.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.1978.1127 [GMT 2:00]
Gestart vanuit: c:\users\Ewimas\Desktop\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-4257597610-3630639476-2486901091-500
c:\windows\Installer\1b747.msi
c:\windows\Installer\1b74b.msi
c:\windows\Installer\1b74f.msi
c:\windows\Installer\1b753.msi
c:\windows\Installer\1b757.msi
c:\windows\Installer\1b75f.msi
c:\windows\Installer\28e68a.msi
c:\windows\system32\w32apiw.dll
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-07-13 to 2009-08-13 ))))))))))))))))))))))))))))))
.
2009-08-13 21:00 . 2009-08-13 21:00 -------- d-----w- c:\users\Ewimas\AppData\Local\temp
2009-08-13 21:00 . 2009-08-13 21:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-13 06:30 . 2009-07-13 08:00 87888 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\NAVENG.SYS
2009-08-13 06:30 . 2009-07-13 08:00 875728 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\NAVEX15.SYS
2009-08-13 06:30 . 2009-07-09 08:00 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\NAVENG32.DLL
2009-08-13 06:30 . 2009-07-09 08:00 1181040 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\NAVEX32A.DLL
2009-08-13 06:30 . 2009-07-09 08:00 101936 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\ERASER.SYS
2009-08-13 06:30 . 2009-07-09 08:00 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\EECTRL.SYS
2009-08-13 06:30 . 2009-07-09 08:00 259368 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\ECMSVR32.DLL
2009-08-13 06:30 . 2009-07-09 08:00 2414128 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090812.033\CCERASER.DLL
2009-08-12 22:06 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-12 22:06 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-12 22:06 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-12 22:06 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-12 22:06 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-12 22:06 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-12 22:06 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-12 22:06 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-12 19:34 . 2009-08-12 19:34 -------- d-----w- C:\Sounds
2009-08-12 06:38 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSXpx86.sys
2009-08-12 06:38 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSvix86.sys
2009-08-12 06:38 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\Scxpx86.dll
2009-08-12 06:38 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSxpx86.dll
2009-08-12 06:38 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSviA64.sys
2009-08-12 05:51 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-12 05:51 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-12 05:51 . 2009-06-04 12:07 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-12 05:51 . 2009-06-10 11:38 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-12 05:51 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-12 05:51 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-12 05:51 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-12 05:51 . 2009-07-15 12:40 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-09 19:54 . 2009-08-09 20:35 -------- d-----w- c:\users\Ewimas\AppData\Local\Ahead
2009-08-09 19:47 . 2009-08-09 19:48 -------- d-----w- c:\users\Ewimas\AppData\Local\Adobe
2009-08-09 14:42 . 2009-07-03 14:49 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-09 10:13 . 2009-08-09 10:13 -------- dc----w- c:\windows\system32\DRVSTORE
2009-08-09 10:13 . 2009-07-03 14:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-08-09 10:09 . 2009-07-08 17:28 2920112 -c--a-w- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
2009-08-09 10:08 . 2009-08-09 10:13 -------- d-----w- c:\programdata\Lavasoft
2009-08-09 10:08 . 2009-08-09 10:08 -------- d-----w- c:\program files\Lavasoft
2009-08-05 19:16 . 2009-08-05 19:16 -------- d-----w- c:\program files\Norton Support
2009-08-05 19:16 . 2009-08-05 19:16 -------- d-----w- c:\users\Ewimas\AppData\Local\Symantec
2009-07-31 06:06 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSXpx86.sys
2009-07-31 06:06 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\Scxpx86.dll
2009-07-31 06:06 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSvix86.sys
2009-07-31 06:06 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSxpx86.dll
2009-07-31 06:06 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090730.003\IDSviA64.sys
2009-07-29 19:11 . 2009-07-29 19:11 -------- d-----w- c:\users\Ewimas\AppData\Roaming\dvdcss
2009-07-29 16:50 . 2009-07-29 16:55 -------- d-----w- C:\DVDVOLUME
2009-07-28 20:13 . 2009-08-09 19:18 -------- d-----w- c:\users\Ewimas\AppData\Roaming\CyberLink
2009-07-28 20:13 . 2009-07-28 20:13 -------- d-----w- c:\users\Public\Recorded TV
2009-07-28 20:13 . 2009-07-28 20:32 -------- d-----w- c:\users\Ewimas\AppData\Local\QuickPlay
2009-07-28 19:50 . 2009-07-28 19:50 -------- d-----w- c:\program files\ImTOO
2009-07-28 19:22 . 2009-07-30 08:12 -------- d-----w- c:\programdata\DVD Shrink
2009-07-28 19:22 . 2009-07-28 19:22 -------- d-----w- c:\program files\DVD Shrink
2009-07-28 14:01 . 2009-07-28 14:17 -------- d-----w- c:\users\Ewimas\AppData\Roaming\GlarySoft
2009-07-28 13:49 . 2009-07-28 13:49 -------- d-----w- c:\program files\Glary Utilities
2009-07-28 13:49 . 2009-07-28 13:49 -------- d-----w- c:\users\Ewimas\AppData\Roaming\nCleaner
2009-07-28 13:48 . 2009-07-28 13:48 -------- d-----w- c:\program files\NKProds
2009-07-20 08:52 . 2009-08-11 19:12 -------- d-----w- c:\users\Ewimas\AppData\Roaming\vlc
2009-07-20 08:51 . 2009-07-20 08:51 -------- d-----w- c:\program files\VideoLAN
2009-07-20 08:31 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-07-20 08:31 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-07-20 08:31 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-07-20 08:31 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-07-20 08:31 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-07-20 08:31 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-07-20 08:30 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2009-07-20 08:30 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-07-20 08:30 . 2009-07-20 08:33 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-20 08:23 . 2009-07-20 08:23 737280 ----a-w- c:\windows\iun6002.exe
2009-07-19 09:33 . 2007-05-01 08:59 160768 ----a-w- c:\windows\system32\drivers\CHDART.sys
2009-07-19 09:33 . 2007-03-21 17:48 212992 ----a-w- c:\windows\system32\UCI32A19.dll
2009-07-19 09:00 . 2009-07-19 09:00 -------- d-----w- c:\users\Ewimas\AppData\Local\Innovative Solutions
2009-07-19 09:00 . 2009-07-19 09:00 -------- d-----w- c:\programdata\Innovative Solutions
2009-07-17 20:50 . 2009-07-17 20:50 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-07-17 15:31 . 2009-07-17 15:32 -------- d-----w- c:\users\Ewimas\AppData\Roaming\TrueCrypt
2009-07-17 15:27 . 2009-07-17 15:27 217664 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2009-07-17 15:27 . 2009-07-17 15:27 -------- d-----w- c:\program files\TrueCrypt
2009-07-17 15:24 . 2009-07-17 15:24 -------- d-----w- c:\windows\hideseek
2009-07-17 13:35 . 2009-07-17 13:35 -------- d-----w- c:\windows\system32\ca-ES
2009-07-17 13:35 . 2009-07-17 13:35 -------- d-----w- c:\windows\system32\eu-ES
2009-07-17 13:35 . 2009-07-17 13:35 -------- d-----w- c:\windows\system32\vi-VN
2009-07-17 12:29 . 2009-07-17 12:35 -------- d-----w- c:\program files\NoTrax
2009-07-17 11:59 . 2009-07-17 11:59 -------- d-----w- c:\windows\system32\EventProviders
2009-07-17 11:53 . 2009-04-11 06:28 268800 ----a-w- c:\windows\system32\es.dll
2009-07-17 11:52 . 2009-04-11 06:28 29184 ----a-w- c:\windows\system32\wsepno.dll
2009-07-17 11:51 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-07-17 11:51 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-07-17 11:51 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-07-17 11:51 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-07-17 11:51 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-07-17 11:51 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-07-17 11:51 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-07-17 11:51 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2009-07-17 11:51 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-07-17 11:51 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-07-17 11:49 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-07-16 20:45 . 2009-08-13 20:29 -------- d-----w- c:\users\Ewimas\AppData\Local\Eraser
2009-07-16 20:42 . 2009-06-10 13:22 83344 ----a-w- c:\windows\system32\Erasext.dll
2009-07-16 20:42 . 2009-06-10 13:22 307088 ----a-w- c:\windows\system32\Eraser.dll
2009-07-16 20:42 . 2009-06-10 13:22 73104 ----a-w- c:\windows\system32\Eraserl.exe
2009-07-16 20:42 . 2009-07-16 20:42 -------- d-----w- c:\program files\Eraser
2009-07-16 17:48 . 2009-07-27 12:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-16 16:00 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-16 16:00 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2009-07-16 16:00 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-16 16:00 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-16 16:00 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-16 16:00 . 2009-04-11 06:28 34304 ----a-w- c:\windows\system32\atmlib.dll
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-13 20:29 . 2009-07-12 10:12 -------- d-----w- c:\users\Ewimas\AppData\Roaming\uTorrent
2009-08-13 16:10 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-13 16:07 . 2009-07-12 09:38 12 ----a-w- c:\windows\bthservsdp.dat
2009-08-12 22:10 . 2009-07-11 08:34 -------- d-----w- c:\programdata\Microsoft Help
2009-08-12 17:50 . 2009-07-13 10:29 -------- d-----w- c:\program files\LG PC Suite II
2009-08-12 17:41 . 2008-11-22 08:16 667352 ----a-w- c:\windows\system32\perfh013.dat
2009-08-12 17:41 . 2008-11-22 08:16 126854 ----a-w- c:\windows\system32\perfc013.dat
2009-08-10 12:34 . 2009-07-11 08:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-09 10:09 . 2009-07-11 10:09 -------- dc-h--w- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-06 09:01 . 2009-07-13 12:19 -------- d-----w- c:\users\Ewimas\AppData\Roaming\Belastingdienst
2009-08-01 08:29 . 2009-07-14 15:46 -------- d-----w- c:\users\Ewimas\AppData\Roaming\Ahead
2009-08-01 08:29 . 2009-07-14 17:28 -------- d-----w- c:\programdata\FLEXnet
2009-07-28 14:00 . 2008-11-22 00:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-28 14:00 . 2008-11-22 01:07 -------- d-----w- c:\program files\CyberLink
2009-07-26 08:20 . 2008-11-22 00:28 -------- d-----w- c:\programdata\WildTangent
2009-07-21 21:52 . 2009-07-28 22:13 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 22:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 22:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 22:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-20 14:25 . 2009-07-11 09:03 -------- d-----w- c:\program files\CONEXANT
2009-07-17 13:36 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-07-17 13:36 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-07-17 13:36 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-07-17 13:36 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-07-17 13:36 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-07-17 13:35 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-17 12:42 . 2006-11-02 12:35 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.CompositeFont
2009-07-17 11:11 . 2009-07-11 08:42 78352 ----a-w- c:\users\Ewimas\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-16 08:07 . 2009-07-11 08:59 -------- d-----w- c:\program files\Atheros
2009-07-14 20:49 . 2009-07-14 20:49 -------- d-----w- c:\program files\CCleaner
2009-07-14 19:50 . 2008-11-22 01:07 -------- d-----w- c:\programdata\CyberLink
2009-07-14 19:19 . 2009-07-14 19:19 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-14 19:16 . 2009-07-14 19:16 -------- d-----w- c:\users\Ewimas\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-07-14 19:13 . 2009-07-14 19:13 -------- d-----w- c:\users\Ewimas\AppData\Roaming\com.adobe.ExMan
2009-07-14 17:24 . 2009-07-14 17:24 -------- d-----w- c:\program files\Adobe Media Player
2009-07-14 17:15 . 2009-07-14 17:15 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-07-14 16:37 . 2009-07-14 12:35 -------- d-----w- c:\users\Ewimas\AppData\Roaming\Download Manager
2009-07-14 15:46 . 2009-07-14 15:46 -------- d-----w- c:\programdata\Ahead
2009-07-14 15:45 . 2009-07-14 15:43 -------- d-----w- c:\program files\Common Files\Ahead
2009-07-14 15:43 . 2009-07-14 15:43 -------- d-----w- c:\program files\Nero
2009-07-14 15:43 . 2009-07-14 15:43 -------- d-----w- c:\programdata\Nero
2009-07-14 14:57 . 2009-07-14 14:57 -------- d-----w- c:\program files\DVDFab 5
2009-07-14 13:18 . 2009-07-14 13:18 -------- d-----w- c:\program files\7-Zip
2009-07-14 11:27 . 2009-07-14 11:27 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2009-07-14 08:14 . 2009-07-14 08:14 0 --sha-r- c:\windows\system32\drivers\103C_HP_cNB_Presario CQ60 Notebook PC_Y5335KV_0U_Q2CE8501YHQ_E508164-331_4A_I3612_SWistron_V09.54_F.3B_T090513_WV2-1_L413_M1979_J160_7Intel_86FD_91.66_#090711_N10EC8136;168C001C_(NJ832EA#ABH)_XMOBILE_CN10_Z.MRK
2009-07-14 08:14 . 2008-11-21 23:55 -------- d-----w- c:\program files\Hewlett-Packard
2009-07-13 19:54 . 2009-07-11 08:59 -------- d-----w- c:\programdata\Atheros
2009-07-13 19:34 . 2009-07-13 19:34 -------- d-----w- c:\users\Ewimas\AppData\Roaming\hpqLog
2009-07-13 12:18 . 2009-07-13 12:18 -------- d-----w- c:\program files\Belastingdienst
2009-07-13 10:31 . 2009-07-13 10:31 -------- d-----w- c:\program files\LG Electronics
2009-07-13 10:29 . 2009-07-13 10:29 -------- d-----w- c:\users\Ewimas\AppData\Roaming\LG Electronics
2009-07-13 10:27 . 2009-07-13 10:27 -------- d-----w- c:\users\Ewimas\AppData\Roaming\InstallShield
2009-07-13 09:16 . 2009-07-11 20:14 -------- d-----w- c:\users\Ewimas\AppData\Roaming\U3
2009-07-12 18:39 . 2009-07-12 18:38 -------- d-----w- c:\program files\Google
2009-07-12 18:38 . 2009-07-12 18:38 -------- d-----w- c:\programdata\Google Updater
2009-07-12 10:14 . 2009-07-12 10:14 -------- d-----w- c:\program files\uTorrent
2009-07-12 10:11 . 2009-07-12 10:11 -------- d-----w- c:\program files\Bit Che
2009-07-12 10:11 . 2009-07-12 10:11 -------- d-----w- c:\users\Ewimas\AppData\Roaming\Convivea
2009-07-11 19:34 . 2009-07-11 19:34 276344 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-07-11 19:34 . 2009-07-11 19:34 293424 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-07-11 19:34 . 2009-07-11 19:34 533880 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 451960 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-07-11 19:34 . 2009-07-11 19:34 397360 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
2009-07-11 16:40 . 2009-07-11 16:40 680 ----a-w- c:\users\Ewimas\AppData\Local\d3d9caps.dat
2009-07-11 15:04 . 2009-07-11 15:04 -------- d-----w- c:\programdata\Symantec
2009-07-11 14:19 . 2009-07-11 08:36 -------- d-----w- c:\program files\Microsoft Works
2009-07-11 13:17 . 2009-07-11 08:44 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-11 13:08 . 2009-07-11 08:44 -------- d-----w- c:\program files\Symantec
2009-07-11 13:08 . 2009-07-11 08:44 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-07-11 13:08 . 2009-07-11 08:44 7386 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-07-11 13:08 . 2009-07-11 08:44 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-07-11 09:26 . 2009-07-11 09:26 -------- d-----w- c:\program files\Trend Micro
2009-07-11 09:16 . 2008-11-22 00:10 -------- d-----w- c:\programdata\Hewlett-Packard
2009-07-11 09:16 . 2009-07-11 09:16 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-07-11 09:16 . 2009-07-11 09:16 -------- d-----w- c:\program files\muvee Technologies
2009-07-11 09:10 . 2008-08-06 14:29 353840 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-11 09:10 . 2008-08-06 14:27 505392 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-11 09:10 . 2008-11-22 01:08 1066544 ----a-w- c:\windows\system32\MFC71.dll
2009-07-11 09:10 . 2008-11-22 01:08 1053232 ----a-w- c:\windows\system32\MFC71u.dll
2009-07-11 09:09 . 2008-11-22 01:49 -------- d-----w- c:\program files\HP
2009-07-11 09:09 . 2008-11-22 00:10 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-11 09:09 . 2009-07-11 09:09 -------- d-----w- c:\program files\Common Files\LightScribe
2009-07-11 09:02 . 2009-07-11 09:02 -------- d-----w- c:\program files\Realtek
2009-07-11 09:02 . 2009-07-11 09:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-07-11 09:02 . 2009-07-11 09:02 -------- d-----w- c:\program files\Synaptics
2009-07-11 09:00 . 2009-07-11 09:00 -------- d-----w- c:\program files\Intel
2009-07-11 08:59 . 2009-07-11 08:59 -------- d-----w- c:\program files\Cisco
2009-07-11 08:45 . 2008-11-22 00:12 -------- d-----w- c:\programdata\Norton
2009-07-11 08:42 . 2008-11-22 02:00 -------- d-----w- c:\program files\SMINST
2009-07-11 08:40 . 2009-07-11 08:40 -------- d-----w- c:\users\Ewimas\AppData\Roaming\HP TCS
2009-07-11 08:37 . 2009-07-11 08:37 -------- d-----w- c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2009-07-11 08:37 . 2009-07-11 08:37 -------- d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2009-07-11 08:36 . 2009-07-11 08:36 -------- d-----w- c:\program files\Microsoft.NET
2009-07-11 08:32 . 2009-07-11 08:32 -------- d-sh--we c:\programdata\Sjablonen
2009-07-11 08:32 . 2009-07-11 08:32 -------- d-sh--we c:\programdata\Menu Start
2009-07-11 08:32 . 2009-07-11 08:32 -------- d-sh--we c:\programdata\Favorieten
2009-07-11 08:32 . 2009-07-11 08:32 -------- d-sh--we c:\programdata\Documenten
2009-07-11 08:32 . 2009-07-11 08:32 -------- d-sh--we c:\programdata\Bureaublad
2009-06-30 13:36 . 2009-07-26 08:07 18696 ----a-w- c:\windows\Help\OEM\scripts\HC_BatteryReplaceNew.exe
2009-06-30 13:10 . 2009-07-26 08:07 18696 ----a-w- c:\windows\Help\OEM\scripts\HC_BatteryNoTravel.exe
2008-11-22 08:33 . 2008-11-22 08:18 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-07-12 288048]
"Eraser"="c:\program files\Eraser\Eraser.exe" [2009-06-10 334224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-06 210216]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-10 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-10 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-10 145944]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-03-10 506936]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cognac
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):50,cb,21,2d,e4,06,ca,01
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9303A5CD-63F5-4CD7-9693-78AE4CB7ED57}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{C200DFF6-CB88-4D76-921B-93986A31C74E}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{7AD505AC-18A2-4517-93B8-7A851D0C6F9C}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{834197AC-9010-4A4C-ACAC-41EEA943D4F5}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{5E797AC4-80B8-46C9-BA49-477E14B2C48A}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{B7EAF513-6A69-4AC8-8C79-9D2C08B25DEE}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{05570D33-6CF3-443D-9C94-95368B174FCE}"= UDP:5353:Adobe CSI CS4
"{884DA9FC-E0A1-4929-8E1B-53A09FF6C67E}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{FFC794EC-5713-4971-BD48-554143FC985F}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{D175F496-2427-418A-A5C4-05FEB1B92022}"= UDP:3703:Adobe Version Cue CS4 Server
"{F7522F5F-A1D9-4FF2-BF05-CBB32C376183}"= UDP:3704:Adobe Version Cue CS4 Server
"{709CD265-3EBE-4825-A1E5-5665195171A7}"= UDP:51000:Adobe Version Cue CS4 Server
"{9F61290C-771D-4A95-B11D-B8D5FA82EBF1}"= UDP:51001:Adobe Version Cue CS4 Server
"{C289C4AB-3558-4CC8-A167-5371A7EBFC65}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:Adobe Version Cue CS4 Server
"{96EC319E-694A-4B97-AC68-E4466B78ECF8}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:Adobe Version Cue CS4 Server
"{013C9705-23DF-41FD-9F2C-DD7F70CD2E44}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [9-8-2009 12:13 64160]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1005000.087\SymEFA.sys [11-7-2009 15:07 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1005000.087\BHDrvx86.sys [11-7-2009 15:07 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1005000.087\cchpx86.sys [11-7-2009 15:07 482352]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090810.001\IDSvix86.sys [12-8-2009 8:38 293424]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21-1-2008 4:33 21504]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [11-7-2009 15:07 115560]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [22-11-2008 4:00 365952]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9-7-2009 10:00 101936]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [29-6-2008 16:52 112128]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3-7-2009 16:49 1029456]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\NIS\1005000.087\symndisv.sys [11-7-2009 15:07 39984]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [22-11-2008 2:25 239160]
S4 gupdate1ca031ffbfda4f0;Google Updateservice (gupdate1ca031ffbfda4f0);c:\program files\Google\Update\GoogleUpdate.exe [12-7-2009 20:38 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Inhoud van de 'Gedeelde Taken' map
2009-08-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49]
2009-08-13 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-07-28 19:44]
2009-08-13 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-12 18:38]
2009-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-12 18:38]
2009-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-12 18:38]
.
- - - - ORPHANS VERWIJDERD - - - -
HKLM-Run-QPService - files\hp\quickplay\qpservice.exe
.
------- Bijkomende Scan -------
.
uStart Page =
hxxp://www.google.nl/mStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... io&pf=cnnbIE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -
hxxp://download.eset.com/special/eos/OnlineScanner.cabDPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} -
hxxp://www.cyclomedia.nl/download/compo ... peLite.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-08-13 23:00
Windows 6.0.6002 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.5.0.135\diMaster.dll\" /prefetch:1"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2009-08-13 23:03
ComboFix-quarantined-files.txt 2009-08-13 21:03
Pre-Run: 69.694.619.648 bytes beschikbaar
Post-Run: 69.659.136.000 bytes beschikbaar
369 --- E O F --- 2009-08-12 22:10
Inloggen
Registreren
Help
