Archief - bsod tijdens gamen, logje

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:10:30, on 9/08/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\taskeng.exe
D:\Games\Steam\steam.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
D:\Games\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gregory\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [RGSC] D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Steam] "D:\Games\Steam\Steam.exe" -silent
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 3855 bytes

Klik om te vergroten...

• Dubbelklik op Combofix.exe om het te starten.
• Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
• Klik op OK in het "NirCmd" venstertje.
• Klik na afloop terug op Ja om het scannen op malware te starten.
• Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
• Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

ComboFix 09-08-10.06 - Gregory 12/08/2009 0:08.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.2188 [GMT 2:00]
Gestart vanuit: c:\users\Gregory\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\users\Gregory\AppData\Roaming\.#
E:\Autorun.inf


.
(((((((((((((((((((( Bestanden Gemaakt van 2009-07-11 to 2009-08-11 ))))))))))))))))))))))))))))))
.

2009-08-11 22:13 . 2009-08-11 22:13 -------- d-----w- c:\users\Gregory\AppData\Local\temp
2009-08-11 22:13 . 2009-08-11 22:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-11 00:33 . 2009-08-11 00:33 -------- d-----w- c:\program files\AC3Filter
2009-08-10 23:11 . 2009-08-10 23:30 -------- d-----w- c:\users\Gregory\AppData\Local\Microsoft Games
2009-08-10 21:54 . 2009-08-11 20:49 -------- d-----w- c:\users\Gregory\AppData\Roaming\mIRC
2009-08-10 21:54 . 2009-08-10 21:54 -------- d-----w- c:\program files\mIRC
2009-08-10 01:18 . 2009-08-10 01:18 -------- d-----w- c:\users\Gregory\AppData\Roaming\DivX
2009-08-09 23:09 . 2009-08-09 23:09 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-08-09 23:09 . 2009-08-09 23:09 -------- d-----w- c:\program files\OpenAL
2009-08-09 23:09 . 2009-08-09 23:09 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-08-09 23:08 . 2007-07-19 22:57 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
2009-08-09 23:08 . 2007-07-19 22:54 18280 ----a-w- c:\windows\system32\x3daudio1_2.dll
2009-08-09 23:08 . 2007-06-20 18:46 266088 ----a-w- c:\windows\system32\xactengine2_8.dll
2009-08-09 19:24 . 2009-08-09 19:25 -------- d-----w- c:\programdata\Media Center Programs
2009-08-09 19:18 . 2009-08-09 19:19 -------- d-----w- c:\users\Gregory\AppData\Roaming\Ventrilo
2009-08-09 19:15 . 2009-08-09 19:25 -------- d-----w- c:\program files\Common Files\Steam
2009-08-09 19:10 . 2008-10-10 02:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-08-09 19:10 . 2008-10-27 08:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2009-08-09 19:10 . 2008-10-27 08:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2009-08-09 19:10 . 2008-10-27 08:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2009-08-09 19:10 . 2008-07-30 04:20 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-08-09 19:10 . 2008-07-30 04:20 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-08-09 19:10 . 2008-07-10 09:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-08-09 19:10 . 2008-05-30 12:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2009-08-09 18:56 . 2007-07-19 16:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2009-08-09 18:56 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2009-08-09 18:56 . 2007-07-19 16:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2009-08-09 18:50 . 2009-08-09 18:50 -------- d-----w- c:\program files\Microsoft Works
2009-08-09 18:49 . 2009-08-09 18:49 -------- d-----w- c:\windows\PCHEALTH
2009-08-09 18:49 . 2009-08-09 18:49 -------- d-----w- c:\program files\Microsoft.NET
2009-08-09 18:47 . 2009-08-09 18:47 -------- d-----w- c:\users\Gregory\AppData\Local\Microsoft Help
2009-08-09 18:47 . 2009-08-09 18:51 -------- d-----w- c:\programdata\Microsoft Help
2009-08-09 18:46 . 2009-08-09 18:46 -------- d--h--r- C:\MSOCache
2009-08-09 18:44 . 2009-08-09 18:44 -------- d-----w- c:\programdata\Hewlett-Packard
2009-08-09 18:44 . 2009-08-09 18:44 -------- d-----w- c:\programdata\HP
2009-08-09 18:43 . 2007-03-30 15:11 267864 ----a-w- c:\windows\system32\hpzids01.dll
2009-08-09 18:43 . 2007-03-28 12:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2009-08-09 18:40 . 2009-08-09 18:41 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2009-08-09 18:24 . 2009-08-09 18:24 -------- d-----w- c:\program files\DivX
2009-08-09 18:23 . 2009-08-09 18:24 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-08-09 18:22 . 2009-08-09 18:22 -------- d-----w- c:\program files\Gabest
2009-08-09 18:01 . 2009-08-09 18:01 -------- d-----w- c:\users\Gregory\AppData\Local\PunkBuster
2009-08-09 17:55 . 2009-08-11 20:51 139584 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-09 17:55 . 2009-08-09 17:55 22328 ----a-w- c:\users\Gregory\AppData\Roaming\PnkBstrK.sys
2009-08-09 17:55 . 2009-08-11 20:51 189104 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-09 17:55 . 2009-08-09 18:06 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-09 17:32 . 2009-08-09 17:32 -------- d-----w- c:\program files\Ventrilo
2009-08-09 17:23 . 2009-08-09 17:23 -------- d-----w- c:\windows\system32\Macromed
2009-08-09 17:22 . 2009-08-09 19:28 -------- d-----w- C:\Games
2009-08-09 17:21 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-08-09 17:21 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-08-09 17:21 . 2009-06-15 14:53 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-08-09 17:21 . 2009-06-15 14:52 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-08-09 17:21 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2009-08-09 17:21 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-08-09 17:21 . 2009-06-15 12:42 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-08-09 17:21 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-08-09 17:19 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-09 17:19 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-09 17:19 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-09 17:19 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-09 17:19 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-09 17:19 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-09 17:19 . 2009-02-05 20:06 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-08-09 17:19 . 2003-03-18 19:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-08-09 17:19 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-08-09 17:19 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-08-09 17:19 . 2009-08-09 17:19 -------- d-----w- c:\program files\Alwil Software
2009-08-09 17:14 . 2009-08-09 17:14 -------- d-----w- c:\windows\system32\RTCOM
2009-08-09 17:14 . 2009-08-09 17:14 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-08-09 17:14 . 2007-01-02 20:41 1668456 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2009-08-09 17:14 . 2006-12-29 14:59 489472 ----a-w- c:\windows\system32\RtkPgExt.dll
2009-08-09 17:14 . 2006-12-16 20:10 1191936 ----a-w- c:\windows\RtlUpd.exe
2009-08-09 17:14 . 2006-12-13 17:30 339968 ----a-w- c:\windows\system32\SRSTSXT.dll
2009-08-09 17:14 . 2006-11-30 01:47 135168 ----a-w- c:\windows\system32\SRSWOW.dll
2009-08-09 17:14 . 2009-08-09 17:14 -------- d-----w- c:\program files\Realtek
2009-08-09 17:14 . 2006-12-29 18:11 4317184 ----a-w- c:\windows\RtHDVCpl.exe
2009-08-09 17:14 . 2006-12-29 15:03 1814016 ----a-w- c:\windows\system32\RtkAPO.dll
2009-08-09 17:14 . 2006-12-28 03:01 17408 ----a-w- c:\windows\system32\RtkCoInst.dll
2009-08-09 17:13 . 2006-12-16 18:29 499712 ----a-w- c:\windows\RtlExUpd.dll
2009-08-09 17:13 . 2009-08-09 17:13 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-09 17:10 . 2005-12-21 09:23 14592 ----a-w- c:\windows\system32\drivers\USBICP.sys
2009-08-09 17:09 . 2005-11-02 08:54 11596 ----a-w- c:\windows\system32\drivers\copperhd.sys
2009-08-09 17:09 . 2009-08-09 17:09 -------- d-----w- c:\program files\Razer
2009-08-09 17:09 . 2009-08-09 18:01 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-09 17:09 . 2009-08-09 17:09 -------- d-----w- c:\users\Gregory\AppData\Roaming\InstallShield
2009-08-09 17:08 . 2009-08-09 17:08 -------- d-----w- c:\program files\Marvell
2009-08-09 17:06 . 2009-08-09 17:07 -------- d-----w- c:\programdata\NVIDIA
2009-08-09 17:02 . 2009-08-09 17:02 -------- d-----w- c:\windows\system32\AGEIA
2009-08-09 17:02 . 2009-08-09 17:03 -------- d-----w- c:\program files\AGEIA Technologies
2009-08-09 17:02 . 2009-08-09 23:09 -------- d-sh--w- c:\windows\Installer
2009-08-09 17:02 . 2009-08-09 17:32 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-09 17:02 . 2009-03-27 08:03 801312 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-09 17:02 . 2009-03-27 08:03 1108512 ----a-w- c:\windows\system32\nvcpluir.dll
2009-08-09 17:01 . 2009-03-27 06:14 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-08-09 17:01 . 2009-08-09 17:01 -------- d-----w- C:\NVIDIA
2009-08-09 16:59 . 2009-08-09 16:03 -------- d-----w- c:\windows\Panther
2009-08-09 16:58 . 2009-08-09 16:59 -------- d-sh--w- C:\Boot
2009-08-09 16:55 . 2009-08-09 16:56 -------- d-----w- c:\windows\system32\vi-VN
2009-08-09 16:55 . 2009-08-09 16:56 -------- d-----w- c:\windows\system32\eu-ES
2009-08-09 16:55 . 2009-08-09 16:56 -------- d-----w- c:\windows\system32\ca-ES
2009-08-09 16:54 . 2009-08-09 16:54 -------- d-----w- c:\windows\system32\SPReview
2009-08-09 16:48 . 2009-04-10 21:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2009-08-09 16:48 . 2009-04-10 21:27 57856 ----a-w- c:\windows\system32\compcln.exe
2009-08-09 16:42 . 2009-08-09 16:42 -------- d-----w- c:\windows\system32\EventProviders
2009-08-09 16:35 . 2009-08-09 16:35 -------- d-----w- C:\PerfLogs
2009-08-09 16:23 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-09 16:23 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-09 16:23 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-08-09 16:23 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-08-09 16:17 . 2008-01-18 21:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2009-08-09 16:17 . 2008-01-18 21:33 193024 ----a-w- c:\windows\system32\recdisc.exe
2009-08-09 16:16 . 2008-01-18 21:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
2009-08-09 16:13 . 2008-01-18 21:36 47104 ----a-w- c:\windows\system32\Sens.dll
2009-08-09 16:12 . 2007-12-06 04:04 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-08-09 16:12 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-08-09 16:12 . 2008-10-16 11:56 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\users\Default\Sjablonen
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\users\Default\Netwerkprinteromgeving
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\users\Default\Mijn documenten
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\users\Default\Menu Start
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\users\Default\AppData\Local\Geschiedenis
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\programdata\Sjablonen
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\programdata\Menu Start
2009-08-09 16:06 . 2009-08-09 16:06 -------- d-sh--we c:\programdata\Favorieten

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-11 21:45 . 2009-08-09 17:32 -------- d-----w- c:\users\Gregory\AppData\Roaming\Xfire
2009-08-11 18:59 . 2006-11-02 16:11 667114 ----a-w- c:\windows\system32\perfh013.dat
2009-08-11 18:59 . 2006-11-02 16:11 126648 ----a-w- c:\windows\system32\perfc013.dat
2009-08-09 18:54 . 2009-08-09 16:08 74696 ----a-w- c:\users\Gregory\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-09 17:46 . 2009-08-09 17:32 -------- d-----w- c:\programdata\Xfire
2009-08-09 17:37 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-09 17:32 . 2009-08-09 17:32 -------- d-----w- c:\program files\Xfire
2009-08-09 16:59 . 2009-08-09 16:08 680 ----a-w- c:\users\Gregory\AppData\Local\d3d9caps.dat
2009-08-09 16:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-08-09 16:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-08-09 16:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-08-09 16:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-08-09 16:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-09 16:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-08-09 16:55 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-09 16:52 . 2006-11-02 12:37 37665 ----a-w- c:\windows\Fonts\GlobalUserInterface.CompositeFont
2009-08-09 16:30 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-08-09 16:30 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-07-21 21:52 . 2009-08-09 17:33 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-08-09 17:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-08-09 17:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-08-09 17:33 133632 ----a-w- c:\windows\system32\ieUnatt.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\games\Steam\Steam.exe" [2009-08-09 1217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"Copperhead"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-27 734264]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2006-12-29 4317184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):6a,aa,16,e3,12,19,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9F11C213-62E2-4A69-9008-147E2891456A}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{68390282-9843-4EB5-A4AE-B998B3349D10}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"TCP Query User{3961EF7D-1C6F-4D38-8776-0155C25F089C}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{59B9B731-CD40-4F68-8A6B-26758BFC87B3}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"{31B352AF-C047-4554-B26B-EB8C53B4B7B9}"= UDP:c:\windows\System32\PnkBstrA.exenkBstrA
"{6D1B4033-F107-40FC-A908-7402263B0476}"= TCP:c:\windows\System32\PnkBstrA.exenkBstrA
"{DC9D35B0-B3D7-4931-B00E-D72E3428DD36}"= UDP:c:\windows\System32\PnkBstrB.exenkBstrB
"{5539A145-41D2-43A0-8E86-FC161BE6EE79}"= TCP:c:\windows\System32\PnkBstrB.exenkBstrB
"{F170F327-D4DD-4E8F-BDE0-E86EC54B9CDC}"= UDP:c:\games\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{6B304DB4-6BB3-4F06-874A-73EBE8662F68}"= TCP:c:\games\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{E18DAF8E-6DFA-40CC-874B-0560340FECDE}c:\\games\\unreal tournament 3\\binaries\\ut3.exe"= UDP:c:\games\unreal tournament 3\binaries\ut3.exe:UT3
"UDP Query User{46A048B6-C030-4D9D-9835-A745EEFAECE2}c:\\games\\unreal tournament 3\\binaries\\ut3.exe"= TCP:c:\games\unreal tournament 3\binaries\ut3.exe:UT3
"{8F22B8A4-C7B1-42FE-ACF8-7996E62A59A2}"= UDP:c:\games\Steam\SteamApps\common\fear2\FEAR2.exe:F.E.A.R. 2: Project Origin
"{EB1BC67E-BBD1-4699-872C-CA45FB11AC5F}"= TCP:c:\games\Steam\SteamApps\common\fear2\FEAR2.exe:F.E.A.R. 2: Project Origin
"{CF9C1380-8401-4367-B027-F09AE122F118}"= UDP:c:\games\Steam\SteamApps\common\unreal tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"{F4E5358B-59F9-47AE-BF9C-4B77EED7D23F}"= TCP:c:\games\Steam\SteamApps\common\unreal tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"TCP Query User{283254C0-5E4D-4D42-98F3-437AEE05B34F}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{BAB05597-01D7-47A9-A157-4A629C48EA9B}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [9/08/2009 19:19 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [9/08/2009 19:19 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [9/08/2009 19:19 51792]
R3 UsbFltr;Razer Copperhead Driver;c:\windows\System32\drivers\copperhd.sys [9/08/2009 19:09 11596]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Bijkomende Scan -------
.
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-12 00:13
Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Voltooingstijd: 2009-08-11 0:14
ComboFix-quarantined-files.txt 2009-08-11 22:14

Pre-Run: 396.035.194.880 bytes beschikbaar
Post-Run: 396.067.463.168 bytes beschikbaar

253 --- E O F --- 2009-08-10 15:52

Klik om te vergroten...