ComboFix 08-11-01.06 - Arik 2008-11-02 17:09:34.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1033.18.1280 [GMT 1:00]
Gestart vanuit: C:\Users\Arik\Desktop\Downloads\ComboFix.exe
* Resident AV is active
.
(((((((((((((((((((( Bestanden Gemaakt van 2008-10-02 to 2008-11-02 ))))))))))))))))))))))))))))))
.
2008-11-02 11:18 . 2008-09-18 05:56 147,456 --a------ C:\Windows\System32\Faultrep.dll
2008-11-02 11:18 . 2008-09-18 05:56 125,952 --a------ C:\Windows\System32\wersvc.dll
2008-11-02 11:10 . 2008-08-12 04:39 443,392 --a------ C:\Windows\System32\win32spl.dll
2008-10-21 21:13 . 2008-11-02 12:38 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2008-10-21 21:11 . 2008-10-21 21:11 <DIR> d-------- C:\Program Files\Microsoft SQL Server 2005 Mobile Edition
2008-10-21 21:11 . 2008-10-21 21:11 <DIR> d-------- C:\Program Files\Microsoft Device Emulator
2008-10-21 20:58 . 2008-10-21 20:58 <DIR> d-------- C:\Windows\System32\1033
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\Windows\Symbols
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\Users\All Users\PreEmptive Solutions
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\ProgramData\PreEmptive Solutions
2008-10-21 20:46 . 2008-10-21 20:58 <DIR> d-------- C:\Program Files\HTML Help Workshop
2008-10-21 20:46 . 2008-10-21 20:57 <DIR> d-------- C:\Program Files\Common Files\Merge Modules
2008-10-21 20:46 . 2008-10-21 20:46 <DIR> d-------- C:\Program Files\CE Remote Tools
2008-10-21 20:43 . 2008-10-21 20:43 <DIR> d-------- C:\Windows\System32\Visual Studio 2005Templates
2008-10-21 20:43 . 2008-10-21 20:43 <DIR> d-------- C:\Windows\System32\Visual Studio 2005
2008-10-21 20:43 . 2008-11-02 12:44 <DIR> d-------- C:\Users\All Users\Microsoft Help
2008-10-21 20:43 . 2008-11-02 12:44 <DIR> d-------- C:\ProgramData\Microsoft Help
2008-10-21 20:43 . 2008-10-21 21:00 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-10-21 20:37 . 2008-10-21 20:37 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-10-21 20:27 . 2008-10-21 20:27 717,296 --a------ C:\Windows\System32\drivers\sptd.sys
2008-10-21 20:26 . 2008-10-21 20:26 <DIR> d-------- C:\Users\Arik\AppData\Roaming\DAEMON Tools
2008-10-20 21:11 . 2008-10-20 21:11 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-20 20:39 . 2008-10-20 20:39 <DIR> d-------- C:\Users\All Users\InterAction studios
2008-10-20 20:39 . 2008-10-20 20:39 <DIR> d-------- C:\ProgramData\InterAction studios
2008-10-20 20:37 . 2008-10-20 20:41 <DIR> d-------- C:\Program Files\Chicken Invaders 3
2008-10-20 20:36 . 2008-10-20 20:36 <DIR> d-------- C:\Program Files\ReflexiveArcade
2008-10-18 08:33 . 2008-11-02 17:01 <DIR> d-------- C:\Users\Arik\Tracing
2008-10-18 08:31 . 2008-10-18 08:31 <DIR> d-------- C:\Program Files\Microsoft
2008-10-18 08:29 . 2008-10-18 08:29 <DIR> d-------- C:\Program Files\Common Files\Windows Live
2008-10-14 21:54 . 2008-09-18 06:09 3,601,464 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-10-14 21:54 . 2008-09-18 06:09 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-10-14 21:54 . 2008-09-18 03:16 2,032,640 --a------ C:\Windows\System32\win32k.sys
2008-10-14 21:54 . 2008-10-02 02:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-10-14 21:54 . 2008-10-02 04:49 827,392 --a------ C:\Windows\System32\wininet.dll
2008-10-14 21:54 . 2008-08-27 02:06 288,768 --a------ C:\Windows\System32\drivers\srv.sys
2008-10-07 15:23 . 2008-10-07 15:24 <DIR> d-------- C:\Users\Arik\AppData\Roaming\Ventrilo
2008-10-07 15:23 . 2008-10-07 15:23 <DIR> d-------- C:\Program Files\VentriloMIX
2008-10-05 21:50 . 2008-10-05 21:50 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2008-10-05 21:45 . 2008-07-31 02:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-10-05 21:45 . 2008-03-08 05:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-10-05 21:45 . 2008-04-23 05:42 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-10-05 21:45 . 2008-04-23 05:42 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-10-05 21:45 . 2008-04-23 05:41 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-10-05 21:45 . 2008-04-23 05:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-10-05 21:45 . 2008-07-31 04:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-10-04 17:05 . 2008-10-04 17:05 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-10-04 16:44 . 2008-10-04 16:44 850 --a------ C:\Windows\System32\ProductTweaks.xml
2008-10-04 16:44 . 2008-10-04 16:44 385 --a------ C:\Windows\System32\user_gensett.xml
2008-10-04 16:39 . 2008-10-04 16:39 <DIR> d-------- C:\Windows\System32\logs
2008-10-04 16:39 . 2008-10-04 16:39 <DIR> d-------- C:\Users\Arik\AppData\Roaming\BitDefender
2008-10-04 16:39 . 2008-10-04 16:39 <DIR> d-------- C:\Binaries
2008-10-04 16:38 . 2008-10-04 16:43 <DIR> d-------- C:\Users\All Users\BitDefender
2008-10-04 16:38 . 2008-10-04 16:43 <DIR> d-------- C:\ProgramData\BitDefender
2008-10-04 16:38 . 2008-10-04 16:39 <DIR> d-------- C:\Program Files\BitDefender
2008-10-04 16:37 . 2008-10-04 16:37 <DIR> d-------- C:\Windows\System32\URTTEMP
2008-10-04 16:36 . 2008-10-04 16:39 <DIR> d-------- C:\Program Files\Common Files\BitDefender
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-02 15:53 --------- d-----w C:\Program Files\Steam
2008-11-02 14:48 100,976 ----a-w C:\Users\Arik\AppData\Roaming\nvModes.dat
2008-11-02 11:59 --------- d-----w C:\Program Files\Common Files\Steam
2008-10-21 20:14 --------- d-----w C:\Program Files\Microsoft.NET
2008-10-18 07:30 --------- d-----w C:\Program Files\Windows Live
2008-10-14 20:59 615,424 ----a-w C:\Windows\System32\themeui.dll
2008-10-14 20:59 240,128 ----a-w C:\Windows\System32\uxtheme.dll
2008-10-05 20:48 --------- d-----w C:\Program Files\Windows Mail
2008-10-04 15:47 103,944 ----a-w C:\Windows\system32\drivers\bdfndisf.sys
2008-10-02 13:47 --------- d-----w C:\Program Files\Microsoft Works
2008-10-01 19:45 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-10-01 19:45 --------- d-----w C:\Program Files\Common Files\L&H
2008-10-01 17:34 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-09-28 16:40 --------- d-----w C:\Users\Arik\AppData\Roaming\vlc
2008-09-28 16:40 --------- d-----w C:\Program Files\VideoLAN
2008-09-28 11:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-28 11:42 --------- d-----w C:\Users\Arik\AppData\Roaming\InstallShield
2008-09-28 11:42 --------- d-----w C:\Program Files\Razer
2008-09-25 19:49 174 --sha-w C:\Program Files\desktop.ini
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Sidebar
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Journal
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Defender
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Collaboration
2008-09-25 19:41 --------- d-----w C:\Program Files\Windows Calendar
2008-09-25 19:19 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-09-25 19:19 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-09-22 19:11 --------- d-----w C:\ProgramData\NOS
2008-09-22 19:11 --------- d-----w C:\Program Files\NOS
2008-09-20 19:26 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-09-20 19:25 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-20 18:26 269,312 ----a-w C:\Windows\System32\es.dll
2008-09-20 17:08 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-20 17:01 --------- d-----w C:\ProgramData\WLInstaller
2008-09-20 16:49 --------- d-----w C:\Program Files\7-Zip
2008-09-20 14:54 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-09-20 14:54 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-09-20 14:54 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-09-20 14:54 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-09-20 14:49 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-09-20 14:48 303,616 ----a-w C:\Windows\System32\wmpeffects.dll
2008-09-20 14:42 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-09-20 14:39 29,184 ----a-w C:\Windows\system32\drivers\BTHUSB.SYS
2008-09-20 14:39 220,160 ----a-w C:\Windows\system32\drivers\bthport.sys
2008-09-20 14:39 19,456 ----a-w C:\Windows\system32\drivers\bthenum.sys
2008-09-20 14:39 181,760 ----a-w C:\Windows\System32\fsquirt.exe
2008-09-20 14:38 988,216 ----a-w C:\Windows\System32\winload.exe
2008-09-20 14:38 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-09-20 14:38 615,992 ----a-w C:\Windows\System32\ci.dll
2008-09-20 14:38 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-09-20 14:38 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-09-20 14:38 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-09-20 14:38 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-09-20 14:38 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-09-20 14:38 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-09-20 14:38 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-09-20 14:36 295,936 ----a-w C:\Windows\System32\gdi32.dll
2008-09-20 14:35 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-09-20 14:35 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-09-20 14:33 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-09-20 14:33 738,304 ----a-w C:\Windows\System32\inetcomm.dll
2008-09-20 14:32 1,314,816 ----a-w C:\Windows\System32\quartz.dll
2008-09-20 14:16 --------- d-----w C:\ProgramData\Sony Corporation
2008-09-20 14:16 --------- d-----w C:\Program Files\Sony
2008-09-20 14:14 --------- d-----w C:\Users\Arik\AppData\Roaming\Sony Corporation
2008-09-20 14:03 --------- d-----w C:\Program Files\Common Files\Sony Shared
2008-09-20 13:55 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-20 13:29 --------- d-----w C:\Program Files\Sigmatel
2008-09-20 13:18 --------- d-----w C:\Program Files\CONEXANT
2008-09-20 13:13 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_Apfiltr_01001.Wdf
2008-09-20 13:13 --------- d-----w C:\Program Files\Apoint
2008-09-08 22:03 51,712 ----a-w C:\Windows\System32\sirenacm.dll
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
.
((((((((((((((((((((((((((((( snapshot@2008-11-02_11.57.13,38 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-21 20:14:52 387,800 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.BatchParser\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.batchparser.dll
+ 2008-11-02 11:32:20 363,376 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.BatchParser\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.batchparser.dll
- 2008-10-21 20:14:52 75,480 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll
+ 2008-11-02 11:32:21 78,192 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\9.0.242.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll
- 2008-10-21 20:15:10 1,607,896 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.Replication\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Replication.dll
+ 2008-11-02 11:32:53 1,626,480 ----a-w C:\Windows\assembly\GAC_32\Microsoft.SqlServer.Replication\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Replication.dll
- 2008-10-21 20:14:56 539,352 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.AdomdClient\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.dll
+ 2008-11-02 11:32:25 546,160 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.AdomdClient\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.AdomdClient.dll
- 2008-10-21 20:14:52 137,944 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.DeploymentEngine\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DeploymentEngine.dll
+ 2008-11-02 11:32:21 140,656 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices.DeploymentEngine\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DeploymentEngine.dll
- 2008-10-21 20:14:52 1,211,096 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DLL
+ 2008-11-02 11:32:20 1,217,904 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.AnalysisServices\9.0.242.0__89845dcd8080cc91\Microsoft.AnalysisServices.DLL
- 2008-10-21 20:14:52 35,544 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.DataWarehouse.Interfaces\9.0.242.0__89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.DLL
+ 2008-11-02 11:32:20 38,256 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.DataWarehouse.Interfaces\9.0.242.0__89845dcd8080cc91\Microsoft.DataWarehouse.Interfaces.DLL
- 2008-10-21 20:13:39 133,848 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.NetEnterpriseServers.ExceptionMessageBox\9.0.242.0__89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.dll
+ 2008-11-02 11:30:13 136,560 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.NetEnterpriseServers.ExceptionMessageBox\9.0.242.0__89845dcd8080cc91\Microsoft.NetEnterpriseServers.ExceptionMessageBox.dll
- 2008-10-21 20:14:51 150,232 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ConnectionInfo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.dll
+ 2008-11-02 11:32:20 157,040 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ConnectionInfo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ConnectionInfo.dll
- 2008-10-21 20:13:39 43,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.CustomControls\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.CustomControls.dll
+ 2008-11-02 11:30:15 46,448 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.CustomControls\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.CustomControls.dll
- 2008-10-21 20:13:39 199,384 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.GridControl\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.GridControl.dll
+ 2008-11-02 11:30:15 202,096 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.GridControl\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.GridControl.dll
- 2008-10-21 20:14:52 68,312 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.RegSvrEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.dll
+ 2008-11-02 11:32:20 71,024 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.RegSvrEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.RegSvrEnum.dll
- 2008-10-21 20:14:52 555,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Rmo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Rmo.dll
+ 2008-11-02 11:32:21 558,448 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Rmo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Rmo.dll
- 2008-10-21 20:14:52 39,640 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ServiceBrokerEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.dll
+ 2008-11-02 11:32:20 42,352 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.ServiceBrokerEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.ServiceBrokerEnum.dll
- 2008-10-21 20:14:51 1,559,256 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Smo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Smo.dll
+ 2008-11-02 11:32:19 1,598,832 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.Smo\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.Smo.dll
- 2008-10-21 20:14:51 223,960 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SmoEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.dll
+ 2008-11-02 11:32:19 222,576 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SmoEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SmoEnum.dll
- 2008-10-21 20:14:51 895,704 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.dll
+ 2008-11-02 11:32:19 906,608 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.SqlEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.SqlEnum.dll
- 2008-10-21 20:13:39 592,600 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WizardFrameworkLite\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.dll
+ 2008-11-02 11:30:14 595,312 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WizardFrameworkLite\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WizardFrameworkLite.dll
- 2008-10-21 20:14:51 43,736 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WmiEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.dll
+ 2008-11-02 11:32:20 46,448 ----a-w C:\Windows\assembly\GAC_MSIL\Microsoft.SqlServer.WmiEnum\9.0.242.0__89845dcd8080cc91\Microsoft.SqlServer.WmiEnum.dll
- 2008-11-02 10:05:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-11-02 15:53:02 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-11-02 10:05:30 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-11-02 15:53:02 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-11-02 10:07:20 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-11-02 15:54:28 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-11-02 10:07:26 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-11-02 15:54:38 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-09-20 10:55:41 48,600 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
+ 2008-11-02 11:44:05 75,984 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
- 2008-11-02 10:31:15 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-11-02 12:19:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-02 10:31:15 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-02 12:19:52 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-02 10:31:15 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-02 12:19:52 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-11-02 10:45:49 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-11-02 16:09:07 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-11-02 16:09:07 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2008-01-19 07:35:35 466,944 ----a-w C:\Windows\System32\netapi32.dll
+ 2008-10-16 04:47:33 466,944 ----a-w C:\Windows\System32\netapi32.dll
- 2008-11-02 10:13:25 122,918 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-11-02 15:59:47 122,918 ----a-w C:\Windows\System32\perfc009.dat
- 2008-11-02 10:13:25 642,654 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-11-02 15:59:47 642,654 ----a-w C:\Windows\System32\perfh009.dat
- 2008-11-02 10:09:20 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-11-02 11:10:04 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2005-10-14 10:51:01 66,264 ----a-w C:\Windows\System32\sqlctr90.dll
+ 2007-02-10 04:29:52 67,952 ----a-w C:\Windows\System32\sqlctr90.dll
- 2005-10-14 01:51:26 2,208,016 ----a-w C:\Windows\System32\sqlncli.dll
+ 2007-02-10 04:29:52 2,234,224 ----a-w C:\Windows\System32\sqlncli.dll
- 2008-11-02 10:07:38 7,004 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3706493377-1333071778-2525418271-1000_UserData.bin
+ 2008-11-02 15:55:22 7,262 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3706493377-1333071778-2525418271-1000_UserData.bin
- 2008-11-02 10:07:37 59,014 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-11-02 15:55:22 59,652 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-11-02 10:07:34 29,404 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-11-02 11:13:09 29,436 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot teruggezet naar huidige datum --
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="C:\Program Files\Sony\Network Utility\LANUtil.exe" [2008-01-16 253952]
"Steam"="c:\program files\steam\steam.exe" [2008-10-08 1410296]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2008-01-29 118784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-01-30 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-01-30 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-01-30 81920]
"Copperhead"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-11-25 155648]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" [2008-10-04 716800]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" [2008-08-10 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 14:19 98304 C:\Windows\System32\VESWinlogon.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{44301C66-9CB9-4688-BBDF-01C2971A450A}C:\\program files\\steam\\steamapps\\
[email protected]\\counter-strike\\hl.exe"= UDP:C:\program files\steam\steamapps\
[email protected]\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{B7B3EAA8-55FF-4511-A75E-FD30FC3B19B3}C:\\program files\\steam\\steamapps\\
[email protected]\\counter-strike\\hl.exe"= TCP:C:\program files\steam\steamapps\
[email protected]\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{76640FFB-F607-4097-82F9-104B0AFF73CD}C:\\program files\\steam\\steamapps\\
[email protected]\\counter-strike\\hl.exe"= UDP:C:\program files\steam\steamapps\
[email protected]\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{D68BDD31-C967-46E1-A3DA-E212F214A61B}C:\\program files\\steam\\steamapps\\
[email protected]\\counter-strike\\hl.exe"= TCP:C:\program files\steam\steamapps\
[email protected]\counter-strike\hl.exe:Half-Life Launcher
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R2 BDVEDISK;BDVEDISK;C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-07-02 82568]
R2 NSUService;NSUService;C:\Program Files\Sony\Network Utility\NSUService.exe [2008-01-16 204800]
R3 bdfm;BDFM;C:\Windows\system32\drivers\bdfm.sys [2008-08-12 108864]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-04 103944]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2007-04-23 75392]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2007-04-23 43904]
R3 SPI;Sony Programmable I/O Control Device;C:\Windows\system32\DRIVERS\SonyPI.sys [2008-01-29 14720]
R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-11-02 87288]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2007-09-24 812544]
R3 UsbFltr;Razer Copperhead Driver;C:\Windows\system32\drivers\copperhd.sys [2005-11-02 11596]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2008-01-29 245248]
S3 Arrakis3;BitDefender Arrakis Server;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{744106f2-9fa7-11dd-876d-001a805c0dc3}]
\shell\AutoRun\command - F:\Autorun.exe
.
Inhoud van de 'Gedeelde Taken' map
2008-11-02 C:\Windows\Tasks\User_Feed_Synchronization-{2B229304-29A1-4D4E-8ACA-1F5EAB1DE096}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-19 08:33]
.
.
------- Bijkomende Scan -------
.
FireFox -: Profile - C:\Users\Arik\AppData\Roaming\Mozilla\Firefox\Profiles\j8sasyz6.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.be/
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-11-02 17:15:35
Windows 6.0.6001 Service Pack 1 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2008-11-02 17:18:21
ComboFix-quarantined-files.txt 2008-11-02 16:18:17
ComboFix2.txt 2008-11-02 10:59:01
Pre-Run: 131,979,378,688 bytes free
Post-Run: 131,951,235,072 bytes free
298 --- E O F --- 2008-11-02 11:45:24