combofix log bekijken aub

[maria]

ik zag al enkele dagen een process in taakbeheeer dat er daarvoor niet was namelijk secure~1.exe . ik heb dan een scan gedaan met KIS en spysweeper maar die vonden niets. ik vertrouwde het toch niet en heb combofix eens laten lopen en nu is die secure~1.exe dus weg. maar ik vraag mij nu af met welk virus ik dan wel besmet was want deze pc wordt gebruikt voor online banking, pay pal, moneybookers en credit card betalingen dus je kunt je voorstellen dat ik nu er niet bepaald gerust in ben
hier is dus het combofix log:

ComboFix 09-08-27.01 - Eigenaar 27/08/2009 20:44.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.595 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Webroot Spy Sweeper *On-access scanning disabled* (Outdated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\md5sum.exe
c:\windows\Fonts\Destroy.ttf
c:\windows\Installer\1b89c82.msi
c:\windows\Installer\6a0dca.msi
c:\windows\system32\uninstall.exe
c:\windows\system32\winio.vxd

.
(((((((((((((((((((( Bestanden Gemaakt van 2009-07-27 to 2009-08-27 ))))))))))))))))))))))))))))))
.

2009-08-26 07:42 . 2009-08-26 07:42 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\mzvkbd.dll
2009-08-26 07:42 . 2009-08-26 07:42 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\mzvkbd3.dll
2009-08-23 21:25 . 2009-08-24 03:06 -------- d-----w- c:\program files\Lucky Red
2009-08-22 02:06 . 2009-08-22 02:07 -------- d-----w- c:\program files\Rushmore Casino
2009-08-22 01:37 . 2009-08-25 02:56 -------- d-----w- c:\program files\SlotPower
2009-08-21 23:39 . 2009-08-21 23:42 -------- d-----w- c:\program files\SlotOCash
2009-08-16 23:09 . 2009-08-16 23:50 -------- d-----w- c:\program files\Jackpot Capital
2009-08-15 02:20 . 2009-08-15 02:24 -------- d-----w- c:\program files\InterCasinoEnglishEuro
2009-08-12 02:33 . 2009-07-10 13:31 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-11 19:27 . 2009-08-11 19:27 1171456 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_stonebonus.884fe3f012cc21e9f4b94beccb344fe5.dll
2009-08-11 19:27 . 2009-08-11 19:27 1204224 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bathbonus.eaf1477312e7ecb9b1c7aa0a26e6ac61.dll
2009-08-11 19:27 . 2009-08-11 19:27 1142784 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_bodywaxbonus.86b2e4bb4c8e68cbf84cdb6310c39218.dll
2009-08-11 19:26 . 2009-08-11 19:26 1290240 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_smoothiebonus.779ec9c8439f59a40852d4a998367c4f.dll
2009-08-11 19:26 . 2009-08-11 19:26 827392 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\playerinstantiatedchoosebonus.ceb25d7dda7b0effc207d3dec6e30288.dll
2009-08-11 19:25 . 2009-08-11 19:25 1196032 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\wealthspa_massagebonus.0e575cb178075b87da73199c7e3bdcc1.dll
2009-08-11 19:21 . 2009-08-11 19:21 679936 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\transition_wealthspa.5a3f4e96415d8b3050681cdd275f3d88.dll
2009-08-11 19:21 . 2009-08-11 19:21 618496 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_wealthspa.a58c586ab4d974ea2d4142fb4d851c2b.dll
2009-08-11 19:21 . 2009-08-11 19:21 1032192 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_wealthspa.2cac89b1bff8f25a6a8d3748201af558.dll
2009-08-11 19:21 . 2009-08-11 19:21 1474560 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_wealthspa.548276e787b133afb9b912eb95b8b5c5.dll
2009-08-07 20:38 . 2009-08-07 20:40 -------- d-----w- c:\documents and settings\All Users\Application Data\RealHideIP
2009-08-07 20:38 . 2009-08-07 20:38 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\RealHideIP
2009-08-07 18:48 . 2009-08-07 19:20 -------- d-----w- c:\program files\Casino Titan
2009-08-07 09:22 . 2009-08-10 02:07 -------- d-----w- c:\program files\Club World Casinos
2009-08-06 20:23 . 2009-08-25 23:10 -------- d-----w- c:\program files\CamStudio
2009-08-05 14:03 . 2009-08-05 14:03 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-08-05 14:03 . 2009-08-05 14:03 208616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-08-05 14:03 . 2009-08-05 14:03 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-08-05 13:51 . 2009-08-05 14:04 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-08-05 13:51 . 2009-08-05 14:04 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-08-05 13:50 . 2009-08-27 19:01 950304 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-08-05 13:50 . 2009-08-27 18:55 5444128 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-08-05 13:28 . 2009-08-05 13:28 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-05 13:14 . 2009-08-05 13:14 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\WNR
2009-08-05 13:14 . 2009-08-05 13:27 -------- d-----w- c:\program files\Proxy Switcher Standard
2009-08-05 09:01 . 2009-08-05 09:01 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-01 21:04 . 2009-08-01 21:06 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\LittlewoodsCasino

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-27 19:01 . 2009-08-05 13:50 4328 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-08-27 18:57 . 2008-08-29 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-08-27 18:55 . 2009-08-05 13:50 43612 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-27 18:32 . 2009-04-20 07:28 -------- d-----w- c:\program files\Hide My IP 2009
2009-08-27 17:07 . 2009-04-17 19:28 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\uTorrent
2009-08-23 19:27 . 2009-07-25 02:22 -------- d-----w- c:\program files\Buzz Luck Casino
2009-08-22 03:44 . 2009-01-24 19:25 -------- d-----w- c:\program files\Cheat Engine
2009-08-18 22:56 . 2009-05-29 23:22 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Microgaming
2009-08-15 22:39 . 2009-07-05 21:00 -------- d-----w- c:\program files\InterCasino $$$
2009-08-05 23:48 . 2009-04-25 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\EPS
2009-08-05 14:04 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-08-05 13:49 . 2008-08-29 16:28 -------- d-----w- c:\program files\Kaspersky Lab
2009-08-05 12:47 . 2009-08-05 12:47 361600 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL
2009-08-05 09:01 . 2008-08-09 04:22 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-24 18:19 . 2008-08-09 21:12 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\FrostWire
2009-07-20 01:09 . 2008-08-08 21:49 32168 ----a-w- c:\documents and settings\Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-17 19:04 . 2008-08-09 04:21 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 08:08 . 2008-08-09 04:25 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 22:15 . 2008-10-01 19:34 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-10 19:13 . 2009-07-10 19:01 -------- d-----w- c:\program files\YahELite
2009-07-10 18:39 . 2009-03-03 13:49 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-07-10 18:37 . 2009-07-10 18:37 -------- d-----w- c:\program files\Belkin
2009-07-10 04:52 . 2009-07-10 04:52 -------- d-----w- c:\documents and settings\Eigenaar\Application Data\Auslogics
2009-07-10 03:54 . 2009-07-10 00:51 -------- d-----w- c:\program files\HDD Regenerator
2009-07-09 23:49 . 2009-07-09 23:49 -------- d-----w- c:\program files\Auslogics
2009-07-09 17:29 . 2009-07-09 17:29 417792 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.e2df50a5930ba5d46a68f5564d204ba0.dll
2009-07-06 22:34 . 2009-02-06 00:52 -------- d-----w- c:\program files\Yahoo!
2009-07-06 22:26 . 2008-12-09 22:25 -------- d-----w- c:\program files\Google
2009-07-06 21:48 . 2009-01-14 02:50 -------- d-----w- c:\program files\Audacity
2009-07-03 22:46 . 2009-07-03 22:46 286720 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\t\triplesevens.a57693e75dbe5c4c6599bc80724da385.dll
2009-07-03 17:00 . 2008-08-09 04:20 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-01 21:58 . 2009-04-30 02:26 164 ----a-w- c:\windows\install.dat
2009-07-01 21:36 . 2009-07-01 21:36 1024000 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofychoicebonus_summerholiday.2f3c0065ff052710ed0c13651e2571da.dll
2009-07-01 21:30 . 2009-07-01 21:30 1224704 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1xxx_summerholiday.ca5125cc93020b208c8104895ffd4a80.dll
2009-07-01 21:30 . 2009-07-01 21:30 1638400 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedslots1_summerholiday.19e3e7b6f28b2f036c0b87d00fc799b9.dll
2009-07-01 21:30 . 2009-07-01 21:30 606208 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\gamble2_summerholiday.b02744e18c4cdb3dd3394f69d8987073.dll
2009-06-30 21:51 . 2009-06-30 01:03 -------- d-----w- c:\program files\PartyGaming
2009-06-29 02:45 . 2008-08-08 20:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-25 08:27 . 2008-08-09 04:24 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:27 . 2008-08-09 04:23 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:27 . 2008-08-09 04:23 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:27 . 2008-08-09 04:22 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:27 . 2008-08-09 04:22 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:27 . 2008-08-09 04:20 735232 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-24 11:18 . 2008-08-09 04:22 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:40 . 2008-08-09 04:24 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2008-08-09 04:22 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 10:45 . 2008-08-09 04:24 79872 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:16 . 2008-08-09 04:21 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:22 . 2008-08-08 19:39 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:16 . 2008-08-09 04:24 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-06 04:02 . 2009-06-06 04:02 229486 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\c\classicblackjack.cd8f07669d8ad1880944c3c957f8a558.dll
2009-06-06 01:39 . 2009-06-06 01:39 417792 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\menucore.0ea791e29d13319586e62d6c888426b4.dll
2009-06-05 05:25 . 2009-06-05 05:25 73811 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\_\_crt_mhblackjack.031a97dbfc22ce8c3c008e321e750432.dll
2009-06-05 05:24 . 2009-06-05 05:24 499984 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.55dde164a6c32cf7a5be1bb8e3746043.dll
2009-06-05 05:24 . 2009-06-05 05:24 380928 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\superfun21blackjack.fc65bebd8cad283071824009b0f58e18.dll
2009-06-05 05:12 . 2009-06-05 05:12 126976 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjstrategyui1.044e0fc76ee8cda8665503293a47d38a.dll
2009-06-05 05:12 . 2009-06-05 05:12 217088 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldxxx.49c3810d214dd99c8c9a10ec7d79ed46.dll
2009-06-05 05:12 . 2009-06-05 05:12 102400 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldstatsplugin.6518eac98880e1c269feffe4b0025ca1.dll
2009-06-05 05:12 . 2009-06-05 05:12 327680 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldplugin.77868ad6c41073f45be5eb8a5441c690.dll
2009-06-05 05:12 . 2009-06-05 05:12 94208 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjgoldautoplayplugin.9eecf610ea29425ecba27ee4d82e5058.dll
2009-06-05 05:04 . 2009-06-05 05:04 155648 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bonuspaigowpoker.7a255497429caa23df774f47d3465136.dll
2009-06-05 05:01 . 2009-06-05 05:01 421888 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\lua51host.4f93c8cce0c64b200821a73dd29068f6.dll
2009-06-05 01:12 . 2009-06-05 01:12 24638 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\_\_crt_scratch.960d1fa68750fa010e573df52f42c947.dll
2009-06-05 01:12 . 2009-06-05 01:12 36926 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\_\_crt_reddog.17e4bed26b7398ee9c45c72ed478a759.dll
2009-06-05 01:12 . 2009-06-05 01:12 114822 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\_\_crt_progcyberstud.e038aa28085a77aa97b543eea1b2f3b9.dll
2009-06-05 01:12 . 2009-06-05 01:12 41013 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\_\_crt_cyberstud.1b8f431ce9dfe38861b98045dc7bc82c.dll
2009-06-05 01:10 . 2009-06-05 01:10 393216 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\f\flyingwitchbonus.178abae7811f3ce106a1068e2f8e83aa.dll
2009-06-05 01:10 . 2009-06-05 01:10 352256 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spinningwandbonus.71b441eaf88d72b917384cc517583ca7.dll
2009-06-05 01:09 . 2009-06-05 01:09 348432 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\whatonearth.0a3ab3633f8df69ecc1bb0d848f47412.dll
2009-06-05 01:09 . 2009-06-05 01:09 352528 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\whatonearthxxx.b1cc356ee36fb84ac5c9eca977aa894a.dll
2009-06-05 01:09 . 2009-06-05 01:09 250128 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\w\whatonearthbonus.4a3c41468d5b693ba49db2c04b228a66.dll
2009-06-05 01:08 . 2009-06-05 01:08 221456 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\vegascrapsxxx.9260625f65eb4bc5b68e6b446a4be9ec.dll
2009-06-05 01:08 . 2009-06-05 01:08 110592 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\vegascraps.b5db027e00863192286f05af6c1d7fd0.dll
2009-06-05 01:08 . 2009-06-05 01:08 114688 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\u\usroulette.111677cc695657a0c9a392432a7a3d55.dll
2009-06-05 01:05 . 2009-06-05 01:05 991232 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\g\greatgalaxycasinobonus.00e57fbcf4a0a2f5d0dff6cdd579f7b7.dll
2009-06-05 01:03 . 2009-06-05 01:03 700416 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\pickuntilcollectbonus.07d287f25bba4ccba9ff2af0dedb4455.dll
2009-06-05 01:03 . 2009-06-05 01:03 380928 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\pickuntilcollectbonus_tggg.e66cbfaf93bc06e345be6dacdf926516.dll
2009-06-05 00:56 . 2009-06-05 00:56 65536 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\sizzlingscorpionsbonus.b810fd9a6f22045661d97e29b7b598bb.dll
2009-06-05 00:55 . 2009-06-05 00:55 151552 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\sicbo.947b265d4f68e9c480664c57d59ab47c.dll
2009-06-05 00:54 . 2009-06-05 00:54 131072 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\r\rouletteroyale.78fbb4e6860f34eb015928fa5c78c605.dll
2009-06-04 06:47 . 2009-06-04 06:47 245760 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\pokerride.0e46f0612786991e4a026d6c70ac2e93.dll
2009-06-04 06:47 . 2009-06-04 06:47 188416 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\p\pokerpursuit.99406aaa92216ca4bca884748c50551a.dll
2009-06-04 06:43 . 2009-06-04 06:43 495888 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\simplepickxofychoicebonus.281bc5f32411b92464f05fd4a21f7e74.dll
2009-06-04 06:39 . 2009-06-04 06:39 376832 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\vegasstripblackjack.59f244d12616734754d6150b8b007a01.dll
2009-06-04 06:38 . 2009-06-04 06:38 380928 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\v\vegasdowntownblackjack.e7dba3d00f62f28aeb42af2519700caa.dll
2009-06-04 06:38 . 2009-06-04 06:38 376832 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\s\spanishblackjack.8c2ac90e8c4bbda7817e074b224d622e.dll
2009-06-04 06:38 . 2009-06-04 06:38 397312 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\d\doubleexposureblackjack.00416c68a65da9cd4e538e162751f284.dll
2009-06-04 06:38 . 2009-06-04 06:38 385024 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bonusblackjack.dab6343a296b066bd5fe18d7c7d9940f.dll
2009-06-04 06:38 . 2009-06-04 06:38 217360 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bonusmhblackjack.84d4657d317de829d176ac2f1af5d8c4.dll
2009-06-04 06:38 . 2009-06-04 06:38 311568 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bonusmhblackjackxxx.c3b991b53ad6a9558a283150df84299e.dll
2009-06-04 06:37 . 2009-06-04 06:37 126976 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjstrategyui1.f6bf7f52301739c715fb0c01374c3b3a.dll
2009-06-04 06:37 . 2009-06-04 06:37 323856 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedmhblackjack1xxx.2ee620ed3209d6b2b80e783d95ac27ee.dll
2009-06-04 06:37 . 2009-06-04 06:37 241936 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\a\advancedmhblackjack1.083be9c67a155a097b96aea9ddb29706.dll
2009-06-04 06:37 . 2009-06-04 06:37 49152 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\b\bjstrategylogic1.0ce35352c4c4658d12c59ec38c70398a.dll
2009-06-04 06:36 . 2009-06-04 06:36 172032 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mh3cardpokerxxx.74afec728d946d3f7f15d0772542ef3f.dll
2009-06-04 06:36 . 2009-06-04 06:36 159744 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\m\mh3cardpokerplugin.66fb6927c2425fa0482becdc7c24f0ef.dll
2009-06-04 06:13 . 2009-06-04 06:13 45169 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\l\luckycharmerbonus.daf5f53b45ca201c513cbb5bf382c914.dll
2009-06-04 06:02 . 2009-06-04 06:02 368912 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\r\reelstrikexxx.f6ecb9684e1be3d30a84d6ce47725e8a.dll
2009-06-04 06:02 . 2009-06-04 06:02 151824 ----a-w- c:\documents and settings\All Users\Application Data\MGS\cache\r\reelstrikebonus.352846d26cf4c594dafc9b9ea0b478be.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2008-12-07 18:49 . 2008-08-24 16:17 88 --sh--r- c:\windows\system32\89C2605346.sys
2008-12-07 18:49 . 2008-08-24 00:45 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2007-08-20 495616]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2005-08-31 1658592]
"StickerLite"="c:\program files\MoRUN.net\Sticker Lite\sticker.exe" [2008-01-16 255488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-10-03 4344472]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-10-03 960376]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-10-03 165144]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Telemeter 3.0"="c:\program files\Telemeter 3.0\telemeter3.exe" [2007-04-15 1441792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-08-05 208616]
"SpySweeper"="c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2009-05-13 6345840]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Belkin F5D8053 N Wireless USB Adapter Utility.lnk - c:\program files\Belkin\F5D8053v3011\Belkinwcui.exe [2008-4-7 1736704]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-4-25 11057664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" /background
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe"
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\WYSIWYG Web Builder 5\\WebBuilder.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 gupdate1c98cac8d1b3e6a;Google Update Service (gupdate1c98cac8d1b3e6a);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 133104]
R3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\system32\DRIVERS\BLKWGU.sys [x]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-08-05 33808]
S0 snapman380;Acronis Snapshots Manager (Build 380);c:\windows\system32\DRIVERS\snman380.sys [2008-11-02 134272]
S0 ssfs0bbc;ssfs0bbc;c:\windows\system32\DRIVERS\ssfs0bbc.sys [2009-04-21 29808]
S0 tdrpman140;Acronis Try&Decide and Restore Points filter (build 140);c:\windows\system32\DRIVERS\tdrpm140.sys [2008-11-02 971168]
S2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\Spy Sweeper\WRConsumerService.exe [2009-07-01 1205760]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S3 rt2870;Belkin 802.11n USB Wireless LAN Card Driver;c:\windows\system32\DRIVERS\rt2870.sys [2007-07-28 517632]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Inhoud van de 'Gedeelde Taken' map

2009-08-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 00:54]

2009-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 00:54]
.
- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-Vidalia - c:\program files\Vidalia Bundle\Vidalia\vidalia.exe


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uDefault_Search_URL = hxxp://www.google.com/ie
IE: Save Flash - c:\program files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/210
IE: Save YouTube Video - c:\program files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll/217
IE: Toevoegen aan de Banner Ad Blokker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - c:\program files\PartyGaming\PartyCasino\RunApp.exe
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: Yahoo! Chat - hxxp://127.0.0.1:3656/us.yimg.com/i/chat/applet/c381/chat.cab
DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} - hxxp://webc.chatclients.be/controls/IlosoftImageUpload.dll
DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab
FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\gtq69xsh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-27 20:59
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,e0,43,e9,ef,b8,
a1,e6,65,e2,63,26,f1,3f,c8,ff,68,3d,e3,17,0f,b8,00,ca,88,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,bb,d1,ff,c3,aa,
9b,08,6c,6a,9c,d6,61,af,45,84,18,fb,a0,85,80,27,07,c4,a5,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,15,5b,58,d4,b2,
58,6c,16,ff,7c,85,e0,43,d4,0e,fe,98,75,82,36,40,8c,b0,70,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:6b,65,49,6a,7e,99,74,f7,4a,72,31,c8,91,
01,0c,6d,86,8c,21,01,be,91,eb,e7,a3,d1,ae,8d,f2,b4,3a,b9,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,9f,8c,ee,6e,50,
2e,a5,4d,f5,1d,4d,73,a8,13,5c,05,d2,a1,e2,17,b2,d8,25,2d,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,82,68,9c,72,31,
c5,96,d4,df,20,58,62,78,6b,cf,c8,cb,7f,88,88,e1,5d,82,f1,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,f3,a7,83,d5,06,
1b,1a,73,fb,a7,78,e6,12,2f,9a,ea,31,fc,2e,e8,11,e0,f9,c0,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,4a,26,79,b7,06,
ca,cb,b1,01,3a,48,fc,e8,04,4a,f1,41,4b,92,75,d1,b6,f8,9e,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,3b,83,d1,4c,8c,
a6,59,82,f6,0f,4e,58,98,5b,89,c9,40,31,35,94,e5,ce,01,16,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,4d,1c,ad,7a,01,
78,6f,83,3d,ce,ea,26,2d,45,aa,78,f5,5b,8c,01,99,c7,ce,2e,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,77,ff,d7,e5,45,
b1,0a,85,2a,b7,cc,b5,b9,7f,41,e7,19,50,00,fa,57,4c,dd,68,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,8d,54,ad,bc,3f,
8b,f8,59,6c,43,2d,1e,aa,22,2f,9c,99,20,bd,1a,91,b7,ec,20,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(976)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(572)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\rundll32.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PSIService.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Webroot\Spy Sweeper\SpySweeper.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\Webroot\Spy Sweeper\SSU.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Voltooingstijd: 2009-08-27 21:09 - machine werd herstart
ComboFix-quarantined-files.txt 2009-08-27 19:09
ComboFix2.txt 2008-09-28 19:36
ComboFix3.txt 2008-09-17 06:54

Pre-Run: 126.025.945.088 bytes beschikbaar
Post-Run: 126.054.760.448 bytes beschikbaar

431 --- E O F --- 2009-08-26 07:37

[miekiemoes]

Hoi,

Ik zie hier niks verkeerds hoor.

[maria]

echt? dus ik was dan niet besmet? OEF nu ben ik gerust dank je wel miekiemoes
vraag me nu toch wel af wat die secure~1.exe dan wel was

[miekiemoes]

Nee, ik zie niks vreemds.
Die secure~1.exe kan vanalles zijn, want hier wordt gebruik gemaakt van een shortname. Het wil niet altijd zeggen dat het daarvoor malware is.