DAL Computer Help - View Single Post

Aeson1 · #3 (**permalink**) 05-07-2009, 12:37 PM

Thanks for the help, heres the log

ComboFix 09-07-04.05 - Compaq_Eigenaar 05-07-2009 13:16.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.203 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Compaq_Eigenaar\Bureaublad\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090704-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Voorgaande Run -------
.
c:\documents and settings\Compaq_Eigenaar\Application Data\inst.exe
c:\windows\Installer\10743e5.msi
c:\windows\Installer\10743ec.msi
c:\windows\Installer\10743f3.msi
c:\windows\Installer\10b680.msi
c:\windows\Installer\12991c3.msi
c:\windows\Installer\152a58.msi
c:\windows\Installer\171b30.msi
c:\windows\Installer\18db292.msi
c:\windows\Installer\18db2aa.msp
c:\windows\Installer\1a0278.msi
c:\windows\Installer\1a027f.msi
c:\windows\Installer\1a0284.msi
c:\windows\Installer\1a028b.msi
c:\windows\Installer\1cc380.msi
c:\windows\Installer\1cc38a.msi
c:\windows\Installer\1f91403.msi
c:\windows\Installer\216701.msi
c:\windows\Installer\22ff41.msi
c:\windows\Installer\2392ed7.msi
c:\windows\Installer\240f165.msp
c:\windows\Installer\2707a69.msi
c:\windows\Installer\2a17343.msi
c:\windows\Installer\371157.msi
c:\windows\Installer\3a19ba.msi
c:\windows\Installer\45246.msi
c:\windows\Installer\4840d90.msp
c:\windows\Installer\492ba21.msi
c:\windows\Installer\497ad.msi
c:\windows\Installer\497b3.msi
c:\windows\Installer\497b9.msi
c:\windows\Installer\497c0.msi
c:\windows\Installer\497c7.msi
c:\windows\Installer\497ce.msi
c:\windows\Installer\497d4.msi
c:\windows\Installer\497da.msi
c:\windows\Installer\497e0.msi
c:\windows\Installer\497e6.msi
c:\windows\Installer\497ec.msi
c:\windows\Installer\497f2.msi
c:\windows\Installer\497f9.msi
c:\windows\Installer\4ae697.msi
c:\windows\Installer\4fa5b.msi
c:\windows\Installer\6a8d88f.msi
c:\windows\Installer\6a8d896.msi
c:\windows\Installer\6a8d8e1.msp
c:\windows\Installer\6b767ac.msi
c:\windows\Installer\6c4fa63.msi
c:\windows\Installer\6c5d8.msi
c:\windows\Installer\709f8.msi
c:\windows\Installer\76fd3.msi
c:\windows\Installer\76fdb.msi
c:\windows\Installer\8665e.msi
c:\windows\Installer\86669.msi
c:\windows\Installer\8e4be.msi
c:\windows\Installer\94ce33.msp
c:\windows\Installer\96f908.msi
c:\windows\Installer\a35bb.msp
c:\windows\Installer\a50a7.msi
c:\windows\Installer\a628eb.msi
c:\windows\Installer\afa36.msi
c:\windows\Installer\b63e60.msi
c:\windows\Installer\b63e66.msi
c:\windows\Installer\b63e6c.msi
c:\windows\Installer\b63e72.msi
c:\windows\Installer\b63e78.msi
c:\windows\Installer\b63e7e.msi
c:\windows\Installer\b63e84.msi
c:\windows\Installer\b63e8b.msi
c:\windows\Installer\b63e91.msi
c:\windows\Installer\b63e98.msi
c:\windows\Installer\b63e9e.msi
c:\windows\Installer\b63ea4.msi
c:\windows\Installer\b63eaa.msi
c:\windows\Installer\b63eb0.msi
c:\windows\Installer\b63eb6.msi
c:\windows\Installer\b63ebc.msi
c:\windows\Installer\b63ec3.msi
c:\windows\Installer\bae9af.msi
c:\windows\Installer\be558.msp
c:\windows\Installer\c3179.msi
c:\windows\Installer\c317f.msi
c:\windows\Installer\fa088.msp

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MSQPDXSERV.SYS
-------\Service_msqpdxserv.sys

(((((((((((((((((((( Bestanden Gemaakt van 2009-06-05 to 2009-07-05 ))))))))))))))))))))))))))))))
.

2009-07-04 14:38 . 2009-07-04 14:38 -------- d--h--r- c:\documents and settings\Compaq_Eigenaar\Onlangs geopend
2009-07-04 14:25 . 2009-07-04 14:25 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\PokerOffice
2009-07-04 14:23 . 2009-07-04 14:24 -------- d-----w- c:\program files\PokerOffice5
2009-07-01 23:10 . 2009-06-04 08:53 31944 ----a-w- c:\documents and settings\Compaq_Eigenaar\Application Data\Mozilla\Firefox\Profiles\t07mhbly.default\ext ensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-07-01 23:10 . 2009-06-04 08:53 22848 ----a-w- c:\documents and settings\Compaq_Eigenaar\Application Data\Mozilla\Firefox\Profiles\t07mhbly.default\ext ensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg _bootstrap.exe
2009-07-01 23:10 . 2009-06-04 08:53 18776 ----a-w- c:\documents and settings\Compaq_Eigenaar\Application Data\Mozilla\Firefox\Profiles\t07mhbly.default\ext ensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg .exe
2009-07-01 22:41 . 2009-07-01 22:41 -------- d-----w- C:\Rbackup
2009-07-01 21:33 . 2009-07-01 21:33 -------- d-----w- c:\program files\Perfect Uninstaller
2009-07-01 06:13 . 2009-07-01 06:13 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\Malwarebytes
2009-07-01 06:13 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-01 06:13 . 2009-07-01 06:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-01 06:13 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-01 06:13 . 2009-07-01 06:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-30 22:28 . 2009-06-30 22:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2009-06-30 21:12 . 2009-06-30 21:13 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ UIREPAIR.DLL
2009-06-30 21:12 . 2009-06-30 21:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-06-30 21:12 . 2009-06-30 21:12 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-06-30 21:05 . 2009-07-01 22:26 117760 ----a-w- c:\documents and settings\Compaq_Eigenaar\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ UIREPAIR.DLL
2009-06-30 21:04 . 2009-06-30 21:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-30 21:00 . 2009-06-30 21:00 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-06-30 20:59 . 2009-06-30 21:04 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\SUPERAntiSpyware.com
2009-06-30 16:48 . 2009-07-01 22:19 -------- d-----w- c:\program files\CCleaner
2009-06-30 09:15 . 2009-06-30 09:15 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor
2009-06-30 09:15 . 2009-06-30 09:15 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\OnlineArmor
2009-06-30 09:14 . 2009-04-28 03:02 31824 ----a-w- c:\windows\system32\drivers\OAmon.sys
2009-06-30 09:14 . 2009-04-28 03:01 29776 ----a-w- c:\windows\system32\drivers\OAnet.sys
2009-06-30 09:14 . 2009-04-28 03:01 198224 ----a-w- c:\windows\system32\drivers\OADriver.sys
2009-06-30 09:14 . 2009-06-30 09:14 -------- d-----w- c:\program files\Tall Emu
2009-06-30 08:33 . 2009-06-30 08:33 -------- d-----w- c:\program files\Sophos
2009-06-30 08:28 . 2009-06-30 08:28 -------- d-sh--w- c:\documents and settings\Compaq_Eigenaar\IECompatCache
2009-06-30 00:17 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-06-29 18:46 . 2009-06-29 18:46 -------- d-----w- c:\program files\Windows Defender
2009-06-28 11:35 . 2009-04-30 21:18 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-28 11:35 . 2009-04-30 21:17 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-06-28 11:35 . 2009-04-30 21:17 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-28 11:35 . 2009-04-30 21:17 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-06-25 21:26 . 2009-06-25 21:26 11904 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2009-06-25 21:26 . 2009-06-25 21:26 -------- d-----w- c:\program files\Hitman Pro 3.5
2009-06-25 21:25 . 2009-06-25 21:26 6330616 ----a-w- c:\documents and settings\All Users\Application Data\Hitman Pro 3\HitmanPro35.exe
2009-06-25 20:21 . 2009-06-25 20:21 -------- d-----w- c:\program files\ASIO4ALL v2
2009-06-24 13:42 . 2009-06-24 13:42 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\.smplayer
2009-06-24 13:41 . 2009-06-24 13:41 -------- d-----w- c:\program files\SMPlayer
2009-06-08 19:43 . 2009-06-08 19:43 -------- d-----w- c:\program files\PokerOffice

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-07-05 11:03 . 2008-12-09 01:50 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\Free Download Manager
2009-07-05 10:58 . 2008-08-09 11:06 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\uTorrent
2009-07-05 10:02 . 2008-12-14 05:56 -------- d-----w- c:\program files\Registry Easy
2009-07-03 15:45 . 2009-03-26 02:50 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\Vso
2009-07-01 23:18 . 2008-10-12 13:04 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-07-01 20:42 . 2008-10-09 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-06-30 21:04 . 2008-12-15 13:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-06-30 17:07 . 2008-08-05 19:42 16688 ----a-w- c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-30 16:45 . 2008-08-23 10:51 -------- d-----w- c:\program files\TweakNow RegCleaner Std
2009-06-30 09:14 . 2005-01-01 23:01 97740 ----a-w- c:\windows\system32\perfc013.dat
2009-06-30 09:14 . 2005-01-01 23:01 523144 ----a-w- c:\windows\system32\perfh013.dat
2009-06-29 18:38 . 2008-08-29 09:09 -------- d-----w- c:\program files\Lavasoft
2009-06-27 00:46 . 2008-08-29 09:13 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-25 21:50 . 2008-11-25 03:54 -------- d-----w- c:\program files\PartyGaming
2009-06-25 21:26 . 2008-12-02 05:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2009-06-25 21:26 . 2008-12-03 16:44 -------- d-----w- c:\program files\Hitman Pro 3
2009-06-25 21:26 . 2008-12-02 05:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro 3
2009-06-25 19:38 . 2008-08-05 16:43 -------- d-----w- c:\program files\Creative Professional
2009-06-24 17:20 . 2009-03-25 16:44 -------- d-----w- c:\program files\Jubler
2009-06-16 12:59 . 2008-08-05 19:58 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\Propellerhead Software
2009-06-16 12:52 . 2008-08-05 19:57 -------- d-----w- c:\program files\Propellerhead
2009-06-09 13:03 . 2009-04-03 12:27 -------- d-----w- c:\documents and settings\Compaq_Eigenaar\Application Data\dvdcss
2009-06-03 19:49 . 2009-01-20 00:27 -------- d-----w- c:\program files\Xvid
2009-06-03 15:03 . 2009-02-25 15:50 -------- d-----w- c:\program files\QuickTime
2009-06-03 15:02 . 2005-01-01 16:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-05-26 21:30 . 2009-04-06 00:25 -------- d-----w- c:\program files\Full Tilt Poker
2009-05-26 16:05 . 2009-05-26 16:05 4720 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-05-18 19:05 . 2009-04-11 12:52 -------- d-----w- c:\program files\Omaha Indicator
2009-05-13 05:06 . 2008-08-05 06:26 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:34 . 2008-08-05 06:24 347136 ----a-w- c:\windows\system32\localspl.dll
2009-04-22 12:20 . 2009-04-04 02:10 784 ----a-w- c:\documents and settings\Compaq_Eigenaar\Application Data\mpauth.dat
2009-04-19 19:51 . 2008-08-05 06:26 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:55 . 2008-08-05 06:25 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"E-MU USB Audio Control Panel"="c:\program files\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe" [2007-11-26 274432]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"POEngine5"="c:\program files\PokerOffice5\POEngine.exe" [2008-09-03 475136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp. exe" [2009-02-05 81000]
"FLMBROWSEMOUSE"="c:\program files\Browser PS2 mouse\mouse32a.exe" [2009-01-15 360448]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2009-04-28 2052296]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SiSPower"="SiSPower.dll" - c:\windows\system32\SiSPower.dll [2004-09-24 49152]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoThumbnailCache"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-04-28 335048]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPlayerForWindows_Update Reminder

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"c:\\Program Files\\Propellerhead\\ReCycle\\ReCycle.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t.sys [30-6-2009 2:17 28544]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12-12-2008 15:40 114768]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADr iver.sys [30-6-2009 11:14 198224]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [30-6-2009 11:14 31824]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [30-6-2009 11:14 29776]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23-6-2009 11:01 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23-6-2009 11:01 72944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [12-12-2008 15:40 20560]
R2 emaudsv;E-MU Audio Service;c:\windows\system32\emaudsv.exe [20-11-2006 11:29 20992]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [30-6-2009 11:14 361672]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 19:19 13592]
R3 emusba10;E-MU USB-Audio 1.0 Driver;c:\windows\system32\drivers\emusba10.sys [26-11-2007 16:14 163352]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [19-9-2008 4:03 65536]
S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [30-6-2009 11:14 3264200]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [10-12-2008 6:46 66048]
S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3. sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1B3.tm p --> c:\windows\system32\1B3.tmp [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23-6-2009 11:01 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
.
Inhoud van de 'Gedeelde Taken' map

2009-07-05 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2009-07-05 c:\windows\Tasks\Schedule Task Weekly.job
- c:\program files\Registry Easy\RE.exe [2008-12-14 15:30]
.
- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-POEngine - (no file)
Notify-!SASWinLogon - (no file)

.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pres ario&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=pres ario&pf=desktop
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-07-05 13:21
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\M EMSWEEP2]
"ImagePath"="\??\c:\windows\system32\1B3.tmp"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Curr entVersion\Installer\UserData\LocalSystem\Componen ts\•€|ÿÿÿÿ"•€|þ»Ñw*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\ \Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01 CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(476)
c:\windows\system32\Ati2evxx.dll
.
Voltooingstijd: 2009-07-05 13:23
ComboFix-quarantined-files.txt 2009-07-05 11:22

Pre-Run: 51.348.672.512 bytes beschikbaar
Post-Run: 51.329.200.128 bytes beschikbaar

287 --- E O F --- 2009-07-02 23:07