((((((((((((((((((((((((((((( snapshot@2008-11-10_11.56.25,18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-10 13:35:59 16,384 ----atw c:\windows\temp\Perflib_Perfdata_520.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-10-05 243072]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-19 68856]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-09-17 289088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-10-04 48752]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-11-15 85744]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"AAWTray"="c:\program files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 88024]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-01 136600]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\28845641502]
2008-11-05 20:16 135168 c:\windows\system32\d3d932.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.iac2"= c:\progra~1\REPLAY~1\iac25_32.ax
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
R3 SiSV;SiSV;c:\windows\system32\DRIVERS\SiSV.sys [2001-08-17 50432]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
https://www.gmer.netRootkit scan 2008-11-10 18:49:47
Windows 5.1.2600 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
PROCES: c:\windows\system32\winlogon.exe
-> c:\windows\System32\d3d932.dll
PROCES: c:\windows\system32\lsass.exe
-> c:\windows\System32\d3d932.dll
.
Voltooingstijd: 2008-11-10 18:52:33
ComboFix-quarantined-files.txt 2008-11-10 17:51:30
ComboFix2.txt 2008-11-10 14:19:22
ComboFix3.txt 2008-11-10 13:48:14
ComboFix4.txt 2008-11-10 10:58:51
ComboFix5.txt 2008-11-10 17:42:04
Pre-Run: 78.802.423.808 bytes beschikbaar
Post-Run: 78,812,291,072 bytes beschikbaar
177 --- E O F --- 2008-10-24 02:57:24