ComboFix 11-12-31.03 - Administrator 01/01/2012  16:42:05.1.1 - x86 NETWORK
Microsoft Windows XP Home Edition  5.1.2600.3.1252.31.1043.18.479.301 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Administrator\Mijn documenten\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Marijke  Vanherle\WINDOWS
c:\windows\IsUn0413.exe
c:\windows\system32\msssc.dll
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-12-01 to 2012-01-01  ))))))))))))))))))))))))))))))
.
.
2012-01-01 15:23 . 2012-01-01 15:25	--------	d-----w-	c:\documents and settings\Administrator
2011-12-30 23:10 . 2011-12-30 23:10	--------	d--h--r-	c:\documents and settings\Marijke  Vanherle\Onlangs geopend
2011-12-19 16:14 . 2011-12-19 16:14	--------	d-----w-	c:\documents and settings\Marijke  Vanherle\.thumbnails
2011-12-19 16:11 . 2011-12-25 06:26	--------	d-----w-	c:\documents and settings\Marijke  Vanherle\.gimp-2.6
2011-12-18 17:00 . 2011-11-28 17:51	20568	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-12-18 17:00 . 2011-11-28 17:53	314456	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-12-18 17:00 . 2011-11-28 17:52	34392	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-12-18 17:00 . 2011-11-28 17:52	52952	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-12-18 17:00 . 2011-11-28 17:53	435032	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-12-18 17:00 . 2011-11-28 17:52	111320	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2011-12-18 17:00 . 2011-11-28 17:51	105176	----a-w-	c:\windows\system32\drivers\aswmon.sys
2011-12-18 17:00 . 2011-11-28 17:48	30808	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2011-12-18 16:59 . 2011-11-28 18:01	41184	----a-w-	c:\windows\avastSS.scr
2011-12-18 16:59 . 2011-11-28 18:01	199816	----a-w-	c:\windows\system32\aswBoot.exe
2011-12-18 16:14 . 2011-12-18 16:14	--------	d-----w-	c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2006-03-02 12:00	1859712	----a-w-	c:\windows\system32\win32k.sys
2011-11-12 07:58 . 2011-07-24 20:21	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:13 . 2006-03-02 12:00	916992	----a-w-	c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2006-03-02 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2006-03-02 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2011-11-04 11:25 . 2006-03-02 12:00	385024	----a-w-	c:\windows\system32\html.iec
2011-11-01 16:07 . 2006-03-02 12:00	1288192	----a-w-	c:\windows\system32\ole32.dll
2011-11-01 16:07 . 2006-03-02 12:00	1288192	----a-w-	c:\windows\system32\ole32(2).dll
2011-10-28 05:32 . 2006-03-02 12:00	33280	----a-w-	c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2006-03-02 12:00	2197120	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-10-26 10:50 . 2004-08-04 00:58	2073728	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2006-03-02 12:00	186880	----a-w-	c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2011-07-24 14:47	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-10-09 17:21 . 2011-10-09 17:21	110592	-c--a-w-	c:\windows\system32\usbr38.dll
2011-10-09 17:21 . 2011-10-09 17:21	33536	----a-w-	c:\windows\system32\drivers\a38usb.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01	122512	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2004-01-15 49152]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 13:21	1500160	----a-w-	c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCCClient.exe]
2003-03-26 12:52	462848	-c--a-w-	c:\program files\Trend Micro\PC-cillin 2002\PCCClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
2003-03-26 13:00	258048	-c--a-w-	c:\program files\Trend Micro\PC-cillin 2002\pccguide.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pop3trap.exe]
2003-03-26 12:56	315458	-c--a-w-	c:\program files\Trend Micro\PC-cillin 2002\Pop3trap.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18/12/2011 18:00 435032]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18/12/2011 18:00 314456]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/12/2011 18:00 20568]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27/01/2010 3:09 50704]
S2 PCC_PFW;PC-Cillin Personal Firewall;c:\windows\system32\drivers\PCC_PFW.sys [26/03/2003 13:50 56796]
S2 PCCPFW;PC-cillin PersonalFirewall;c:\program files\Trend Micro\PC-cillin 2002\PCCPFW.exe --> c:\program files\Trend Micro\PC-cillin 2002\PCCPFW.exe [?]
S2 Tmfilter;Tmfilter;c:\windows\system32\drivers\TmXPFlt.sys [25/01/2003 4:11 174720]
S2 Tmntsrv;Trend NT Realtime Service;"c:\program files\Trend Micro\PC-cillin 2002\Tmntsrv.exe" --> c:\program files\Trend Micro\PC-cillin 2002\Tmntsrv.exe [?]
S2 Tmpreflt;Tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [25/01/2003 4:11 18432]
S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [9/10/2011 18:21 33536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService	REG_MULTI_SZ   	HPSLPSVC
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23	452136	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-01-01 c:\windows\Tasks\User_Feed_Synchronization-{73DDB9CC-472A-4B52-A5F8-F2DAAF48BCC7}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Bijkomende Scan -------
.
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-01 16:48
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1644491937-1979792683-682003330-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ce,1b,e2,0a,23,10,14,45,b3,61,fe,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ce,1b,e2,0a,23,10,14,45,b3,61,fe,\
.
Voltooingstijd: 2012-01-01  16:51:09
ComboFix-quarantined-files.txt  2012-01-01 15:51
.
Pre-Run: 39.727.521.792 bytes beschikbaar
Post-Run: 39.721.115.648 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - EAD632636BFAA177F00E006E6E34D22C