ComboFix 09-05-04.08 - Compaq_Eigenaar 05-05-2009 12:58.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.1023.690 [GMT 2:00] Gestart vanuit: c:\documents and settings\Compaq_Eigenaar.MARK\Bureaublad\ComboFix.exe AV: Norton Internet Security *On-access scanning enabled* (Updated) FW: Norton Internet Security *enabled* . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf c:\documents and settings\Compaq_Eigenaar\Application Data\inst.exe c:\documents and settings\Compaq_Eigenaar\Local Settings\Temporary Internet Files\Cpvff.stt C:\install.exe D:\resycled d:\resycled\boot.com . (((((((((((((((((((( Bestanden Gemaakt van 2009-04-05 to 2009-05-05 )))))))))))))))))))))))))))))) . 2009-05-05 10:33 . 2009-05-05 10:33 -------- d-----w c:\documents and settings\Compaq_Eigenaar.MARK\Local Settings\Application Data\Identities 2009-05-05 06:45 . 2009-05-05 00:43 -------- d-sh--r c:\windows\system32\dllcache 2009-05-05 06:45 . 2009-05-05 06:48 -------- d-----r c:\windows\system32\config\systemprofile\Menu Start 2009-05-05 00:57 . 2009-05-05 10:32 -------- d-----w c:\documents and settings\Compaq_Eigenaar.MARK\Tracing 2009-05-04 23:52 . 2009-05-04 23:52 -------- d-----w c:\documents and settings\Compaq_Eigenaar.MARK\Application Data\Screenshot Sender 2009-05-04 23:50 . 2009-05-04 23:50 -------- d-----w c:\program files\Messenger Plus! Live 2009-05-04 23:39 . 2009-05-04 23:39 -------- d-sh--w c:\documents and settings\LocalService\IETldCache 2009-05-04 23:33 . 2009-05-04 23:33 -------- d-sh--w c:\documents and settings\Compaq_Eigenaar.MARK\IECompatCache 2009-05-04 23:33 . 2009-05-04 23:33 -------- d-sh--w c:\documents and settings\Compaq_Eigenaar.MARK\PrivacIE 2009-05-04 23:32 . 2009-05-04 23:32 -------- d-sh--w c:\documents and settings\Compaq_Eigenaar.MARK\IETldCache 2009-05-04 23:30 . 2009-05-04 23:30 -------- d-----w c:\windows\ie8updates 2009-05-04 23:29 . 2009-01-07 16:21 26144 ----a-w c:\windows\system32\spupdsvc.exe 2009-05-04 23:28 . 2009-05-04 23:29 -------- dc-h--w c:\windows\ie8 2009-05-04 23:28 . 2009-05-04 23:29 -------- d-----w c:\windows\system32\nl-NL 2009-05-04 22:58 . 2004-08-03 23:03 21504 ----a-w c:\windows\system32\hidserv.dll 2009-05-04 22:58 . 2001-09-06 17:04 12288 ----a-w c:\windows\system32\drivers\mouhid.sys 2009-05-04 22:58 . 2004-08-03 22:57 14848 ----a-w c:\windows\system32\drivers\kbdhid.sys 2009-05-04 22:57 . 2001-08-17 20:02 9600 ----a-w c:\windows\system32\drivers\hidusb.sys 2009-05-04 22:57 . 2004-08-03 21:07 59264 ----a-w c:\windows\system32\drivers\USBAUDIO.sys 2009-05-04 22:57 . 2004-08-03 21:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys 2009-05-04 22:57 . 2004-08-03 21:01 25856 ----a-w c:\windows\system32\drivers\usbprint.sys 2009-05-04 22:47 . 2009-05-04 23:33 -------- d-----w c:\documents and settings\Compaq_Eigenaar.MARK\Local Settings\Application Data\Google 2009-05-04 22:47 . 2009-05-04 22:47 -------- d-----w c:\program files\Google 2009-05-04 22:41 . 2009-02-28 04:55 105984 ------w c:\windows\system32\dllcache\iecompat.dll 2009-05-04 22:29 . 2009-05-04 22:29 -------- d-----w c:\documents and settings\Compaq_Eigenaar.MARK\Application Data\Malwarebytes 2009-05-04 22:29 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys 2009-05-04 22:29 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-04 22:29 . 2009-05-04 22:29 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-05-04 22:29 . 2009-05-04 22:29 -------- d-----w c:\program files\Malwarebytes' Anti-Malware 2009-05-04 22:21 . 2009-05-04 22:22 -------- d-----w C:\9fbe6f9980a2456cd159254afc617bcf 2009-05-04 22:14 . 2009-05-04 22:14 -------- d-----w c:\documents and settings\Compaq_Eigenaar.MARK\Contacts 2009-05-04 22:14 . 2009-05-04 22:14 -------- dc----w c:\windows\system32\DRVSTORE 2009-05-04 22:04 . 2005-01-02 00:03 -------- d-----w c:\documents and settings\Compaq_Eigenaar.MARK\Application Data\SampleView 2009-05-04 22:03 . 2005-01-01 23:54 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\Apple Computer 2009-05-04 22:03 . 2005-01-02 00:03 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\SampleView 2009-05-04 22:03 . 2005-01-02 00:10 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\Symantec 2009-05-04 22:03 . 2005-01-01 23:55 -------- d-----w c:\windows\system32\config\systemprofile\WINDOWS 2009-05-04 22:03 . 2009-05-05 06:48 -------- d--h--r c:\windows\system32\config\systemprofile\Onlangs geopend 2009-05-04 22:02 . 2009-05-04 22:02 -------- d-----w c:\windows\system32\RTCOM 2009-05-04 21:39 . 2009-05-04 21:39 -------- d--h--r c:\documents and settings\Compaq_Eigenaar\Onlangs geopend 2009-05-04 18:59 . 2009-05-04 19:00 -------- d-----w C:\349e7029c50c4a9f65068d8140 2009-05-04 15:51 . 2009-05-04 15:51 -------- d-----w c:\documents and settings\All Users\Application Data\PopCap 2009-05-04 10:57 . 2009-05-04 10:57 -------- d-----w c:\program files\Common Files\xing shared 2009-04-22 16:28 . 2009-04-22 16:28 -------- d-----w c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\Stardock 2009-04-20 14:24 . 2009-05-04 10:57 -------- d-----w c:\program files\Real 2009-04-20 14:24 . 2009-05-04 10:57 -------- d-----w c:\program files\Common Files\Real 2009-04-16 19:28 . 2009-04-16 19:32 -------- d-----w c:\program files\iPod Copy Master 2009-04-16 19:20 . 2009-04-16 19:23 -------- d-----w c:\program files\iPodRobot 2009-04-16 19:16 . 2009-04-16 19:16 -------- d-----w c:\documents and settings\All Users\Application Data\TEMP 2009-04-16 19:15 . 2009-04-16 19:20 -------- d-----w c:\documents and settings\Compaq_Eigenaar\Application Data\iPod Copy Expert 2009-04-16 19:14 . 2009-04-16 19:14 -------- d-----w c:\program files\Common Files\eSellerate 2009-04-14 18:44 . 2008-08-04 14:22 111632 ----a-w c:\windows\VX3000.dll 2009-04-14 18:44 . 2008-08-04 14:22 218128 ----a-w c:\windows\vVX3000.dll 2009-04-14 18:44 . 2008-08-04 14:22 721936 ----a-w c:\windows\vVX3000.exe 2009-04-14 18:43 . 2009-04-14 18:44 -------- d-----w c:\program files\Microsoft LifeCam 2009-04-13 20:30 . 2009-04-13 20:30 -------- d-----w c:\program files\Microsoft Works 2009-04-13 20:26 . 2009-04-13 20:26 -------- d-----w c:\program files\Microsoft Visual Studio 8 2009-04-13 19:45 . 2009-04-13 19:45 -------- d-----w c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\Microsoft Help 2009-04-13 19:44 . 2009-04-30 00:23 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-04-12 22:43 . 2009-04-12 22:43 -------- d-----w c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\PunkBuster 2009-04-12 22:35 . 2009-05-03 23:07 -------- d-----w c:\documents and settings\All Users\Application Data\America's Army Deploy Client 2009-04-12 22:29 . 2009-04-30 00:23 429464 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-04-12 22:29 . 2009-04-13 20:30 -------- d-----w c:\program files\MSBuild 2009-04-12 22:29 . 2009-04-12 22:29 -------- d-----w c:\program files\Reference Assemblies 2009-04-12 22:28 . 2009-04-12 22:29 -------- d-----w C:\ee082298046389de8242223fe6af2e 2009-04-12 20:51 . 2009-05-03 23:17 -------- d-----w c:\program files\America's Army 2009-04-08 19:57 . 2009-04-08 19:57 -------- d-----w c:\program files\Common Files\Logitech 2009-04-08 19:57 . 2009-04-08 19:57 -------- d-----w c:\program files\Logitech 2009-04-07 16:39 . 2009-04-07 16:39 -------- d-----w c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\Hyves 2009-04-05 12:38 . 2009-04-05 12:38 -------- d-----w c:\program files\MSECache . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-05 10:53 . 2005-01-02 00:10 -------- d-----w c:\program files\Common Files\Symantec Shared 2009-05-05 00:57 . 2009-05-04 22:09 13400 ----a-w c:\documents and settings\Compaq_Eigenaar.MARK\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-05 00:47 . 2009-05-04 22:14 -------- d-----w c:\program files\MSN Messenger 2009-05-04 23:40 . 2008-12-23 23:16 -------- d-----w c:\program files\PokerStars 2009-05-04 22:27 . 2004-12-03 17:15 70546 ----a-w c:\windows\system32\perfc013.dat 2009-05-04 22:27 . 2004-12-03 17:15 443836 ----a-w c:\windows\system32\perfh013.dat 2009-05-04 22:05 . 2009-05-04 22:05 1919 --sha-r c:\windows\system32\drivers\103C_HP_CPC_PX711AA-ABH SR1449NL NL520_YC_0Pres_QCZB524_E52NLheRET2_47_IPuffer2_SASUSTeK Computer INC._V1.xx_B3.21_T050429_WXH2_L413_M1024_J250_7Intel_8Pentium 4_93.2_#050730_N10EC8139_Z11C1048C_G10DE0141.MRK 2009-05-04 22:02 . 2008-12-22 11:22 -------- d---a-w c:\program files\Common Files\LightScribe 2009-05-03 23:21 . 2009-03-04 19:28 -------- d-----w c:\program files\QO Labs 2009-05-03 23:19 . 2009-01-12 15:09 -------- d-----w c:\program files\Common Files\Apple 2009-05-03 23:04 . 2008-12-23 18:53 -------- d-----w c:\program files\BitComet 2009-04-29 23:03 . 2009-03-31 13:39 -------- d-----w c:\program files\Windows Live Safety Center 2009-04-26 09:07 . 2009-01-29 09:11 -------- d-----w c:\program files\DAEMON Tools Toolbar 2009-04-26 09:05 . 2009-01-27 13:28 -------- d-----w c:\program files\BlueVoda Website Builder 2009-04-26 09:05 . 2009-01-27 13:31 -------- d-----w c:\program files\AAALOGO2008 2009-04-26 08:53 . 2009-01-03 00:05 -------- d-----w c:\program files\Styler 2009-04-21 20:45 . 2009-01-12 17:14 -------- d-----w c:\program files\VirtualDJ 2009-04-17 05:43 . 2009-03-05 08:30 -------- d-----w c:\program files\Windows Desktop Search 2009-04-16 19:51 . 2009-01-31 16:55 -------- d-----w c:\program files\VSO 2009-04-16 19:51 . 2009-01-31 16:55 47360 ----a-w c:\documents and settings\Compaq_Eigenaar\Application Data\pcouffin.sys 2009-04-16 19:50 . 2008-12-23 19:42 -------- d-----w c:\program files\DVDVideoSoft 2009-04-16 19:50 . 2008-12-23 19:42 -------- d-----w c:\program files\Common Files\DVDVideoSoft 2009-04-16 19:47 . 2009-01-02 16:00 -------- d-----w c:\program files\Opera 2009-04-16 19:46 . 2009-01-11 11:33 -------- d-----w c:\program files\Tournament Indicator 2009-04-13 22:54 . 2008-12-22 11:26 70888 ----a-w c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-05 10:32 . 2008-12-22 11:23 138 ----a-w c:\documents and settings\Compaq_Eigenaar\Local Settings\Application Data\fusioncache.dat 2009-03-13 13:48 . 2009-03-13 13:48 2 ----a-w C:\versioninfo.dat 2009-03-12 21:36 . 2009-03-12 21:36 -------- d-----w c:\program files\Common Files\INCA Shared 2009-03-08 02:34 . 2004-08-04 12:00 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 02:34 . 2004-08-04 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 02:33 . 2004-08-04 12:00 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 02:33 . 2004-08-04 12:00 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 02:32 . 2004-08-04 12:00 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 02:32 . 2004-08-04 12:00 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 02:31 . 2004-08-04 12:00 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 02:31 . 2004-08-04 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 02:31 . 2004-08-04 12:00 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 02:22 . 2004-08-04 12:00 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-04 19:28 . 2009-03-04 19:28 356352 ----a-w c:\windows\eSellerateEngine.dll 2009-02-06 16:52 . 2009-02-06 16:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2008-06-30 12:44 . 2009-01-29 09:09 324976 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-04 39408] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2005-01-01 32881] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-29 4603904] "KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-10-13 278528] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-09-14 58488] "URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2004-08-31 33936] "PS2"="c:\windows\system32\ps2.exe" [2003-09-12 98304] "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-14 663552] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-04 198160] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-01-01 98304] "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" - c:\windows\system32\Hdaudpropshortcut.exe [2004-03-17 61952] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2004-09-29 921600] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363] "SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-02-21 90112] "AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2005-02-18 2754560] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;c:\windows\system32\DRIVERS\PCTELSAP.SYS [2004-11-30 306560] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-02-07 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2005-01-02 c:\windows\Tasks\Symantec NetDetect.job - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2005-01-02 17:27] 2009-05-05 c:\windows\Tasks\User_Feed_Synchronization-{FBFE7C7D-E07C-4E46-B666-BC77D31D33E9}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Bijkomende Scan ------- . uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=presario&pf=desktop mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=presario&pf=desktop uSearchURL,(Default) = hxxp://www.google.com/search?q=%s Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-05 13:00 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . Voltooingstijd: 2009-05-05 13:01 ComboFix-quarantined-files.txt 2009-05-05 11:01 Pre-Run: 129.282.080.768 bytes beschikbaar Post-Run: 129.445.490.688 bytes beschikbaar 207