ComboFix 09-06-08.05 - Rianne 09-06-2009 17:28.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1015.558 [GMT 2:00] Gestart vanuit: c:\documents and settings\Rianne\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-09 to 2009-06-09 )))))))))))))))))))))))))))))) . 2009-06-09 15:12 . 2009-06-09 15:12 -------- d-----w- c:\program files\XLAB ISL Boot 2009-06-09 15:01 . 2009-06-09 15:01 -------- d-----w- c:\documents and settings\Rianne\Local Settings\Application Data\PC_Drivers_Headquarters 2009-06-09 15:00 . 2009-06-09 15:00 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters 2009-06-09 15:00 . 2009-06-09 15:00 -------- d-----w- c:\program files\PC Drivers HeadQuarters 2009-06-09 13:52 . 2009-06-09 13:52 -------- d-----w- c:\windows\LastGood 2009-06-09 13:29 . 2009-06-09 13:29 -------- d-----w- c:\documents and settings\Rianne\Application Data\Malwarebytes 2009-06-09 13:29 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-09 13:29 . 2009-06-09 13:29 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes 2009-06-09 13:29 . 2009-06-09 13:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-09 13:29 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-09 11:55 . 2009-06-09 11:55 -------- d-----w- c:\program files\Trend Micro 2009-06-09 09:27 . 2009-06-09 09:27 604416 ----a-w- c:\windows\system32\TUProgSt.exe 2009-06-09 09:27 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll 2009-06-09 09:27 . 2009-06-09 09:27 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2009-06-09 09:27 . 2009-06-09 09:27 -------- d-----w- c:\documents and settings\Rianne\Application Data\TuneUp Software 2009-06-09 09:26 . 2009-06-09 09:26 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software 2009-06-09 09:26 . 2009-06-09 09:27 -------- d-----w- c:\program files\TuneUp Utilities 2009 2009-06-09 09:24 . 2009-06-09 09:24 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-06-09 08:45 . 2009-06-09 09:10 -------- d-----w- c:\documents and settings\Rianne\Contacts 2009-06-08 23:16 . 2009-06-09 13:37 -------- d-----w- c:\program files\Fighters 2009-06-08 23:16 . 2009-06-08 23:16 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Fighters 2009-06-08 23:06 . 2009-06-08 23:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS\AVP 2009 2009-06-08 22:42 . 2009-06-08 22:42 -------- d-----w- c:\documents and settings\Rianne\Application Data\YPR Software 2009-06-08 22:41 . 2009-06-08 22:41 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY.001\IETldCache 2009-06-08 22:31 . 2009-06-09 10:32 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP 2009-06-08 22:14 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys 2009-06-08 22:13 . 2008-04-14 00:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-06-08 22:13 . 2008-04-14 22:04 58112 ----a-w- c:\windows\system32\drivers\redbook.sys 2009-06-08 22:12 . 2008-04-14 20:32 76288 -c--a-w- c:\windows\system32\dllcache\usbui.dll 2009-06-08 22:12 . 2008-04-14 20:32 76288 ----a-w- c:\windows\system32\usbui.dll 2009-06-08 22:09 . 2009-06-08 23:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS 2009-06-08 22:09 . 2009-06-09 15:26 -------- d--h--w- c:\documents and settings\Default User.WINDOWS 2009-06-08 21:48 . 2009-06-08 21:49 1915520 ----a-w- c:\documents and settings\Rianne\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2009-06-08 21:38 . 2009-06-08 21:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Zylom 2009-06-08 21:31 . 2009-06-08 21:31 -------- d-----w- c:\documents and settings\Rianne\Local Settings\Application Data\Google 2009-06-08 21:29 . 2009-06-08 21:29 -------- d-sh--w- c:\documents and settings\Rianne\IECompatCache 2009-06-08 21:28 . 2009-06-08 21:28 -------- d-sh--w- c:\documents and settings\Rianne\PrivacIE 2009-06-08 21:26 . 2009-06-08 21:26 -------- d-sh--w- c:\documents and settings\Rianne\IETldCache 2009-06-08 21:16 . 2009-06-08 21:19 -------- dc-h--w- c:\windows\ie8 2009-06-08 21:04 . 2009-02-09 11:27 2193408 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-06-08 21:04 . 2009-02-09 11:27 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-06-08 21:04 . 2009-02-09 11:27 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-06-08 21:00 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-06-08 20:58 . 2008-06-14 17:36 272640 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-06-08 20:58 . 2008-06-14 17:36 272640 ------w- c:\windows\system32\drivers\bthport.sys 2009-06-08 20:56 . 2009-06-08 20:56 -------- d--h--w- C:\$AVG8.VAULT$ 2009-06-08 20:49 . 2009-06-08 20:49 -------- d-----w- c:\documents and settings\Rianne\Local Settings\Application Data\Identities 2009-06-08 20:46 . 2009-06-08 20:46 12328 ----a-w- c:\documents and settings\Rianne\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-08 20:45 . 2009-06-08 20:45 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-08 20:45 . 2009-06-08 20:45 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-06-08 20:45 . 2009-06-08 20:45 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-06-08 20:45 . 2009-06-08 20:45 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-08 20:45 . 2009-06-09 08:42 -------- d-----w- c:\windows\system32\drivers\Avg 2009-06-08 20:45 . 2009-06-08 21:24 -------- d-----w- c:\documents and settings\Rianne\Application Data\AVGTOOLBAR 2009-06-08 20:45 . 2009-06-08 20:45 -------- d-----w- c:\program files\AVG 2009-06-08 20:45 . 2009-06-08 20:45 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\avg8 2009-06-08 20:44 . 2009-01-07 16:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2009-06-08 20:42 . 2009-06-08 20:42 -------- d-sh--w- c:\documents and settings\Rianne\UserData 2009-06-08 20:38 . 2009-06-08 20:38 -------- d-----w- c:\program files\Atheros Communications Inc 2009-06-08 20:37 . 2006-10-18 19:12 12664 ----a-r- c:\windows\system32\drivers\AsIO.sys 2009-06-08 20:37 . 2006-01-10 08:50 24576 ----a-r- c:\windows\system32\AsIO.dll 2009-06-08 20:37 . 2006-10-19 01:11 12096 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys 2009-06-08 20:37 . 2006-10-19 01:11 10304 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys 2009-06-08 20:37 . 2007-10-17 12:12 30720 ----a-r- c:\windows\system32\drivers\l251x86.sys 2009-06-08 20:34 . 2008-04-14 20:32 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll 2009-06-08 20:33 . 2007-10-29 23:43 188416 ----a-r- c:\windows\system32\igfxres.dll 2009-06-08 20:31 . 2009-06-08 20:31 -------- d-----w- c:\windows\system32\Lang 2009-06-08 20:31 . 2007-11-08 07:56 920088 ----a-r- c:\windows\system32\igxpun.exe 2009-06-08 20:31 . 2006-11-10 00:25 319456 ----a-r- c:\windows\system32\difxapi.dll 2009-06-08 20:30 . 2004-08-13 02:56 5810 ----a-r- c:\windows\system32\drivers\ASACPI.sys 2009-06-08 20:29 . 2007-08-01 03:39 12536 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS 2009-06-08 20:25 . 2009-06-08 20:44 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.001\Local Settings\Application Data\Microsoft 2009-06-08 20:25 . 2009-06-08 22:41 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY.001 2009-06-08 20:24 . 2009-06-08 20:44 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY.001\Local Settings\Application Data\Microsoft 2009-06-08 20:24 . 2009-06-08 20:24 -------- d-sh--w- c:\documents and settings\NetworkService.NT AUTHORITY.001 2009-06-08 20:22 . 2008-04-15 12:00 80896 -c--a-w- c:\windows\system32\dllcache\rwia330.dll 2009-06-08 20:21 . 2008-04-15 12:00 36864 -c--a-w- c:\windows\system32\dllcache\hanjadic.dll 2009-06-08 20:20 . 2009-06-08 20:20 -------- d-----w- c:\documents and settings\Default User.WINDOWS\Local Settings\Application Data\Microsoft 2009-06-08 20:19 . 2009-06-08 20:20 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\DRM 2009-06-08 20:17 . 2008-04-15 12:00 5632 -c--a-w- c:\windows\system32\dllcache\write.exe 2009-06-08 20:17 . 2008-04-15 12:00 5632 ----a-w- c:\windows\system32\write.exe 2009-06-08 20:17 . 2008-04-15 12:00 73216 -c--a-w- c:\windows\system32\dllcache\avwav.dll 2009-06-08 20:17 . 2008-04-15 12:00 73216 ----a-w- c:\windows\system32\avwav.dll 2009-06-08 20:17 . 2008-04-15 12:00 44544 ----a-w- c:\windows\system32\hticons.dll 2009-06-08 20:17 . 2008-04-15 12:00 35840 -c--a-w- c:\windows\system32\dllcache\winchat.exe 2009-06-08 20:17 . 2008-04-15 12:00 35840 ----a-w- c:\windows\system32\winchat.exe 2009-06-08 20:17 . 2008-04-15 12:00 233472 -c--a-w- c:\windows\system32\dllcache\avtapi.dll 2009-06-08 20:17 . 2008-04-15 12:00 233472 ----a-w- c:\windows\system32\avtapi.dll 2009-06-08 20:17 . 2008-04-15 12:00 16384 -c--a-w- c:\windows\system32\dllcache\avmeter.dll 2009-06-08 20:17 . 2008-04-15 12:00 16384 ----a-w- c:\windows\system32\avmeter.dll 2009-06-08 20:17 . 2008-04-15 12:00 139264 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe 2009-06-08 20:17 . 2008-04-15 12:00 139264 ----a-w- c:\windows\system32\sndvol32.exe 2009-06-08 19:16 . 2009-06-08 19:53 -------- d--h--r- c:\documents and settings\Rian\Onlangs geopend 2009-06-08 18:55 . 2009-06-08 18:55 -------- d-----w- C:\Lokaal station (C) 2009-06-08 17:27 . 2009-06-08 17:27 -------- d-----w- c:\program files\Enigma Software Group 2009-06-08 08:02 . 2009-06-08 08:02 -------- d-----w- c:\program files\Hitman Pro 3.5 2009-06-08 00:33 . 2009-06-02 13:00 3007352 ----a-w- c:\documents and settings\Rian\Application Data\Simply Super Software\Trojan Remover\sco1FC.exe 2009-06-08 00:32 . 2009-06-08 00:32 -------- d-----w- c:\documents and settings\Rian\Application Data\Simply Super Software 2009-06-07 20:52 . 2009-06-07 23:35 -------- d-----w- c:\program files\Common Files\Logitech 2009-06-07 20:43 . 2009-06-07 20:44 -------- d-----w- c:\documents and settings\Rian\Application Data\Corel 2009-06-07 20:41 . 2009-06-07 20:41 10134 ----a-r- c:\documents and settings\Rian\Application Data\Microsoft\Installer\{12665B01-3F3A-4433-B179-9D8E352D7547}\ARPPRODUCTICON.exe 2009-06-07 20:19 . 2009-06-07 20:19 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Bureaublad 2009-06-07 19:52 . 2009-06-07 19:52 -------- d-----w- c:\documents and settings\Rian\Application Data\ArcSoft 2009-06-07 19:48 . 2009-06-08 18:48 -------- d-----w- c:\documents and settings\Rian\Local Settings\Application Data\Adobe 2009-06-07 19:40 . 2009-06-07 19:40 -------- d-----w- c:\program files\Common Files\ArcSoft 2009-06-07 19:04 . 2009-06-08 20:37 -------- d-----w- c:\program files\ASUS 2009-06-07 17:54 . 2009-06-07 19:10 -------- d-----w- c:\documents and settings\Rian\Contacts 2009-06-07 16:49 . 2009-06-08 22:03 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-06-07 16:47 . 2009-06-07 16:47 -------- d-sh--w- c:\documents and settings\Rian\IECompatCache 2009-06-07 16:45 . 2009-06-07 16:45 -------- d-sh--w- c:\documents and settings\Rian\PrivacIE 2009-06-07 16:43 . 2009-06-07 16:43 -------- d-sh--w- c:\documents and settings\Rian\IETldCache 2009-06-07 16:01 . 2009-06-08 18:51 -------- d-----w- c:\documents and settings\Rian\Local Settings\Application Data\Google 2009-06-07 15:35 . 2009-06-07 15:35 -------- d-sh--w- c:\documents and settings\Rian\UserData 2009-06-07 14:57 . 2009-06-07 14:57 12328 ----a-w- c:\documents and settings\Rian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-06-07 14:48 . 2009-06-07 14:48 -------- d-----w- c:\documents and settings\Rian\Local Settings\Application Data\Identities 2009-06-07 13:08 . 2009-06-07 20:11 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Local Settings\Application Data\Microsoft 2009-06-03 14:12 . 2009-06-03 16:40 -------- d-----w- c:\program files\Common Files\Nero 2009-06-03 12:02 . 2009-06-03 14:57 -------- d-----w- c:\program files\IrfanView 2009-06-03 12:00 . 2009-06-08 19:34 -------- d-----w- C:\Download 2009-05-29 18:10 . 2009-05-31 08:59 -------- d-----w- c:\program files\BitWise 2009-05-27 21:47 . 2009-05-27 21:47 -------- d-----w- C:\CIO Spaces 2009-05-27 21:04 . 2009-05-27 21:43 -------- d-----w- C:\CTemp 2009-05-27 20:59 . 2009-05-28 19:09 -------- d-----w- c:\program files\ChatItOut 2009-05-24 21:47 . 2009-05-24 21:48 -------- d-----w- C:\473d10c2f4907324814d1dd26fafe3c2 2009-05-22 10:06 . 2008-04-15 12:00 26624 ----a-w- c:\documents and settings\LocalService.NT AUTHORITY\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-09 14:58 . 2008-04-15 12:00 76816 ----a-w- c:\windows\system32\perfc013.dat 2009-06-09 14:58 . 2008-04-15 12:00 455928 ----a-w- c:\windows\system32\perfh013.dat 2009-06-09 13:52 . 2008-07-25 10:39 -------- d-----w- c:\program files\Windows Live Safety Center 2009-06-08 21:40 . 2009-03-09 20:17 -------- d-----w- c:\program files\MSN Messenger 2009-06-08 21:31 . 2008-07-24 19:46 -------- d-----w- c:\program files\Google 2009-06-08 20:38 . 2008-07-14 12:58 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-08 20:37 . 2008-07-14 12:48 -------- d-----w- c:\program files\Common Files\InstallShield 2009-06-08 20:34 . 2009-06-08 20:34 315392 ----a-w- c:\windows\HideWin.exe 2009-06-08 20:20 . 2009-06-08 20:20 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-06-08 20:18 . 2009-06-08 20:18 21748 ----a-w- c:\windows\system32\emptyregdb.dat 2009-06-08 19:09 . 2008-07-25 12:44 -------- d-----w- c:\program files\Trust 2009-06-08 00:24 . 2009-01-26 20:13 -------- d-----w- c:\program files\Lavasoft 2009-06-07 19:59 . 2008-08-13 11:27 -------- d-----w- c:\program files\NOS 2009-06-03 14:42 . 2008-07-14 13:00 -------- d-----w- c:\program files\Nero 2009-05-13 11:03 . 2008-07-25 12:57 -------- d-----w- c:\program files\Hewlett-Packard 2009-05-05 09:29 . 2009-05-03 21:01 -------- d-----w- c:\program files\Stone-Jong 2009-04-26 12:37 . 2008-07-30 08:56 -------- d-----w- c:\program files\Microsoft Works 2009-04-23 20:09 . 2009-04-23 20:09 -------- d-----w- c:\program files\Java . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360] "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-08 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-08 1947928] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-08 68592] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-10-25 16855552] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-10-11 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-06-08 20:45 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8-6-2009 22:45 325896] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8-6-2009 22:45 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8-6-2009 22:45 908568] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8-6-2009 22:45 298776] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [9-6-2009 11:27 604416] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [9-6-2009 15:29 40160] --- Andere Services/Drivers In Geheugen --- *NewlyCreated* - CLR_OPTIMIZATION_V2.0.50727_32 *NewlyCreated* - MBAMSWISSARMY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Inhoud van de 'Gedeelde Taken' map 2009-06-09 c:\windows\Tasks\1-klik Onderhoud.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:51] 2009-06-09 c:\windows\Tasks\User_Feed_Synchronization-{68BD58A0-D37C-4336-A35C-DA693A9679C4}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . - - - - ORPHANS VERWIJDERD - - - - SafeBoot-procexp90.Sys . ------- Bijkomende Scan ------- . Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game10.zylom.com/activex/zylomgamesplayer.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-09 17:29 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3452) c:\windows\system32\ieframe.dll c:\program files\Google\Quick Search Box\bin\1.1.1038.9122\qsb.dll c:\windows\system32\webcheck.dll . Voltooingstijd: 2009-06-09 17:30 ComboFix-quarantined-files.txt 2009-06-09 15:30 Pre-Run: 149.165.670.400 bytes beschikbaar Post-Run: 149.356.154.880 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 239