ComboFix 08-02-25.3 - Hilde 2008-02-26 17:05:38.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.31.1043.18.385 [GMT 1:00] Gestart vanuit: C:\Documents and Settings\Hilde\Local Settings\Temporary Internet Files\Content.IE5\I80FXJVO\ComboFix[1].exe * Nieuw herstelpunt werd aangemaakt [color=red][b]WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !![/b][/color] . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\ikrlhxef.ini C:\WINDOWS\system32\ilnmp.ini C:\WINDOWS\system32\ilnmp.ini2 C:\WINDOWS\system32\ktwqlapi.ini C:\WINDOWS\system32\lbaekcwm.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mvhfpvsm.ini C:\WINDOWS\system32\nfvcxqog.ini C:\WINDOWS\system32\wxmmin.dll C:\WINDOWS\system32\wybeg.ini C:\WINDOWS\system32\wybeg.ini2 C:\WINDOWS\system32\xqagxzxz.dllbox . (((((((((((((((((((( Bestanden Gemaakt van 2008-01-26 to 2008-02-26 )))))))))))))))))))))))))))))) . 2008-02-26 16:53 . 2008-02-26 16:53 22 --a------ C:\WINDOWS\pskt.ini 2008-02-26 16:48 . 2008-02-26 16:48 d--hs---- C:\found.000 2008-02-24 23:17 . 2008-02-24 23:17 d-------- C:\Program Files\Xilisoft 2008-02-24 23:17 . 2008-02-24 23:17 d-------- C:\Program Files\PQDVD 2008-02-24 23:08 . 2008-02-24 23:08 d-------- C:\WINDOWS\system32\RMBin 2008-02-24 23:08 . 2008-02-24 23:08 d-------- C:\Program Files\BPS 2008-02-24 23:08 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll 2008-02-24 23:08 . 2001-05-16 17:54 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll 2008-02-24 23:08 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax 2008-02-24 23:08 . 2004-03-19 03:00 33,280 --a------ C:\WINDOWS\is-K0CMI.exe 2008-02-24 23:08 . 2008-02-24 23:08 763 --a------ C:\WINDOWS\is-K0CMI.lst 2008-02-22 18:18 . 2008-02-22 18:19 d-------- C:\Program Files\Video Converter Plus 2008-02-22 18:16 . 2008-02-22 18:16 125 --a------ C:\WINDOWS\fd3.INI 2008-02-22 18:15 . 2008-02-22 18:15 d-------- C:\Program Files\Eltima Software 2008-02-22 18:05 . 2008-02-22 18:05 d-------- C:\Program Files\UnH Solutions 2008-02-21 17:16 . 2008-02-21 17:16 d-------- C:\Program Files\EA Games 2008-02-21 13:29 . 2008-02-21 13:29 d-------- C:\Program Files\HandigeBeheerder 2008-02-16 15:54 . 2008-02-16 15:54 d-------- C:\Program Files\BreakPoint Software 2008-02-16 11:33 . 2008-02-16 11:33 d-------- C:\Program Files\Deskshare 2008-02-16 11:33 . 2008-02-16 11:33 d-------- C:\Program Files\Common Files\DeskShare Shared 2008-02-14 18:40 . 2008-02-14 18:40 d-------- C:\Program Files\Lavasoft 2008-02-14 18:40 . 2008-02-14 18:47 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-02-14 18:32 . 2008-02-14 18:32 d-------- C:\Program Files\Spybot - Search & Destroy 2008-02-14 18:32 . 2008-02-14 18:54 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-14 18:29 . 2008-02-14 18:29 d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-02-14 18:29 . 2008-02-14 18:29 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-02-14 18:01 . 2008-02-14 18:01 d-------- C:\Program Files\Trend Micro 2008-02-14 17:02 . 2008-02-26 16:53 d-------- C:\Documents and Settings\Hilde\Application Data\AVG7 2008-02-14 17:01 . 2008-02-14 17:01 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2008-02-14 17:01 . 2008-02-14 17:01 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-02-14 17:01 . 2008-02-15 09:05 d-------- C:\Documents and Settings\All Users\Application Data\avg7 2008-02-13 17:47 . 2008-02-13 17:47 d-------- C:\System32 2008-02-13 13:04 . 2008-02-23 13:03 d-------- C:\Program Files\MalwareAlarm 2008-02-11 17:03 . 2008-02-11 17:03 d-------- C:\Documents and Settings\Hilde\Application Data\schijfbewaker 2008-02-11 16:50 . 2008-02-11 16:50 dr------- C:\Documents and Settings\All Users\Application Data\schijfbewaker 2008-02-11 10:03 . 2008-02-14 17:05 d-------- C:\Program Files\SchijfBewaker 2008-02-11 10:03 . 2008-02-23 10:50 d-------- C:\Program Files\Common Files\SchijfBewaker 2008-02-10 18:36 . 2008-02-10 18:36 d-------- C:\Documents and Settings\Hilde\Application Data\NoCompromaat 2008-02-10 18:16 . 2008-02-10 18:36 d-------- C:\Program Files\NoCompromaat 2008-02-10 18:16 . 2008-02-10 18:16 d-------- C:\Program Files\Common Files\NoCompromaat 2008-02-10 18:16 . 2008-02-10 18:16 d-------- C:\Documents and Settings\All Users\Application Data\NoCompromaat 2008-02-10 18:16 . 2007-02-13 08:09 388,126 --a------ C:\WINDOWS\system32\sqlite3.dll 2008-02-09 10:39 . 2008-02-09 10:39 d-------- C:\Program Files\iPod 2008-02-09 09:39 . 2008-02-09 09:39 d-------- C:\Program Files\DVDVideoSoft 2008-02-09 09:39 . 2008-02-09 09:39 d-------- C:\Program Files\Common Files\DVDVideoSoft 2008-02-05 20:04 . 2008-02-26 17:17 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-05 20:04 . 2008-02-05 20:04 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx 2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts 2008-01-30 19:15 . 2008-01-30 19:16 d-------- C:\Program Files\BearShare Applications 2008-01-30 19:15 . 2008-02-21 18:19 d-------- C:\Documents and Settings\Hilde\Application Data\BearShare 2008-01-30 19:15 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2008-01-30 15:53 . 2008-01-30 18:01 d-------- C:\Program Files\UnderCoverXP 2008-01-30 15:48 . 2008-01-30 15:48 d-------- C:\Program Files\AnalogX 2008-01-30 15:32 . 2008-01-30 15:32 d-------- C:\Program Files\Chami 2008-01-30 14:41 . 2008-01-30 14:41 d-------- C:\Program Files\Yahoo! 2008-01-30 14:37 . 2008-01-30 14:37 d-------- C:\Program Files\MWSnap 2008-01-30 14:36 . 2008-01-30 14:36 d-------- C:\Documents and Settings\Hilde\Application Data\Leadertech 2008-01-30 14:08 . 2008-01-31 16:51 d-------- C:\WINDOWS\system32\dla 2008-01-30 14:08 . 2008-01-30 14:08 d-------- C:\Program Files\Sonic 2008-01-30 14:08 . 2008-01-30 14:08 d-------- C:\Program Files\Common Files\SureThing Shared 2008-01-30 14:08 . 2008-01-30 14:08 d-------- C:\Program Files\Common Files\Sonic 2008-01-30 14:08 . 2008-01-30 14:08 d-------- C:\Documents and Settings\Hilde\Application Data\Sonic 2008-01-30 14:08 . 2004-03-10 01:04 98,352 --a------ C:\WINDOWS\dla.exe 2008-01-30 14:08 . 2004-02-19 03:21 86,064 --a------ C:\WINDOWS\system32\drivers\drvmcdb.sys 2008-01-30 14:08 . 2004-03-10 01:04 61,492 --a------ C:\WINDOWS\system32\tfswapi.dll 2008-01-30 14:08 . 2003-11-13 02:56 40,448 --a------ C:\WINDOWS\system32\drivers\drvnddm.sys 2008-01-30 14:08 . 2003-11-13 11:47 23,219 --a------ C:\WINDOWS\system32\drivers\ssrtln.sys 2008-01-30 14:08 . 2003-11-13 11:47 5,621 --a------ C:\WINDOWS\system32\drivers\sscdbhk5.sys 2008-01-30 14:08 . 2008-01-30 14:08 138 --a------ C:\WINDOWS\wininit.ini 2008-01-29 17:21 . 2008-01-29 17:21 393 --a------ C:\WINDOWS\TrueTerm.INI 2008-01-29 17:18 . 2008-01-29 17:18 d-------- C:\Program Files\TrueTerm PC 2008-01-28 11:47 . 1995-11-08 11:06 151,552 --------- C:\WINDOWS\crllyrnt.dll 2008-01-28 11:47 . 1995-05-19 14:49 133,904 --------- C:\WINDOWS\system32\mfcans32.dll 2008-01-28 11:47 . 1995-05-22 14:05 108,032 --------- C:\WINDOWS\system32\mfcuia32.dll 2008-01-28 11:47 . 1995-11-07 08:57 6,144 --------- C:\WINDOWS\system32\drivers\crlscsi.sys 2008-01-28 11:46 . 2008-01-28 11:48 d-------- C:\WINDOWS\COREL 2008-01-28 11:46 . 2008-01-28 11:48 d-------- C:\PrintHse 2008-01-28 11:45 . 2008-01-28 11:48 d-------- C:\WINDOWS\~CORELPH 2008-01-28 11:45 . 1995-05-19 13:49 133,904 --a------ C:\WINDOWS\system\MFCANS32.DLL 2008-01-28 11:45 . 1993-11-23 05:53 28,672 --a------ C:\WINDOWS\system\CTL3D32.DLL 2008-01-27 15:18 . 2008-02-24 22:22 d-------- C:\Program Files\FDRLab 2008-01-27 13:29 . 2008-01-27 13:29 d-------- C:\Program Files\HyCam2 2008-01-27 09:25 . 2008-01-27 09:26 148 --a------ C:\tempdel.bat 2008-01-26 19:41 . 2008-01-26 19:41 d-------- C:\ProgramData . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-26 16:18 --------- d-----w C:\Documents and Settings\Hilde\Application Data\Skype 2008-02-26 16:14 --------- d-----w C:\Documents and Settings\Hilde\Application Data\WTablet 2008-02-26 16:13 247,556 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-02-26 16:13 19,769,376 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-02-26 16:13 117,428 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-02-26 16:13 1,255,456 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-02-26 15:54 --------- d-----w C:\Documents and Settings\Hilde\Application Data\skypePM 2008-02-25 20:19 3,689,472 ----a-w C:\WINDOWS\Internet Logs\xDB2E.tmp 2008-02-25 13:34 3,688,960 ----a-w C:\WINDOWS\Internet Logs\xDB2D.tmp 2008-02-24 21:18 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-24 11:35 3,652,096 ----a-w C:\WINDOWS\Internet Logs\xDB2C.tmp 2008-02-23 11:31 512 ----a-w C:\ScanSectorLog.dat 2008-02-23 09:54 --------- d-----w C:\Documents and Settings\Hilde\Application Data\LimeWire 2008-02-21 16:16 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-20 09:22 3,604,992 ----a-w C:\WINDOWS\Internet Logs\xDB2B.tmp 2008-02-15 17:34 3,613,696 ----a-w C:\WINDOWS\Internet Logs\xDB2A.tmp 2008-02-15 15:58 3,592,192 ----a-w C:\WINDOWS\Internet Logs\xDB29.tmp 2008-02-15 10:25 3,591,680 ----a-w C:\WINDOWS\Internet Logs\xDB28.tmp 2008-02-15 07:24 3,443,687 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip 2008-02-14 18:35 57,344 ----a-w C:\WINDOWS\Internet Logs\xDB30.tmp 2008-02-14 18:35 3,603,456 ----a-w C:\WINDOWS\Internet Logs\xDB49.tmp 2008-02-14 18:17 688,128 ----a-w C:\WINDOWS\Internet Logs\xDB26.tmp 2008-02-14 18:17 3,600,896 ----a-w C:\WINDOWS\Internet Logs\xDB27.tmp 2008-02-14 17:39 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-02-14 12:00 3,533,312 ----a-w C:\WINDOWS\Internet Logs\xDB25.tmp 2008-02-13 16:44 3,529,728 ----a-w C:\WINDOWS\Internet Logs\xDB24.tmp 2008-02-13 13:26 3,525,120 ----a-w C:\WINDOWS\Internet Logs\xDB23.tmp 2008-02-13 12:19 3,528,192 ----a-w C:\WINDOWS\Internet Logs\xDB22.tmp 2008-02-12 15:55 3,523,072 ----a-w C:\WINDOWS\Internet Logs\xDB21.tmp 2008-02-12 09:01 3,520,512 ----a-w C:\WINDOWS\Internet Logs\xDB20.tmp 2008-02-12 08:51 3,520,000 ----a-w C:\WINDOWS\Internet Logs\xDB1F.tmp 2008-02-12 08:51 124,416 ----a-w C:\WINDOWS\Internet Logs\xDB1E.tmp 2008-02-11 20:51 3,520,000 ----a-w C:\WINDOWS\Internet Logs\xDB1D.tmp 2008-02-11 19:01 3,519,488 ----a-w C:\WINDOWS\Internet Logs\xDB1C.tmp 2008-02-11 18:56 3,519,488 ----a-w C:\WINDOWS\Internet Logs\xDB1B.tmp 2008-02-11 18:50 3,518,976 ----a-w C:\WINDOWS\Internet Logs\xDB1A.tmp 2008-02-11 15:54 515,072 ----a-w C:\WINDOWS\Internet Logs\xDB18.tmp 2008-02-11 15:54 3,514,368 ----a-w C:\WINDOWS\Internet Logs\xDB19.tmp 2008-02-11 08:29 3,490,816 ----a-w C:\WINDOWS\Internet Logs\xDB17.tmp 2008-02-10 12:04 342,528 ----a-w C:\WINDOWS\Internet Logs\xDB16.tmp 2008-02-09 09:39 --------- d-----w C:\Program Files\iTunes 2008-02-09 09:37 --------- d-----w C:\Program Files\QuickTime 2008-02-09 07:48 --------- d-----w C:\Program Files\Google 2008-02-04 12:30 3,385,856 ----a-w C:\WINDOWS\Internet Logs\xDB15.tmp 2008-02-04 12:30 22,016 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp 2008-02-04 12:15 3,385,856 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp 2008-02-04 12:15 22,016 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp 2008-02-04 10:03 3,385,856 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp 2008-02-04 10:03 20,992 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp 2008-02-04 06:09 3,385,856 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp 2008-02-04 06:09 23,552 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp 2008-02-03 13:16 3,385,856 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp 2008-02-03 13:16 23,040 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp 2008-02-03 13:11 52,736 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp 2008-02-03 13:11 3,385,856 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp 2008-02-01 18:33 2,706,944 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp 2008-01-27 15:47 3,293,696 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp 2008-01-26 21:24 3,275,776 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp 2008-01-26 18:41 --------- d-----w C:\Program Files\Electronic Arts 2008-01-23 15:54 --------- d-----w C:\Program Files\GameSpy 2008-01-23 14:11 --------- d-----w C:\Program Files\Tablet 2008-01-18 18:47 --------- d-----w C:\Program Files\Davilex 2008-01-17 16:53 --------- d-----w C:\Program Files\WMV9_VCM 2008-01-07 09:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-01-04 13:36 --------- d-----w C:\Program Files\Common Files\Adobe 2008-01-04 11:46 3,062,272 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp 2008-01-03 18:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-01-02 19:37 3,031,040 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp 2008-01-02 16:57 4,896 ----a-w C:\WINDOWS\BJA.EXE 2008-01-02 16:56 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE 2008-01-02 16:56 253,952 ------w C:\WINDOWS\Setup1.exe 2008-01-02 15:44 81,920 ----a-w C:\WINDOWS\ALCFDRTM.EXE 2008-01-02 15:28 --------- d-----w C:\Program Files\Java 2008-01-02 15:16 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-01-02 15:16 --------- d-----w C:\Program Files\Realtek 2008-01-02 14:58 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-01-02 14:20 --------- d-----w C:\Program Files\ATI Technologies 2008-01-02 10:01 3,056,128 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-01-02 10:01 2,919,424 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp 2007-12-20 15:47 16,860,672 ----a-w C:\WINDOWS\RTHDCPL.exe 2007-12-15 12:16 643,072 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp 2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2007-12-12 21:23 1,794,560 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp 2007-12-09 15:26 737,280 ----a-w C:\WINDOWS\iun6002.exe 2007-12-07 20:52 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2007-12-05 13:17 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe 2007-12-05 03:05 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll 2007-12-05 03:04 269,312 ----a-w C:\WINDOWS\system32\ati2dvag.dll 2007-12-05 02:56 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll 2007-12-05 02:55 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll 2007-12-05 02:55 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe 2007-12-05 02:55 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll 2007-12-05 02:55 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll 2007-12-05 02:54 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll 2007-12-05 02:53 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL 2007-12-05 02:53 495,616 ----a-w C:\WINDOWS\system32\ati2evxx.exe 2007-12-05 02:48 9,535,488 ----a-w C:\WINDOWS\system32\atioglx2.dll 2007-12-05 02:44 3,175,584 ----a-w C:\WINDOWS\system32\ati3duag.dll 2007-12-05 02:33 1,640,192 ----a-w C:\WINDOWS\system32\ativvaxx.dll 2007-12-05 02:19 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2007-12-02 15:13 394680 --a------ C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7e165032-583a-4f66-8e78-c3541722f84e}] C:\WINDOWS\system32\grvximno.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BA6602B1-A785-4F89-9E08-2B428BB932F8}] C:\WINDOWS\system32\pmnli.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E05E1966-FEA6-4EE9-A050-409AC3064C38}] C:\WINDOWS\system32\gebyw.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 09:27 153136] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-11-12 15:48 21760296] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-26 12:47 68856] "EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2007-12-04 05:57 2494464] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02 919280] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49 49152] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe] "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe] "SoundMan"="SOUNDMAN.EXE" [2006-07-21 16:14 86016 C:\WINDOWS\SoundMan.exe] "AlcWzrd"="ALCWZRD.EXE" [2006-05-04 16:26 2808832 C:\WINDOWS\alcwzrd.exe] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-10 01:04 118837] "UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 14:18 267048] "NoCompromaat"="C:\Program Files\NoCompromaat\GDC.exe" [2007-11-12 11:24 1650688] "SchijfBewaker"="C:\Program Files\SchijfBewaker\SysRep.exe" [2008-01-25 17:06 1526784] "50175143"="C:\WINDOWS\system32\goqxcvfn.dll" [ ] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-14 17:01 579072] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:03 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-14 17:01 219136] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-14 16:55:34 113664] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048] Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-11-30 11:10:00 394856] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnkklk] pmnkklk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xqagxzxz] xqagxzxz.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 ACSSCR;ACR38 Smart Card Reader;C:\WINDOWS\system32\DRIVERS\a38usb.sys [2006-03-24 19:14] R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 10:12] R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 09:30] R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 15:11] S3 XDva032;XDva032;C:\WINDOWS\system32\XDva032.sys [] . Inhoud van de 'Gedeelde Taken' map "2008-01-09 08:44:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-26 17:17:01 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156] -> C:\Program Files\NoCompromaat\secure_del.dll . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\System32\SCardSvr.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\Tablet.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\WINDOWS\system32\Tablet.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\DeskPins\DeskPins.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe . ************************************************************************** . Voltooingstijd: 2008-02-26 17:22:59 - machine was rebooted [Hilde] ComboFix-quarantined-files.txt 2008-02-26 16:22:41 . 2007-12-28 14:27:14 --- E O F ---