ComboFix 11-07-24.03 - Aykut 25-07-2011 0:27.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.503.206 [GMT 2:00] Gestart vanuit: c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . FILE :: "c:\windows\system32\SET15.tmp" . . (((((((((((((((((((( Bestanden Gemaakt van 2011-06-24 to 2011-07-24 )))))))))))))))))))))))))))))) . . 2011-07-24 16:36 . 2011-07-24 16:36 -------- d-----w- c:\windows\LastGood 2011-07-24 15:15 . 2011-07-24 22:14 -------- d--h--r- c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Onlangs geopend 2011-07-23 17:38 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-07-22 12:49 . 2011-07-22 12:49 -------- d-----w- c:\windows\l2schemas 2011-07-22 12:49 . 2011-07-22 12:54 -------- d-----w- c:\windows\system32\nl 2011-07-22 11:11 . 2010-05-06 10:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-07-22 11:07 . 2011-07-22 11:10 -------- dc-h--w- c:\windows\ie8 2011-07-21 13:19 . 2011-07-21 13:19 388096 ----a-r- c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-07-21 13:19 . 2011-07-21 13:19 -------- d-----w- c:\program files\Trend Micro 2011-07-20 20:38 . 2011-07-20 20:38 -------- d-----w- c:\program files\Common Files\Java 2011-07-20 20:27 . 2011-05-04 00:25 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-07-20 18:28 . 2011-07-20 18:28 -------- d-----w- C:\$AVG 2011-07-20 16:31 . 2011-07-20 16:31 -------- d-----w- c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\AVG10 2011-07-20 16:23 . 2011-07-20 16:23 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2011-07-20 16:08 . 2011-07-24 14:47 -------- d-----w- c:\windows\system32\drivers\AVG 2011-07-20 16:08 . 2011-07-20 16:25 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10 2011-07-20 15:57 . 2011-07-20 15:57 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files 2011-07-20 15:35 . 2011-07-20 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2011-07-20 14:43 . 2008-04-14 17:02 69120 ------w- c:\windows\system32\wlanapi.dll 2011-07-20 14:43 . 2004-08-03 20:29 25471 ------w- c:\windows\system32\drivers\watv10nt.sys 2011-07-20 14:43 . 2004-08-03 20:29 22271 ------w- c:\windows\system32\drivers\watv06nt.sys 2011-07-20 14:43 . 2008-04-13 18:43 14208 ------w- c:\windows\system32\drivers\wacompen.sys 2011-07-20 14:43 . 2004-08-03 20:29 11935 ------w- c:\windows\system32\drivers\wadv11nt.sys 2011-07-20 14:43 . 2004-08-03 20:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys 2011-07-20 14:43 . 2004-08-03 20:29 11807 ------w- c:\windows\system32\drivers\wadv07nt.sys 2011-07-20 14:43 . 2004-08-03 20:29 11295 ------w- c:\windows\system32\drivers\wadv08nt.sys 2011-07-20 14:43 . 2008-04-14 17:03 28672 ------w- c:\windows\system32\verclsid.exe 2011-07-20 14:43 . 2008-04-14 17:02 11325 ------w- c:\windows\system32\drivers\vchnt5.dll 2011-07-20 14:43 . 2008-04-13 18:46 121984 ------w- c:\windows\system32\drivers\usbvideo.sys 2011-07-20 14:43 . 2008-04-13 18:56 12800 ------w- c:\windows\system32\drivers\usb8023x.sys 2011-07-20 14:42 . 2008-04-14 17:02 50688 ------w- c:\windows\system32\tspkg.dll 2011-07-20 14:42 . 2008-04-14 17:02 53248 ------w- c:\windows\system32\tsgqec.dll 2011-07-20 14:40 . 2008-04-13 18:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys 2011-07-20 14:40 . 2008-04-14 17:03 32768 ------w- c:\windows\system32\setupn.exe 2011-07-20 14:40 . 2008-04-14 17:02 397056 ------w- c:\windows\system32\s3gnb.dll 2011-07-20 14:40 . 2004-08-03 20:29 166912 ------w- c:\windows\system32\drivers\s3gnbm.sys 2011-07-20 14:40 . 2008-04-13 18:56 30592 ------w- c:\windows\system32\drivers\rndismpx.sys 2011-07-20 14:40 . 2008-04-14 17:02 290304 ------w- c:\windows\system32\rhttpaa.dll 2011-07-20 14:40 . 2008-04-13 18:46 59136 ------w- c:\windows\system32\drivers\rfcomm.sys 2011-07-20 14:40 . 2004-08-03 20:41 13776 ------w- c:\windows\system32\drivers\recagent.sys 2011-07-20 14:40 . 2008-04-14 17:02 61952 ------w- c:\windows\system32\rasqec.dll 2011-07-20 14:40 . 2008-04-14 17:02 76800 ------w- c:\windows\system32\qutil.dll 2011-07-20 14:39 . 2008-04-14 17:02 62464 ------w- c:\windows\system32\qcliprov.dll 2011-07-20 14:39 . 2008-04-14 17:02 292864 ------w- c:\windows\system32\qagentrt.dll 2011-07-20 14:39 . 2008-04-14 17:02 150528 ------w- c:\windows\system32\qagent.dll 2011-07-20 14:39 . 2008-04-14 17:02 144896 ------w- c:\windows\system32\onex.dll 2011-07-20 14:39 . 2004-08-03 20:29 1897408 ------w- c:\windows\system32\drivers\nv4_mini.sys 2011-07-20 14:37 . 2008-04-14 16:38 78336 ------w- c:\windows\system32\msshavmsg.dll 2011-07-20 14:37 . 2008-04-14 17:02 155136 ------w- c:\windows\system32\mssha.dll 2011-07-20 14:36 . 2008-04-14 17:03 33792 ------w- c:\windows\system32\mmcperf.exe 2011-07-20 14:35 . 2008-04-14 17:02 106496 ------w- c:\windows\system32\mmcfxcommon.dll 2011-07-20 14:35 . 2008-04-14 17:02 397312 ------w- c:\windows\system32\mmcex.dll 2011-07-20 14:35 . 2008-04-14 17:02 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll 2011-07-20 14:35 . 2008-04-14 17:02 86016 ------w- c:\windows\system32\mdmxsdk.dll 2011-07-20 14:35 . 2004-08-03 20:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys 2011-07-20 14:34 . 2008-04-14 17:02 37376 ------w- c:\windows\system32\l2gpstore.dll 2011-07-20 14:34 . 2008-04-14 17:02 61440 ------w- c:\windows\system32\kmsvc.dll 2011-07-20 14:34 . 2008-04-14 17:01 6144 ------w- c:\windows\system32\kbdpash.dll 2011-07-20 14:34 . 2008-04-14 17:01 6144 ------w- c:\windows\system32\kbdnepr.dll 2011-07-20 14:34 . 2008-04-14 17:01 6144 ------w- c:\windows\system32\kbdiultn.dll 2011-07-20 14:34 . 2008-04-14 17:01 6144 ------w- c:\windows\system32\kbdbhc.dll 2011-07-20 14:33 . 2008-04-14 17:01 103424 -c----w- c:\windows\system32\dllcache\dpcdll.dll 2011-07-20 14:33 . 2008-04-14 17:00 24064 -c----w- c:\windows\system32\dllcache\pidgen.dll 2011-07-20 14:33 . 2008-04-14 17:02 10752 ------w- c:\windows\system32\smtpapi.dll 2011-07-20 14:33 . 2008-04-14 17:02 9728 ------w- c:\windows\system32\rwnh.dll 2011-07-20 14:33 . 2008-04-13 18:45 46592 ------w- c:\windows\system32\drivers\irbus.sys 2011-07-20 14:33 . 2008-04-13 18:43 9728 ------w- c:\windows\system32\comsdupd.exe 2011-07-20 14:33 . 2008-04-14 17:02 81920 ------w- c:\windows\system32\ieencode.dll 2011-07-20 14:33 . 2004-08-03 20:41 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys 2011-07-20 14:31 . 2008-04-14 17:02 9216 ------w- c:\windows\system32\dot3dlg.dll 2011-07-20 14:31 . 2008-04-14 17:02 651264 ------w- c:\windows\system32\dot3ui.dll 2011-07-20 14:31 . 2008-04-14 17:02 56832 ------w- c:\windows\system32\dot3msm.dll 2011-07-20 14:31 . 2008-04-14 17:02 39936 ------w- c:\windows\system32\dot3gpclnt.dll 2011-07-20 14:31 . 2008-04-14 17:02 132608 ------w- c:\windows\system32\dot3svc.dll 2011-07-20 14:31 . 2008-04-14 17:02 60928 ------w- c:\windows\system32\dot3cfg.dll 2011-07-20 14:30 . 2008-04-14 17:02 7168 ------w- c:\windows\system32\bitsprx4.dll 2011-07-20 14:29 . 2008-04-14 17:02 3967 ------w- c:\windows\system32\drivers\adv02nt5.dll 2011-07-20 14:29 . 2008-04-14 17:02 3775 ------w- c:\windows\system32\drivers\adv11nt5.dll 2011-07-20 14:29 . 2008-04-14 17:02 3711 ------w- c:\windows\system32\drivers\adv09nt5.dll 2011-07-20 14:29 . 2008-04-14 17:02 3647 ------w- c:\windows\system32\drivers\adv07nt5.dll 2011-07-20 14:29 . 2008-04-14 17:02 3615 ------w- c:\windows\system32\drivers\adv05nt5.dll 2011-07-20 14:29 . 2008-04-14 17:02 3135 ------w- c:\windows\system32\drivers\adv08nt5.dll 2011-07-20 14:29 . 2008-04-14 17:02 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll 2011-07-20 14:29 . 2008-04-14 17:02 136192 ------w- c:\windows\system32\aaclient.dll 2011-07-20 12:57 . 2011-07-20 12:57 -------- d-----w- c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\Malwarebytes 2011-07-20 12:55 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-20 12:55 . 2011-07-20 12:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-07-20 12:54 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-20 12:54 . 2011-07-20 14:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-20 12:35 . 2011-07-20 12:35 12872 ----a-w- c:\windows\system32\bootdelete.exe 2011-07-20 12:31 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2011-07-20 12:31 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2011-07-20 12:30 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-07-20 11:10 . 2011-07-20 11:10 134464 ----a-w- c:\windows\system32\LnkProtect.dll 2011-07-20 11:09 . 2011-07-24 14:33 21064 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-07-20 11:08 . 2011-07-20 11:08 -------- d-----w- c:\program files\Hitman Pro 3.5 2011-07-20 11:07 . 2011-07-20 12:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro 2011-07-20 10:08 . 2011-07-20 10:08 -------- d-----w- c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Local Settings\Application Data\PackageAware . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-04 02:52 . 2010-07-13 08:21 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-30 23:11 . 2011-04-21 13:45 462112 ----a-w- c:\program files\Common Files\ZugoInstaller.exe 2011-05-23 16:59 . 2011-03-25 15:39 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-07-24_15.47.45 ))))))))))))))))))))))))))))))))))))))))) . + 2011-07-24 16:25 . 2011-07-24 16:25 16384 c:\windows\Temp\Perflib_Perfdata_7cc.dat + 2011-07-24 16:53 . 2011-07-24 16:53 87951 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe + 2011-06-10 14:01 . 2011-06-10 14:01 86016 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll + 2011-06-10 13:47 . 2011-06-10 13:47 73408 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll + 2011-06-10 13:47 . 2011-06-10 13:47 64512 c:\windows\system32\Adobe\Shockwave 11\gcapi_dll.dll + 2011-06-10 14:02 . 2011-06-10 14:02 12288 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll + 2011-07-24 16:53 . 2011-07-24 16:53 10134 c:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe + 2008-05-05 05:25 . 2010-08-13 16:44 5632 c:\windows\system32\xpsp4res.dll + 2008-07-29 06:05 . 2008-07-29 06:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll + 2008-07-29 06:05 . 2008-07-29 06:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll + 2008-07-29 01:54 . 2008-07-29 01:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll + 2004-08-04 00:03 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll + 2011-02-12 19:05 . 2011-07-24 16:54 292792 c:\windows\system32\Adobe\Shockwave 11\SymInstallStub.exe + 2011-06-10 13:47 . 2011-06-10 13:47 279992 c:\windows\system32\Adobe\Shockwave 11\SymCCIS.dll + 2011-06-10 14:01 . 2011-06-10 14:01 113664 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe + 2011-06-13 08:49 . 2011-06-13 08:49 545208 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1160626.exe + 2011-06-10 14:03 . 2011-06-10 14:03 433664 c:\windows\system32\Adobe\Shockwave 11\Proj.dll + 2011-06-10 14:02 . 2011-06-10 14:02 364544 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll + 2011-06-10 13:51 . 2011-06-10 13:51 989184 c:\windows\system32\Adobe\Shockwave 11\iml32.dll + 2011-06-10 14:03 . 2011-06-10 14:03 892416 c:\windows\system32\Adobe\Shockwave 11\gi.dll + 2011-06-10 14:01 . 2011-06-10 14:01 541696 c:\windows\system32\Adobe\Shockwave 11\Control.dll + 2011-06-13 08:50 . 2011-06-13 08:50 112568 c:\windows\system32\Adobe\Director\SWDNLD.EXE + 2011-06-13 08:50 . 2011-06-13 08:50 279480 c:\windows\system32\Adobe\Director\SwDir.dll + 2011-06-10 14:02 . 2011-06-10 14:02 145920 c:\windows\system32\Adobe\Director\np32dsw.dll + 2011-07-24 16:53 . 2011-07-24 16:53 430592 c:\windows\Installer\1a9475.msi + 2011-06-10 13:47 . 2011-06-10 13:47 2314416 c:\windows\system32\Adobe\Shockwave 11\gt.exe + 2011-06-10 13:53 . 2011-06-10 13:53 1732608 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2011-05-30 09:33 2495816 ----a-w- c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816] . [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816] . [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\System32\igfxtray.exe" [2005-06-21 155648] "HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2005-06-21 126976] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35.exe" [2011-07-20 6619456] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-04-18 2334560] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^Aykut.DOP-IAALZ2MZLQP^Menu Start^Programma's^Opstarten^GameRanger.lnk] path=c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Menu Start\Programma's\Opstarten\GameRanger.lnk backup=c:\windows\pss\GameRanger.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2011-04-20 09:37 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Documents and Settings\\Aykut.DOP-IAALZ2MZLQP\\Bureaublad\\GameRanger.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= "c:\\windows\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 8:13 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 16:03 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 6:41 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5-4-2011 0:59 297168] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8-2-2011 5:33 269520] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [20-7-2011 14:55 366640] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 21:28 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 7:53 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 7:53 27216] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20-7-2011 14:54 22712] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18-4-2011 17:39 7398752] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25-12-2009 21:12 133104] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [20-7-2011 18:23 1025352] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [3-2-2010 20:31 36608] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25-12-2009 21:12 133104] S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [4-8-2004 2:03 14336] S3 vmfilter323;323 filter service, Normal;c:\windows\system32\drivers\vmfilter323.sys [19-10-2009 19:56 476672] S3 XDva317;XDva317;\??\c:\windows\system32\XDva317.sys --> c:\windows\system32\XDva317.sys [?] S3 ZSMC326;TD74 USB2.0 PC Camera(VC0323);c:\windows\system32\Drivers\usbvm323.sys --> c:\windows\system32\Drivers\usbvm323.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Inhoud van de 'Gedeelde Taken' map . 2009-12-22 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8252495118.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52] . 2011-07-24 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-10 18:58] . 2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-25 19:11] . 2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-25 19:11] . 2011-07-24 c:\windows\Tasks\Norton Security Scan for Pc01.job - c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2010-01-05 15:45] . . ------- Bijkomende Scan ------- . uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\Mozilla\Firefox\Profiles\joyvbib0.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2426074&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Facemoods Search FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ironto FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=80c1e219000000000000000bcd3e4fe8&tlver=1.4.19.19&instlRef=sst&affID=17160&q= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-07-25 00:48 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3492) c:\windows\system32\LnkProtect.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll . Voltooingstijd: 2011-07-25 00:54:30 ComboFix-quarantined-files.txt 2011-07-24 22:54 ComboFix2.txt 2011-07-24 15:57 . Pre-Run: 1.769.619.456 bytes beschikbaar Post-Run: 1.777.659.904 bytes beschikbaar . - - End Of File - - 21E06B8F333D41BCA8CF6AFEF351540C