ComboFix 09-07-04.09 - Geert 05/07/2009 21:36:07.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.31.1043.18.1023.596 [GMT 2:00]
Gestart vanuit: C:\Documents and Settings\Geert\Bureaublad\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
 * Nieuw herstelpunt werd aangemaakt
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Geert\Application Data\inst.exe

.
((((((((((((((((((((   Bestanden Gemaakt van 2009-06-05 to 2009-07-05  ))))))))))))))))))))))))))))))
.

2009-07-05 19:00:04 . 2009-07-05 19:00:04	0	d-----w-	C:\Program Files\Trend Micro
2009-07-05 16:59:44 . 2009-07-05 16:34:24	15688	----a-w-	C:\WINDOWS\system32\lsdelete.exe
2009-07-05 16:37:19 . 2009-07-05 16:34:12	64160	----a-w-	C:\WINDOWS\system32\drivers\Lbd.sys
2009-07-05 16:32:47 . 2009-07-05 16:32:47	0	dc-h--w-	C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-07-05 16:32:47 . 2009-01-18 21:43:37	2892112	-c--a-w-	C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
2009-07-03 23:03:04 . 2009-07-05 19:15:33	0	d--h--r-	C:\Documents and Settings\Geert\Onlangs geopend
2009-07-03 19:30:38 . 2009-07-03 19:30:38	604140	--sha-w-	C:\WINDOWS\system32\drivers\ISwift3.dat
2009-07-03 19:19:33 . 2009-07-03 19:19:33	0	d-----w-	C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-18 16:36:50 . 2009-06-18 16:36:50	390664	----a-w-	C:\Documents and Settings\Geert\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-15 19:05:37 . 2009-06-15 19:05:37	0	d-----w-	C:\Program Files\Van Dale
2009-06-12 21:30:30 . 2009-06-12 21:30:30	0	d-----w-	C:\Program Files\EGB3
2009-06-12 21:21:12 . 1997-05-29 13:25:40	315904	----a-w-	C:\WINDOWS\IsUn0413.exe
2009-06-12 21:21:09 . 2009-06-12 21:21:09	0	d-----w-	C:\Documents and Settings\Geert\WINDOWS
2009-06-12 21:21:03 . 2009-06-12 21:21:03	0	d-----w-	C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021
2009-06-12 21:16:26 . 2009-06-12 21:16:26	0	d-----w-	C:\Documents and Settings\Geert\Application Data\Uniblue
2009-06-05 21:59:59 . 2009-06-05 21:59:59	0	----a-w-	C:\WINDOWS\nsreg.dat
2009-06-05 21:59:53 . 2009-06-05 21:59:53	0	d-----w-	C:\Documents and Settings\Geert\Local Settings\Application Data\Mozilla

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 19:30:29 . 2009-04-13 23:07:25	0	d-----w-	C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-07-05 18:07:52 . 2009-05-31 18:57:10	0	d-----w-	C:\Program Files\DivX
2009-07-05 18:07:02 . 2009-05-31 18:57:11	0	d-----w-	C:\Program Files\Common Files\DivX Shared
2009-07-05 16:32:43 . 2009-04-14 10:27:29	0	d-----w-	C:\Program Files\Lavasoft
2009-07-05 16:32:43 . 2009-04-14 10:27:29	0	d-----w-	C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-07-03 21:45:59 . 2009-05-18 20:15:11	0	d-----w-	C:\Documents and Settings\Geert\Application Data\FrostWire
2009-07-03 19:28:49 . 2009-04-13 23:07:26	724000	--sha-w-	C:\WINDOWS\system32\drivers\fidbox2.dat
2009-07-03 19:28:49 . 2009-04-13 23:07:26	72056	--sha-w-	C:\WINDOWS\system32\drivers\fidbox2.idx
2009-07-03 19:28:49 . 2009-04-13 23:07:26	254144	--sha-w-	C:\WINDOWS\system32\drivers\fidbox.idx
2009-07-03 19:28:49 . 2009-04-13 23:07:26	18661920	--sha-w-	C:\WINDOWS\system32\drivers\fidbox.dat
2009-07-03 19:27:21 . 2009-04-13 23:07:25	0	d-----w-	C:\Program Files\Kaspersky Lab
2009-07-02 02:17:52 . 2009-04-18 16:59:02	0	d-----w-	C:\Documents and Settings\Geert\Application Data\Skype
2009-06-24 17:21:10 . 2009-04-29 15:58:00	0	d-----w-	C:\Program Files\Puntenboek
2009-06-22 20:25:43 . 2009-04-13 23:07:49	94643	----a-w-	C:\WINDOWS\system32\drivers\klick.dat
2009-06-22 20:25:43 . 2009-04-13 23:07:49	105395	----a-w-	C:\WINDOWS\system32\drivers\klin.dat
2009-06-22 20:03:14 . 2009-05-13 16:04:35	0	d-----w-	C:\Program Files\Spybot - Search & Destroy
2009-06-22 19:53:18 . 2009-05-13 16:04:35	0	d-----w-	C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-05 18:25:02 . 2009-06-05 16:36:51	0	d-----w-	C:\Program Files\Oxford
2009-06-05 17:47:04 . 2009-04-13 23:47:58	65344	----a-w-	C:\Documents and Settings\Geert\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-05 16:57:49 . 2009-06-05 16:57:49	90112	----a-w-	C:\WINDOWS\system32\CmdLineExt.dll
2009-06-05 16:57:49 . 2009-06-05 16:57:49	126976	----a-w-	C:\WINDOWS\system32\UAService7.exe
2009-06-05 16:57:30 . 2009-06-05 16:57:30	0	d-----w-	C:\Program Files\TEXTware
2009-06-05 16:57:30 . 2009-06-05 16:57:30	0	d-----w-	C:\Program Files\IDM
2009-06-05 16:57:21 . 2009-04-13 19:50:59	0	d--h--w-	C:\Program Files\InstallShield Installation Information
2009-06-05 09:07:30 . 2009-06-05 09:07:30	59976	----a-w-	C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.459\Dutch\setup.exe
2009-05-31 19:43:37 . 2009-05-31 19:43:37	0	d-----w-	C:\Documents and Settings\Geert\Application Data\DivX
2009-05-31 18:53:14 . 2009-05-31 18:53:12	0	d-----w-	C:\Program Files\AVI MPEG RM WMV Joiner
2009-05-25 03:21:48 . 2009-05-25 03:21:48	219664	----a-w-	C:\WINDOWS\system32\klogon.dll
2009-05-25 03:18:10 . 2009-05-25 03:18:10	27507	----a-w-	C:\WINDOWS\system32\drivers\klopp.dat
2009-05-24 13:30:38 . 2009-05-24 13:30:38	128016	----a-w-	C:\WINDOWS\system32\drivers\kl1.sys
2009-05-18 21:00:45 . 2009-05-18 21:00:45	0	----a-w-	C:\Documents and Settings\Geert\Application Data\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
2009-05-18 20:48:02 . 2009-05-18 20:08:59	0	d-----w-	C:\Documents and Settings\Geert\Application Data\LimeWirePlus
2009-05-18 20:15:11 . 2009-05-18 20:14:28	0	d-----w-	C:\Program Files\FrostWire
2009-05-18 20:08:24 . 2009-05-18 20:08:20	0	d-----w-	C:\Program Files\LimeWire Plus
2009-05-18 19:09:19 . 2009-05-18 18:20:58	0	d-----w-	C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-05-18 19:07:35 . 2009-05-18 17:22:01	0	d-----w-	C:\Program Files\MagicDVDCopier
2009-05-18 18:20:58 . 2009-05-18 18:20:57	0	d-----w-	C:\Program Files\DVD Shrink
2009-05-18 17:56:27 . 2009-05-18 17:56:27	0	d-----w-	C:\Documents and Settings\All Users\Application Data\vsosdk
2009-05-18 17:22:11 . 2009-05-18 17:22:05	0	d-----w-	C:\Documents and Settings\Geert\Application Data\Vso
2009-05-18 17:22:05 . 2009-05-18 17:22:05	47360	----a-w-	C:\WINDOWS\system32\drivers\pcouffin.sys
2009-05-18 17:22:05 . 2009-05-18 17:22:05	47360	----a-w-	C:\Documents and Settings\Geert\Application Data\pcouffin.sys
2009-05-18 17:22:05 . 2009-05-18 17:22:05	47360	----a-w-	C:\Documents and Settings\Geert\Application Data\pcouffin.sys
2009-05-16 18:59:44 . 2009-05-16 18:59:44	19472	----a-w-	C:\WINDOWS\system32\drivers\klmouflt.sys
2009-05-13 15:46:52 . 2008-04-30 15:06:48	31760	----a-w-	C:\WINDOWS\system32\drivers\klim5.sys
2009-05-07 18:10:17 . 2009-04-14 18:42:35	0	d-----w-	C:\Program Files\Microsoft
2009-05-07 15:34:08 . 2004-08-04 12:00:00	347136	----a-w-	C:\WINDOWS\system32\localspl.dll
2009-05-01 21:02:26 . 2009-05-01 21:02:26	823296	----a-w-	C:\WINDOWS\system32\divx_xx0c.dll
2009-05-01 21:02:26 . 2009-05-01 21:02:26	823296	----a-w-	C:\WINDOWS\system32\divx_xx07.dll
2009-05-01 21:02:26 . 2009-05-01 21:02:26	815104	----a-w-	C:\WINDOWS\system32\divx_xx0a.dll
2009-05-01 21:02:26 . 2009-05-01 21:02:26	811008	----a-w-	C:\WINDOWS\system32\divx_xx16.dll
2009-05-01 21:02:26 . 2009-05-01 21:02:26	802816	----a-w-	C:\WINDOWS\system32\divx_xx11.dll
2009-05-01 21:02:26 . 2009-05-01 21:02:26	685056	----a-w-	C:\WINDOWS\system32\DivX.dll
2009-04-29 04:49:58 . 2004-08-04 12:00:00	827392	----a-w-	C:\WINDOWS\system32\wininet.dll
2009-04-29 04:49:51 . 2004-08-04 12:00:00	78336	----a-w-	C:\WINDOWS\system32\ieencode.dll
2009-04-24 20:06:10 . 2003-02-21 02:42:22	348160	----a-w-	C:\WINDOWS\system32\msvcr71.dll
2009-04-19 19:51:42 . 2004-08-04 12:00:00	1847296	----a-w-	C:\WINDOWS\system32\win32k.sys
2009-04-17 18:03:03 . 2009-04-17 18:03:03	60416	----a-w-	C:\WINDOWS\ALCFDRTM.EXE
2009-04-16 00:07:47 . 2009-04-16 00:08:06	410984	----a-w-	C:\WINDOWS\system32\deploytk.dll
2009-04-16 00:07:22 . 2009-04-16 00:07:22	152576	----a-w-	C:\Documents and Settings\Geert\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-15 20:25:42 . 2009-05-31 18:57:42	9464	------w-	C:\WINDOWS\system32\drivers\cdralw2k.sys
2009-04-15 20:25:42 . 2009-05-31 18:57:42	9336	------w-	C:\WINDOWS\system32\drivers\cdr4_xp.sys
2009-04-15 20:25:42 . 2009-05-31 18:57:42	43528	------w-	C:\WINDOWS\system32\drivers\PxHelp20.sys
2009-04-15 20:25:42 . 2009-05-31 18:57:42	120056	------w-	C:\WINDOWS\system32\pxcpyi64.exe
2009-04-15 20:25:42 . 2009-05-31 18:57:42	118520	------w-	C:\WINDOWS\system32\pxinsi64.exe
2009-04-15 20:25:42 . 2009-05-31 18:57:41	129784	------w-	C:\WINDOWS\system32\pxafs.dll
2009-04-15 20:24:40 . 2009-04-15 20:24:40	90112	----a-w-	C:\WINDOWS\system32\dpl100.dll
2009-04-15 14:55:06 . 2004-08-04 12:00:00	585216	----a-w-	C:\WINDOWS\system32\rpcrt4.dll
2009-04-14 18:35:44 . 2009-04-14 18:35:44	15240	----a-w-	C:\Documents and Settings\Geert\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
2009-04-14 17:57:57 . 2009-04-14 17:57:57	10134	----a-r-	C:\Documents and Settings\Geert\Application Data\Microsoft\Installer\{4CCC7F68-A437-4559-A840-F5E010934951}\ARPPRODUCTICON.exe
2009-04-14 17:44:35 . 2009-04-14 17:29:37	104265	----a-w-	C:\WINDOWS\hpoins04.dat
2009-04-14 17:38:30 . 2009-04-14 17:38:30	45056	----a-r-	C:\Documents and Settings\Geert\Application Data\Microsoft\Installer\{457791C5-D702-4143-A7B2-2744BE9573F2}\NewShortcut1_5B69D3033CA54B39B5ECE7D051297E77.exe
2009-04-14 17:26:56 . 2004-08-04 12:00:00	69614	----a-w-	C:\WINDOWS\system32\perfc013.dat
2009-04-14 17:26:56 . 2004-08-04 12:00:00	442318	----a-w-	C:\WINDOWS\system32\perfh013.dat
2009-04-14 15:41:12 . 2009-04-13 18:47:47	86327	----a-w-	C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2009-04-13 23:47:27 . 2009-04-13 23:47:27	128	----a-w-	C:\Documents and Settings\Geert\Local Settings\Application Data\fusioncache.dat
2009-04-13 19:51:14 . 2009-04-13 19:51:14	15781	----a-w-	C:\WINDOWS\system32\drivers\mdc8021x.sys
2009-04-13 18:45:24 . 2009-04-13 18:45:24	21748	----a-w-	C:\WINDOWS\system32\emptyregdb.dat
2007-02-01 16:02:54 . 2009-05-01 23:57:15	313344	----a-w-	C:\Program Files\hjsplit.exe
2004-03-11 11:27:22 . 2009-04-14 10:50:08	40960	----a-w-	C:\Program Files\Uninstall_CDS.exe
2009-05-01 21:02:48 . 2009-05-01 21:02:48	1044480	----a-w-	C:\Program Files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02:48 . 2009-05-01 21:02:48	200704	----a-w-	C:\Program Files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 17:02:53 15360]
"Pando"="C:\Program Files\Pando Networks\Pando\pando.exe" [2009-04-14 03:42:34 4044616]
"Messenger (Yahoo!)"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 16:50:30 4363504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2004-11-04 17:36:04 1569280]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 12:43:58 45056]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 15:35:14 32768]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-09-07 13:25:58 1400944]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50:42 155648]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 11:38:56 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 13:18:56 241664]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2009-01-05 14:18:48 413696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-04-16 00:07:47 148888]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2009-04-24 20:06:06 198160]
"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-05 16:34:08 520024]
"avp"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-05-25 03:26:40 303376]
"GSICONEXE"="GSICON.EXE" - C:\WINDOWS\system32\gsicon.exe [2002-01-15 07:08:16 90112]
"DSLAGENTEXE"="dslagent.exe" - C:\WINDOWS\system32\dslagent.exe [2002-01-15 07:08:16 16384]
"SoundMan"="SOUNDMAN.EXE" - C:\WINDOWS\soundman.exe [2006-08-03 03:12:00 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 17:02:53 15360]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
Catalyst System Tray.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2005-8-12 45056]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Snelstart HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\FrostWire\\FrostWire.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57320:TCP"= 57320:TCP:Pando P2P TCP Listening Port
"57320:UDP"= 57320:UDP:Pando P2P UDP Listening Port

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [29/01/2008 17:29:38 33808]
R0 Lbd;Lbd;C:\WINDOWS\system32\drivers\Lbd.sys [5/07/2009 18:37:19 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 23:34:37 1029456]
R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.sys [13/04/2009 21:51:01 16269]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\drivers\klim5.sys [30/04/2008 17:06:48 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\system32\drivers\klmouflt.sys [16/05/2009 20:59:44 19472]
S2 gafwload;GlobespanVirata USB ADSL Loader;C:\WINDOWS\system32\drivers\gafwload.sys [13/04/2009 23:34:15 27147]
S3 Ca100v;2Mega Camera, WDM Video Capture;C:\WINDOWS\system32\drivers\Ca100v.sys [14/04/2009 12:32:40 516635]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\E:\NTGLM7X.sys --> E:\NTGLM7X.sys [?]
S3 USBCamera;DSC Still Image Capture (CA100);C:\WINDOWS\system32\drivers\Bulk100.sys [14/04/2009 12:32:40 10986]

--- Andere Services/Drivers In Geheugen ---

*NewlyCreated* - ASNDIS5
.
Inhoud van de 'Gedeelde Taken' map

2009-07-05 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 21:34:46 . 2009-07-05 16:34:11]

2009-06-16 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34:12 . 2008-07-30 10:34:12]

2009-07-03 C:\WINDOWS\Tasks\OGADaily.job
- C:\WINDOWS\system32\OGAVerify.exe [2008-12-31 15:04:42 . 2008-12-31 15:04:42]

2009-07-05 C:\WINDOWS\Tasks\OGALogon.job
- C:\WINDOWS\system32\OGAVerify.exe [2008-12-31 15:04:42 . 2008-12-31 15:04:42]
.
- - - - ORPHANS VERWIJDERD - - - -

HKCU-Run-Uniblue RegistryBooster 2009 - C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {4876D8F0-8C44-45EB-9054-1992A29BC318} = 193.74.208.135 193.74.208.65
FF - ProfilePath - C:\Documents and Settings\Geert\Application Data\Mozilla\Firefox\Profiles\fd6zkutm.default\
FF - prefs.js: browser.startup.homepage - www.google.be
FF - component: C:\Program Files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
.