ComboFix 11-07-24.01 - Aykut 24-07-2011  17:20:05.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.31.1043.18.503.145 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Mijn documenten\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\documents and settings\All Users\Application Data\Toolbar4
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\affid.dat
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\basis.xml
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\02f31483863b8d5b94d4d50f294dd040
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\1f077d018e53fe9136e27527de9eac5a
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\21afb941cf6501d4e6fde233d916f30f
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2a08e6e5b14025918fdfc40f2c113d0a
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\31dca3ca44f44956ffde9959067d1093
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\430028b25eb3bc1e4d62aae3ac8b3030
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\4b3234cd3b88b3eac20b8b9d97c60019
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\5d3cb658b5fccbba0538f8a47cbffb6f
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\6678f915b4bcf7be5255202b4c2ccdce
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9a3f296b3bc2687f449336b4e47c8e46
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9e610265b6b7cf5b5ddf9f2e6f510919
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\a1d6e120fd376916b636ce749531b7af
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\a587ed5eb08ff0804f85618918fa0d0b
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\a845e399beec9beb4940c09e09dfbe93
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\bc6b4f7205ab94059f13930a35412606
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\bea0215f7ea8d9ff2f780c11d289b85b
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c3782c9892460edf79a03fb75a965be2
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c4febd1a585c3ce70660e8fe92979428
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\CustomXMLKeywords
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d077f597ce085f269bed22ecbfa261c1
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d26c598a4f4d440952fb1600cd16e3bd
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\e6a0e023ed2aab4d9dcce82b78be3716
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\icons.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\1e6d0a92883b25f29523edfaccfcde3b
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\734520e3f7f8748ba2680bc540926618
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\f497eef52bad4d93df84da30a8a45ac0
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\info.txt
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbback.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbbigopen.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbclose.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbfwd.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\mbsep.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\nav1c.bmp
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\orange-install.ico
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\tbcore3.inf
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\uninstall.exe
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\UninstallToolbar.exe
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\update.exe
c:\documents and settings\All Users\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\version.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\facemoods.com
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\i.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\j.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\z.txt
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Menu Start\Programma's\Opstarten\OpenOffice.org 3.1 .lnk
c:\program files\AutocompletePro
c:\program files\AutocompletePro\InstTracker.exe
c:\program files\HyperCam Toolbar\tbHElper.dll
c:\windows\system32\_000011_.tmp.dll
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-06-24 to 2011-07-24  ))))))))))))))))))))))))))))))
.
.
2011-07-24 15:15 . 2011-07-24 15:15	--------	d--h--r-	c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Onlangs geopend
2011-07-24 14:21 . 2011-07-24 14:21	--------	d-----w-	c:\windows\LastGood
2011-07-23 17:38 . 2010-10-11 14:59	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2011-07-23 17:38 . 2010-08-16 08:45	590848	----a-w-	c:\windows\system32\SET15.tmp
2011-07-22 12:49 . 2011-07-22 12:49	--------	d-----w-	c:\windows\l2schemas
2011-07-22 12:49 . 2011-07-22 12:54	--------	d-----w-	c:\windows\system32\nl
2011-07-22 11:11 . 2010-05-06 10:36	743424	-c----w-	c:\windows\system32\dllcache\iedvtool.dll
2011-07-22 11:07 . 2011-07-22 11:10	--------	dc-h--w-	c:\windows\ie8
2011-07-21 13:19 . 2011-07-21 13:19	388096	----a-r-	c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-21 13:19 . 2011-07-21 13:19	--------	d-----w-	c:\program files\Trend Micro
2011-07-20 20:38 . 2011-07-20 20:38	--------	d-----w-	c:\program files\Common Files\Java
2011-07-20 20:27 . 2011-05-04 00:25	73728	----a-w-	c:\windows\system32\javacpl.cpl
2011-07-20 18:28 . 2011-07-20 18:28	--------	d-----w-	C:\$AVG
2011-07-20 16:31 . 2011-07-20 16:31	--------	d-----w-	c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\AVG10
2011-07-20 16:23 . 2011-07-20 16:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2011-07-20 16:08 . 2011-07-24 14:47	--------	d-----w-	c:\windows\system32\drivers\AVG
2011-07-20 16:08 . 2011-07-20 16:25	--------	d-----w-	c:\documents and settings\All Users\Application Data\AVG10
2011-07-20 15:57 . 2011-07-20 15:57	--------	d--h--w-	c:\documents and settings\All Users\Application Data\Common Files
2011-07-20 15:35 . 2011-07-20 15:57	--------	d-----w-	c:\documents and settings\All Users\Application Data\MFAData
2011-07-20 14:43 . 2008-04-14 17:02	69120	------w-	c:\windows\system32\wlanapi.dll
2011-07-20 14:43 . 2004-08-03 20:29	25471	------w-	c:\windows\system32\drivers\watv10nt.sys
2011-07-20 14:43 . 2004-08-03 20:29	22271	------w-	c:\windows\system32\drivers\watv06nt.sys
2011-07-20 14:43 . 2008-04-13 18:43	14208	------w-	c:\windows\system32\drivers\wacompen.sys
2011-07-20 14:43 . 2004-08-03 20:29	11935	------w-	c:\windows\system32\drivers\wadv11nt.sys
2011-07-20 14:43 . 2004-08-03 20:29	11871	------w-	c:\windows\system32\drivers\wadv09nt.sys
2011-07-20 14:43 . 2004-08-03 20:29	11807	------w-	c:\windows\system32\drivers\wadv07nt.sys
2011-07-20 14:43 . 2004-08-03 20:29	11295	------w-	c:\windows\system32\drivers\wadv08nt.sys
2011-07-20 14:43 . 2008-04-14 17:03	28672	------w-	c:\windows\system32\verclsid.exe
2011-07-20 14:43 . 2008-04-14 17:02	11325	------w-	c:\windows\system32\drivers\vchnt5.dll
2011-07-20 14:43 . 2008-04-13 18:46	121984	------w-	c:\windows\system32\drivers\usbvideo.sys
2011-07-20 14:43 . 2008-04-13 18:56	12800	------w-	c:\windows\system32\drivers\usb8023x.sys
2011-07-20 14:42 . 2008-04-14 17:02	50688	------w-	c:\windows\system32\tspkg.dll
2011-07-20 14:42 . 2008-04-14 17:02	53248	------w-	c:\windows\system32\tsgqec.dll
2011-07-20 14:40 . 2008-04-13 18:40	10240	------w-	c:\windows\system32\drivers\sffp_mmc.sys
2011-07-20 14:40 . 2008-04-14 17:03	32768	------w-	c:\windows\system32\setupn.exe
2011-07-20 14:40 . 2008-04-14 17:02	397056	------w-	c:\windows\system32\s3gnb.dll
2011-07-20 14:40 . 2004-08-03 20:29	166912	------w-	c:\windows\system32\drivers\s3gnbm.sys
2011-07-20 14:40 . 2008-04-13 18:56	30592	------w-	c:\windows\system32\drivers\rndismpx.sys
2011-07-20 14:40 . 2008-04-14 17:02	290304	------w-	c:\windows\system32\rhttpaa.dll
2011-07-20 14:40 . 2008-04-13 18:46	59136	------w-	c:\windows\system32\drivers\rfcomm.sys
2011-07-20 14:40 . 2004-08-03 20:41	13776	------w-	c:\windows\system32\drivers\recagent.sys
2011-07-20 14:40 . 2008-04-14 17:02	61952	------w-	c:\windows\system32\rasqec.dll
2011-07-20 14:40 . 2008-04-14 17:02	76800	------w-	c:\windows\system32\qutil.dll
2011-07-20 14:39 . 2008-04-14 17:02	62464	------w-	c:\windows\system32\qcliprov.dll
2011-07-20 14:39 . 2008-04-14 17:02	292864	------w-	c:\windows\system32\qagentrt.dll
2011-07-20 14:39 . 2008-04-14 17:02	150528	------w-	c:\windows\system32\qagent.dll
2011-07-20 14:39 . 2008-04-14 17:02	144896	------w-	c:\windows\system32\onex.dll
2011-07-20 14:39 . 2004-08-03 20:29	1897408	------w-	c:\windows\system32\drivers\nv4_mini.sys
2011-07-20 14:37 . 2008-04-14 16:38	78336	------w-	c:\windows\system32\msshavmsg.dll
2011-07-20 14:37 . 2008-04-14 17:02	155136	------w-	c:\windows\system32\mssha.dll
2011-07-20 14:36 . 2008-04-14 17:03	33792	------w-	c:\windows\system32\mmcperf.exe
2011-07-20 14:35 . 2008-04-14 17:02	106496	------w-	c:\windows\system32\mmcfxcommon.dll
2011-07-20 14:35 . 2008-04-14 17:02	397312	------w-	c:\windows\system32\mmcex.dll
2011-07-20 14:35 . 2008-04-14 17:02	184320	------w-	c:\windows\system32\microsoft.managementconsole.dll
2011-07-20 14:35 . 2008-04-14 17:02	86016	------w-	c:\windows\system32\mdmxsdk.dll
2011-07-20 14:35 . 2004-08-03 20:41	11868	------w-	c:\windows\system32\drivers\mdmxsdk.sys
2011-07-20 14:34 . 2008-04-14 17:02	37376	------w-	c:\windows\system32\l2gpstore.dll
2011-07-20 14:34 . 2008-04-14 17:02	61440	------w-	c:\windows\system32\kmsvc.dll
2011-07-20 14:34 . 2008-04-14 17:01	6144	------w-	c:\windows\system32\kbdpash.dll
2011-07-20 14:34 . 2008-04-14 17:01	6144	------w-	c:\windows\system32\kbdnepr.dll
2011-07-20 14:34 . 2008-04-14 17:01	6144	------w-	c:\windows\system32\kbdiultn.dll
2011-07-20 14:34 . 2008-04-14 17:01	6144	------w-	c:\windows\system32\kbdbhc.dll
2011-07-20 14:33 . 2008-04-14 17:01	103424	-c----w-	c:\windows\system32\dllcache\dpcdll.dll
2011-07-20 14:33 . 2008-04-14 17:00	24064	-c----w-	c:\windows\system32\dllcache\pidgen.dll
2011-07-20 14:33 . 2008-04-14 17:02	10752	------w-	c:\windows\system32\smtpapi.dll
2011-07-20 14:33 . 2008-04-14 17:02	9728	------w-	c:\windows\system32\rwnh.dll
2011-07-20 14:33 . 2008-04-13 18:45	46592	------w-	c:\windows\system32\drivers\irbus.sys
2011-07-20 14:33 . 2008-04-13 18:43	9728	------w-	c:\windows\system32\comsdupd.exe
2011-07-20 14:33 . 2008-04-14 17:02	81920	------w-	c:\windows\system32\ieencode.dll
2011-07-20 14:33 . 2004-08-03 20:41	1041536	------w-	c:\windows\system32\drivers\hsfdpsp2.sys
2011-07-20 14:31 . 2008-04-14 17:02	9216	------w-	c:\windows\system32\dot3dlg.dll
2011-07-20 14:31 . 2008-04-14 17:02	651264	------w-	c:\windows\system32\dot3ui.dll
2011-07-20 14:31 . 2008-04-14 17:02	56832	------w-	c:\windows\system32\dot3msm.dll
2011-07-20 14:31 . 2008-04-14 17:02	39936	------w-	c:\windows\system32\dot3gpclnt.dll
2011-07-20 14:31 . 2008-04-14 17:02	132608	------w-	c:\windows\system32\dot3svc.dll
2011-07-20 14:31 . 2008-04-14 17:02	60928	------w-	c:\windows\system32\dot3cfg.dll
2011-07-20 14:30 . 2008-04-14 17:02	7168	------w-	c:\windows\system32\bitsprx4.dll
2011-07-20 14:29 . 2008-04-14 17:02	3967	------w-	c:\windows\system32\drivers\adv02nt5.dll
2011-07-20 14:29 . 2008-04-14 17:02	3775	------w-	c:\windows\system32\drivers\adv11nt5.dll
2011-07-20 14:29 . 2008-04-14 17:02	3711	------w-	c:\windows\system32\drivers\adv09nt5.dll
2011-07-20 14:29 . 2008-04-14 17:02	3647	------w-	c:\windows\system32\drivers\adv07nt5.dll
2011-07-20 14:29 . 2008-04-14 17:02	3615	------w-	c:\windows\system32\drivers\adv05nt5.dll
2011-07-20 14:29 . 2008-04-14 17:02	3135	------w-	c:\windows\system32\drivers\adv08nt5.dll
2011-07-20 14:29 . 2008-04-14 17:02	4255	------w-	c:\windows\system32\drivers\adv01nt5.dll
2011-07-20 14:29 . 2008-04-14 17:02	136192	------w-	c:\windows\system32\aaclient.dll
2011-07-20 12:57 . 2011-07-20 12:57	--------	d-----w-	c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\Malwarebytes
2011-07-20 12:55 . 2011-07-06 17:52	41272	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-20 12:55 . 2011-07-20 12:55	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2011-07-20 12:54 . 2011-07-06 17:52	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-07-20 12:54 . 2011-07-20 14:02	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-07-20 12:35 . 2011-07-20 12:35	12872	----a-w-	c:\windows\system32\bootdelete.exe
2011-07-20 12:31 . 2009-11-21 16:03	471552	-c----w-	c:\windows\system32\dllcache\aclayers.dll
2011-07-20 12:31 . 2010-06-14 14:31	744448	-c----w-	c:\windows\system32\dllcache\helpsvc.exe
2011-07-20 12:30 . 2010-02-12 10:03	293376	------w-	c:\windows\system32\browserchoice.exe
2011-07-20 11:10 . 2011-07-20 11:10	134464	----a-w-	c:\windows\system32\LnkProtect.dll
2011-07-20 11:09 . 2011-07-24 14:33	21064	----a-w-	c:\windows\system32\drivers\hitmanpro35.sys
2011-07-20 11:08 . 2011-07-20 11:08	--------	d-----w-	c:\program files\Hitman Pro 3.5
2011-07-20 11:07 . 2011-07-20 12:37	--------	d-----w-	c:\documents and settings\All Users\Application Data\Hitman Pro
2011-07-20 10:08 . 2011-07-20 10:08	--------	d-----w-	c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Local Settings\Application Data\PackageAware
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-04 02:52 . 2010-07-13 08:21	472808	----a-w-	c:\windows\system32\deployJava1.dll
2010-09-30 23:11 . 2011-04-21 13:45	462112	----a-w-	c:\program files\Common Files\ZugoInstaller.exe
2011-05-23 16:59 . 2011-03-25 15:39	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-05-30 09:33	2495816	----a-w-	c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-05-30 2495816]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2005-06-21 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2005-06-21 126976]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"HitmanPro35"="c:\program files\Hitman Pro 3.5\HitmanPro35.exe" [2011-07-20 6619456]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-04-18 2334560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^Aykut.DOP-IAALZ2MZLQP^Menu Start^Programma's^Opstarten^GameRanger.lnk]
path=c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Menu Start\Programma's\Opstarten\GameRanger.lnk
backup=c:\windows\pss\GameRanger.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-04-20 09:37	399736	----a-w-	c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\Aykut.DOP-IAALZ2MZLQP\\Bureaublad\\GameRanger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=
"c:\\windows\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 8:13 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 16:03 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 6:41 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5-4-2011 0:59 297168]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 21:28 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 7:53 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 7:53 27216]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20-7-2011 14:54 22712]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [3-2-2010 20:31 36608]
S3 vmfilter323;323 filter service, Normal;c:\windows\system32\drivers\vmfilter323.sys [19-10-2009 19:56 476672]
S3 XDva317;XDva317;\??\c:\windows\system32\XDva317.sys --> c:\windows\system32\XDva317.sys [?]
S3 ZSMC326;TD74 USB2.0 PC Camera(VC0323);c:\windows\system32\Drivers\usbvm323.sys --> c:\windows\system32\Drivers\usbvm323.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper	REG_MULTI_SZ   	nosGetPlusHelper
.
Inhoud van de 'Gedeelde Taken' map
.
2009-12-22 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8252495118.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
.
2011-07-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-10 18:58]
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-25 19:11]
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-25 19:11]
.
2011-07-22 c:\windows\Tasks\Norton Security Scan for Pc01.job
- c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2010-01-05 15:45]
.
2011-02-18 c:\windows\Tasks\SymInstallStub.job
- c:\windows\system32\Adobe\Shockwave 11\syminstallstub.exe [2011-02-12 14:16]
.
.
------- Bijkomende Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\Mozilla\Firefox\Profiles\joyvbib0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2426074&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ironto
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=80c1e219000000000000000bcd3e4fe8&tlver=1.4.19.19&instlRef=sst&affID=17160&q=
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-NPSStartup - (no file)
MSConfigStartUp-BigDogPath323Domino - c:\windows\Domino.exe
MSConfigStartUp-BigDogPath323VMSnap - c:\windows\VMSnap23.exe
AddRemove-GameRanger - c:\documents and settings\Aykut.DOP-IAALZ2MZLQP\Application Data\GameRanger\GameRanger\GameRanger.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-24 17:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
  msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�|����.��|���w*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Voltooingstijd: 2011-07-24  17:57:29
ComboFix-quarantined-files.txt  2011-07-24 15:57
.
Pre-Run: 667.983.872 bytes beschikbaar
Post-Run: 1.859.842.048 bytes beschikbaar
.
- - End Of File - - 9066C8C9B19C9D1E6F87803CFFFC7B6C