ComboFix 12-08-20.02 - Andre 21/08/2012  14:23:53.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.32.1043.18.3327.2144 [GMT 2:00]
Gestart vanuit: c:\users\Andre\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - Windows: deleted 48 bytes in 1 streams. [/i]
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2012-07-21 to 2012-08-21  ))))))))))))))))))))))))))))))
.
.
2012-08-21 12:35 . 2012-08-21 12:35	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-08-21 08:04 . 2012-08-21 08:04	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2012-08-21 08:03 . 2012-08-21 08:03	770384	----a-w-	c:\program files\Mozilla Firefox\msvcr100.dll
2012-08-21 08:03 . 2012-08-21 08:03	421200	----a-w-	c:\program files\Mozilla Firefox\msvcp100.dll
2012-08-21 08:03 . 2012-08-21 08:03	157608	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-08-21 08:03 . 2012-08-21 08:03	113120	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-08-21 07:57 . 2012-04-28 03:17	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-08-21 07:56 . 2012-07-18 17:47	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-08-21 07:56 . 2012-06-06 05:05	1019904	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2012-08-21 07:56 . 2012-06-06 05:05	143360	----a-w-	c:\program files\Common Files\System\ado\msjro.dll
2012-08-21 07:56 . 2012-06-06 05:05	372736	----a-w-	c:\program files\Common Files\System\ado\msadox.dll
2012-08-21 07:56 . 2012-06-06 05:05	57344	----a-w-	c:\program files\Common Files\System\ado\msador15.dll
2012-08-21 07:56 . 2012-06-06 05:05	352256	----a-w-	c:\program files\Common Files\System\ado\msadomd.dll
2012-08-21 07:56 . 2012-06-06 05:05	212992	----a-w-	c:\program files\Common Files\System\msadc\msadco.dll
2012-08-21 07:56 . 2012-06-06 05:03	805376	----a-w-	c:\windows\system32\cdosys.dll
2012-08-21 07:56 . 2012-03-31 04:39	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-08-21 07:56 . 2012-03-31 04:39	3913072	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-21 07:54 . 2012-07-04 21:14	41984	----a-w-	c:\windows\system32\browcli.dll
2012-08-21 07:54 . 2012-07-04 21:14	102912	----a-w-	c:\windows\system32\browser.dll
2012-08-21 07:54 . 2012-04-26 04:45	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-08-21 07:54 . 2012-04-26 04:45	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-08-21 07:54 . 2012-04-26 04:41	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-08-21 07:54 . 2012-03-17 07:27	56176	----a-w-	c:\windows\system32\drivers\partmgr.sys
2012-08-21 07:54 . 2012-05-14 04:33	769024	----a-w-	c:\windows\system32\localspl.dll
2012-08-21 07:54 . 2012-03-03 05:31	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-08-21 07:52 . 2012-04-24 04:36	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2012-08-21 07:52 . 2012-04-24 04:36	1158656	----a-w-	c:\windows\system32\crypt32.dll
2012-08-21 07:52 . 2012-04-24 04:36	103936	----a-w-	c:\windows\system32\cryptnet.dll
2012-08-21 07:36 . 2012-08-21 07:36	--------	d-----w-	c:\program files\Speccy
2012-08-21 07:31 . 2012-06-02 22:19	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-08-21 07:31 . 2012-06-02 22:19	45080	----a-w-	c:\windows\system32\wups2.dll
2012-08-21 07:31 . 2012-06-02 22:19	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-08-21 07:31 . 2012-06-02 22:12	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-08-21 07:31 . 2012-06-02 22:19	35864	----a-w-	c:\windows\system32\wups.dll
2012-08-21 07:31 . 2012-06-02 22:19	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-08-21 07:31 . 2012-06-02 22:12	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-08-21 07:30 . 2012-06-02 13:19	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-08-21 07:30 . 2012-06-02 13:12	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-08-21 07:27 . 2012-08-21 07:27	--------	d-----w-	c:\users\Andre\AppData\Local\AVG Secure Search
2012-07-30 21:52 . 2012-07-30 21:52	103904	----a-w-	c:\program files\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 08:03 . 2012-04-07 17:02	136672	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-08-21 07:26	2074208	----a-w-	c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-08-21 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PowerArchiver Tray"="c:\program files\PowerArchiver\PASTARTER.EXE" [2008-09-27 143168]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 497024]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-11 1474560]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-04-09 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-04-04 2077536]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-08-21 1107552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [x]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [x]
S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhoud van de 'Gedeelde Taken' map
.
2012-08-21 c:\windows\Tasks\1-klik Onderhoud.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-03 16:48]
.
2012-08-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 15:47]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Andre\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\gi08mgux.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bb963e78f-096e-44c2-95aa-409ce25733c2%7D&mid=bd7be03ae691d470b64a2ac7adc88bbd-62a52b98e20a859305b8de9a3833ef95208c7bba&ds=AVG&v=11.1.0.12&lang=nl&pr=fr&d=2012-04-04%2014%3A20%3A17&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-08-21  14:46:44
ComboFix-quarantined-files.txt  2012-08-21 12:46
.
Pre-Run: 35.219.009.536 bytes beschikbaar
Post-Run: 35.023.458.304 bytes beschikbaar
.
- - End Of File - - B1E7F402F8B6CE5A48DC4933A9BE73DF