ComboFix 10-07-24.06 - eigenaar 26-07-2010  20:26:20.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.3036.2045 [GMT 2:00]
Gestart vanuit: c:\users\eigenaar\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\SEC
c:\windows\SEC\172100logo.bmp
c:\windows\SEC\banner.png
c:\windows\SEC\Computer.png
c:\windows\SEC\Media _S_ Logo.png
c:\windows\SEC\Samsung.png
c:\windows\SEC\Samsung2.png
c:\windows\SEC\SamsungLogo.png
c:\windows\SEC\Wallpapers\wallpaper.jpg
c:\windows\SEC\Wallpapers\wallpaper1.jpg
c:\windows\SEC\Wallpapers\Wallpaper2.jpg

.
((((((((((((((((((((   Bestanden Gemaakt van 2010-06-26 to 2010-07-26  ))))))))))))))))))))))))))))))
.

2010-07-25 18:19 . 2010-07-25 18:19	388096	----a-r-	c:\users\eigenaar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-25 18:19 . 2010-07-25 18:19	--------	d-----w-	c:\program files\Trend Micro
2010-07-24 18:04 . 2010-07-24 18:04	--------	d-----w-	c:\program files\Instant Messenger Cleaner
2010-07-24 17:41 . 2010-07-24 17:41	--------	d-----w-	c:\users\eigenaar\AppData\Roaming\Malwarebytes
2010-07-24 17:41 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-24 17:41 . 2010-07-26 17:44	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-07-24 17:41 . 2010-07-24 17:41	--------	d-----w-	c:\programdata\Malwarebytes
2010-07-24 17:41 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-07-24 17:32 . 2010-07-24 17:32	--------	d-----w-	c:\users\eigenaar\Virus msn
2010-07-24 17:32 . 2010-07-24 17:32	--------	d-----w-	c:\users\eigenaar\Nieuwe map
2010-07-23 19:39 . 2010-07-23 19:39	1615200	----a-w-	c:\programdata\avg9\update\backup\avgssie.dll
2010-07-23 19:39 . 2010-07-23 19:39	1107296	----a-w-	c:\programdata\avg9\update\backup\avgxpl.dll
2010-07-23 19:39 . 2010-07-23 19:39	921440	----a-w-	c:\programdata\avg9\update\backup\avgemc.exe
2010-07-23 19:39 . 2010-07-23 19:39	4368224	----a-w-	c:\programdata\avg9\update\backup\avgcorex.dll
2010-07-23 19:22 . 2010-07-23 19:22	12536	----a-w-	c:\windows\system32\avgrsstx.dll
2010-07-23 19:22 . 2010-07-23 19:22	243024	----a-w-	c:\windows\system32\drivers\avgtdix.sys
2010-07-23 19:22 . 2010-07-23 19:22	216400	----a-w-	c:\windows\system32\drivers\avgldx86.sys
2010-07-23 19:22 . 2010-07-26 17:38	--------	d-----w-	c:\windows\system32\drivers\Avg
2010-07-23 19:22 . 2010-07-23 19:22	29584	----a-w-	c:\windows\system32\drivers\avgmfx86.sys
2010-07-23 19:19 . 2010-07-23 19:19	--------	d-----w-	c:\program files\AVG
2010-07-23 19:19 . 2010-07-23 19:19	--------	d-----w-	c:\programdata\avg9

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-25 20:15 . 2009-04-26 11:39	12	----a-w-	c:\windows\bthservsdp.dat
2010-07-14 19:20 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-07-14 17:44 . 2010-02-08 19:17	--------	d-----w-	c:\program files\ANWB
2010-07-12 18:11 . 2009-04-25 18:20	667352	----a-w-	c:\windows\system32\perfh013.dat
2010-07-12 18:11 . 2009-04-25 18:20	126854	----a-w-	c:\windows\system32\perfc013.dat
2010-06-23 08:22 . 2010-06-23 08:22	501936	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtbFB.tmp.exe
2010-06-14 15:51 . 2009-04-25 20:50	--------	d-----w-	c:\programdata\Microsoft Help
2010-06-08 07:32 . 2010-02-15 18:59	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-06-03 10:57 . 2010-06-03 10:57	--------	d-----w-	c:\users\eigenaar\AppData\Roaming\Panda Security
2010-06-03 10:57 . 2010-06-03 10:57	--------	d-----w-	c:\program files\Panda Security
2010-06-03 10:56 . 2009-09-08 17:53	--------	d-----w-	c:\programdata\Norton
2010-05-26 17:06 . 2010-06-14 07:07	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-14 07:07	289792	----a-w-	c:\windows\system32\atmfd.dll
2010-05-21 12:14 . 2010-06-03 11:02	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-04 05:59 . 2010-06-14 07:07	916480	----a-w-	c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-14 07:07	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-14 07:07	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-14 07:07	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-14 07:07	2037248	----a-w-	c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-07 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-12 61440]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-02-13 6814240]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1049896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-11 34672]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-02-13 1833504]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-23 2065760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e6,58,bb,2c,e2,40,ca,01

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 135664]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-07-23 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-07-23 243024]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-23 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-23 308136]
S2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\DRIVERS\kmdfmemio.sys [2006-11-14 13312]
S2 Rezip;Rezip;c:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2008-01-21 21504]
S3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\Drivers\VMC326.sys [2008-11-21 238464]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
yksvcs	REG_MULTI_SZ   	yksvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhoud van de 'Gedeelde Taken' map

2010-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 19:46]

2010-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 19:46]

2009-11-26 c:\windows\Tasks\User_Feed_Synchronization-{31CA992D-DA94-4EAA-A87F-9DB5E095E002}.job
- c:\windows\system32\msfeedssync.exe [2010-06-14 04:30]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
.
- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-26 20:31
Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-07-26  20:33:01
ComboFix-quarantined-files.txt  2010-07-26 18:32

Pre-Run: 96.085.381.120 bytes beschikbaar
Post-Run: 96.603.389.952 bytes beschikbaar

- - End Of File - - 8D1DB8606BA5E611F152BDEA1281FDAD