ComboFix 10-10-08.01 - v730523 09/10/2010  15:48:41.3.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.32.1043.18.1982.1114 [GMT 2:00]
Gestart vanuit: c:\users\v730523\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\v730523\Desktop\CFScript.txt.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
 * Aanwezig AV is actief


FILE ::
"c:\users\v730523\BITFDEF.tmp"
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\32788R22FWJFW
c:\32788r22fwjfw\License\iexplore.exe
c:\32788r22fwjfw\License\ncmd.cfxxe
c:\program files\ToggleDU
c:\program files\ToggleDU\INSTALL.LOG
c:\program files\ToggleDU\ToggleDUToolbarHelper.exe
c:\program files\ToggleDU\toolbar.cfg
c:\program files\ToggleDU\UNWISE.EXE
c:\program files\Zynga
c:\program files\Zynga\INSTALL.LOG
c:\program files\Zynga\toolbar.cfg
c:\program files\Zynga\UNWISE.EXE
c:\program files\Zynga\ZyngaToolbarHelper.exe

.
((((((((((((((((((((   Bestanden Gemaakt van 2010-09-09 to 2010-10-09  ))))))))))))))))))))))))))))))
.

2010-10-09 14:05 . 2010-10-09 14:05	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-10-09 14:05 . 2010-10-09 14:05	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-10-09 13:13 . 2010-06-22 13:30	2048	----a-w-	c:\windows\system32\tzres.dll
2010-10-09 13:12 . 2010-04-16 16:46	502272	----a-w-	c:\windows\system32\usp10.dll
2010-10-09 13:12 . 2010-05-27 20:08	739328	----a-w-	c:\windows\system32\inetcomm.dll
2010-10-09 13:12 . 2010-08-17 14:11	128000	----a-w-	c:\windows\system32\spoolsv.exe
2010-10-09 13:12 . 2010-04-05 17:02	317952	----a-w-	c:\windows\system32\MP4SDECD.DLL
2010-10-07 13:33 . 2010-10-09 14:06	--------	d-----w-	c:\users\v730523\AppData\Local\temp
2010-10-06 18:15 . 2010-10-06 18:15	--------	d-----w-	c:\users\v730523\AppData\Roaming\Malwarebytes
2010-10-06 18:14 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-06 18:14 . 2010-10-06 19:00	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-10-06 18:14 . 2010-10-06 18:14	--------	d-----w-	c:\programdata\Malwarebytes
2010-10-06 18:14 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-10-04 11:48 . 2010-10-04 11:50	--------	d-----w-	c:\users\v730523\AppData\Local\Temp(9)
2010-10-02 19:20 . 2010-10-02 19:20	--------	d-----w-	c:\programdata\PassMark
2010-10-02 19:20 . 2010-10-02 19:20	--------	d-----w-	c:\program files\BurnInTest
2010-09-21 17:16 . 2010-09-21 17:16	552	----a-w-	c:\users\v730523\AppData\Local\d3d8caps.dat

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-09 13:58 . 2010-04-29 13:48	--------	d-----w-	c:\program files\a-squared Anti-Malware
2010-10-09 13:42 . 2008-02-26 01:54	667352	----a-w-	c:\windows\system32\perfh013.dat
2010-10-09 13:42 . 2008-02-26 01:54	126854	----a-w-	c:\windows\system32\perfc013.dat
2010-10-09 13:20 . 2008-08-21 07:17	--------	d-----w-	c:\program files\Google
2010-10-09 13:17 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-10-09 10:11 . 2010-10-02 19:59	28029	----a-w-	c:\programdata\nvModes.dat
2010-10-09 09:37 . 2006-11-02 10:25	86016	----a-w-	c:\windows\Inf\infstor.dat
2010-10-09 09:37 . 2006-11-02 10:25	51200	----a-w-	c:\windows\Inf\infpub.dat
2010-10-09 09:37 . 2006-11-02 10:25	143360	----a-w-	c:\windows\Inf\infstrng.dat
2010-10-07 14:07 . 2009-07-11 18:48	--------	d-----w-	c:\users\v730523\AppData\Roaming\MxBoost
2010-10-07 13:56 . 2010-03-09 12:38	--------	d-----w-	c:\users\v730523\AppData\Roaming\LimeWire
2010-10-06 18:29 . 2008-06-09 12:37	70808	----a-w-	c:\users\v730523\AppData\Local\GDIPFONTCACHEV1.DAT
2010-10-06 18:21 . 2008-07-25 17:55	1356	----a-w-	c:\users\v730523\AppData\Local\d3d9caps.dat
2010-10-05 10:59 . 2009-11-06 17:03	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-10-04 14:28 . 2009-08-15 13:55	--------	d-----w-	c:\programdata\Google Updater
2010-10-02 20:00 . 2008-04-17 10:37	--------	d-----w-	c:\programdata\NVIDIA
2010-09-21 17:16 . 2010-09-21 17:16	552	----a-w-	c:\users\v730523\AppData\Local\d3d8caps.tmp
2010-08-17 16:42 . 2008-02-25 19:03	--------	d-----w-	c:\program files\Common Files\Java
2010-08-17 16:38 . 2008-02-25 19:04	--------	d-----w-	c:\program files\Java
2010-08-12 23:17 . 2008-06-09 12:18	--------	d-----w-	c:\program files\Microsoft Works
2010-07-24 16:34 . 2009-08-02 21:35	24467	----a-w-	c:\users\v730523\AppData\Roaming\mdb.bin
2010-07-17 03:00 . 2010-05-31 07:15	423656	----a-w-	c:\windows\system32\deployJava1.dll
2008-02-26 02:32 . 2008-02-26 02:18	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-09-07 251336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2009-07-14 206128]
"a-squared"="c:\program files\A-SQUARED ANTI-MALWARE\a2guard.exe" [2010-10-09 3299720]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^v730523^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\v730523\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04	39792	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-06-16 07:03	75008	----a-w-	c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 20:17	49152	----a-w-	c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2007-09-13 07:47	480560	----a-w-	c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
2007-09-04 11:54	554320	----a-w-	c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-09-19 12:31	202032	----a-w-	c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-09-30 17:34	181544	----a-w-	c:\program files\HP\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44	248552	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-12-27 08:36	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]
2007-01-08 14:53	311296	----a-w-	c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 133104]
S1 a2injectiondriver;a2injectiondriver;c:\program files\a-squared Anti-Malware\a2dix86.sys [2010-10-09 41928]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files\a-squared Anti-Malware\a2util32.sys [2010-05-10 11776]
S2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [2010-10-09 2909536]
S3 a2acc;a2acc;c:\program files\A-SQUARED ANTI-MALWARE\a2accx86.sys [2010-10-09 72808]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map

2010-10-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-21 13:55]

2010-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 18:37]

2010-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 18:37]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=81&bd=Pavilion&pf=laptop
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab
FF - ProfilePath - c:\users\v730523\AppData\Roaming\Mozilla\Firefox\Profiles\ttd3g2co.default\
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\v730523\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS VERWIJDERD - - - -

AddRemove-ToggleDU Toolbar - c:\progra~1\ToggleDU\UNWISE.EXE
AddRemove-Zynga Toolbar - c:\progra~1\Zynga\UNWISE.EXE


.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-10-09  16:13:43
ComboFix-quarantined-files.txt  2010-10-09 14:13
ComboFix2.txt  2010-10-09 10:51
ComboFix3.txt  2010-10-08 09:08

Pre-Run: 79.952.285.696 bytes beschikbaar
Post-Run: 80.277.729.280 bytes beschikbaar

- - End Of File - - 49D05FFF24A4A953BBA3C1105F5C41DA