ComboFix 11-03-11.02 - Hilaire 12/03/2011  19:43:10.9.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.32.1043.18.958.170 [GMT 1:00]
Gestart vanuit: c:\users\Hilaire\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
	/wow section - STAGE 3
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-02-12 to 2011-03-12  ))))))))))))))))))))))))))))))
.
.
2011-03-12 18:54 . 2011-03-12 18:55	--------	d-----w-	c:\users\Hilaire\AppData\Local\temp
2011-03-12 18:54 . 2011-03-12 18:54	--------	d-----w-	c:\users\Public\AppData\Local\temp
2011-03-12 18:54 . 2011-03-12 18:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-03-11 09:37 . 2011-02-11 06:54	5943120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{37807EC6-3511-41C4-A487-B6E030D50E39}\mpengine.dll
2011-03-09 15:18 . 2010-12-29 18:28	322560	----a-w-	c:\windows\system32\sbe.dll
2011-03-09 15:18 . 2010-12-29 18:28	153088	----a-w-	c:\windows\system32\sbeio.dll
2011-03-09 15:18 . 2010-12-29 18:28	429056	----a-w-	c:\windows\system32\EncDec.dll
2011-03-09 15:18 . 2010-12-29 18:26	177664	----a-w-	c:\windows\system32\mpg2splt.ax
2011-03-09 15:18 . 2010-12-17 15:45	2067968	----a-w-	c:\windows\system32\mstscax.dll
2011-03-09 15:18 . 2010-12-17 13:54	677888	----a-w-	c:\windows\system32\mstsc.exe
2011-03-08 17:09 . 2011-03-08 17:09	--------	d-----w-	c:\users\Hilaire\AppData\Local\Universal RSS Reader
2011-03-07 17:41 . 2011-03-04 08:20	64512	----a-w-	c:\windows\system32\drivers\Lbd.sys
2011-03-07 17:40 . 2011-03-07 17:40	--------	dc----w-	c:\windows\system32\DRVSTORE
2011-03-07 17:40 . 2011-03-07 17:40	98392	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2011-03-07 17:40 . 2011-03-07 17:40	--------	d-----w-	c:\users\Hilaire\AppData\Local\Sunbelt Software
2011-03-07 17:39 . 2011-03-07 17:39	--------	dc-h--w-	c:\programdata\{A5847AFF-A1FE-4929-A3C0-16C23AB1D29D}
2011-03-07 17:38 . 2011-03-07 17:39	--------	d-----w-	c:\programdata\Lavasoft
2011-03-07 17:38 . 2011-03-07 17:38	--------	d-----w-	c:\program files\Lavasoft
2011-03-07 16:23 . 2011-02-23 14:56	371544	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-03-01 17:17 . 2011-03-01 18:08	--------	d-----w-	c:\users\Hilaire\AppData\Roaming\ZipGenius
2011-03-01 17:17 . 2011-03-01 17:17	--------	d-----w-	c:\program files\ZipGenius 6
2011-03-01 17:13 . 2011-03-01 17:13	--------	d-----w-	c:\windows\CD95F661A5C444F5A6AAECDD91C240BD.TMP
2011-03-01 16:34 . 2011-03-01 17:10	--------	d-----w-	c:\programdata\WinZip
2011-03-01 15:08 . 2011-03-01 15:09	--------	d-----w-	c:\program files\Audacity 1.3 Beta (Unicode)
2011-02-28 11:10 . 2011-02-28 11:10	9216	----a-r-	c:\users\Hilaire\AppData\Roaming\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2011-02-23 18:16 . 2011-02-23 18:16	--------	d-----w-	c:\users\Hilaire\Video VHS
2011-02-23 18:16 . 2011-02-23 18:16	--------	d-----w-	c:\users\Hilaire\AppData\Roaming\NCH Swift Sound
2011-02-23 18:15 . 2011-03-10 11:46	--------	d-----w-	c:\program files\NCH Software
2011-02-23 18:15 . 2011-03-10 11:35	--------	d-----w-	c:\users\Hilaire\AppData\Roaming\NCH Software
2011-02-23 17:12 . 2011-02-23 17:12	--------	d-----w-	c:\program files\FireTrust
2011-02-21 17:39 . 2011-02-21 17:39	--------	d-----w-	c:\users\Hilaire\AppData\Local\Weather forecast
2011-02-21 16:33 . 2011-03-08 17:09	--------	d-----w-	c:\users\Hilaire\AppData\Local\Opera
2011-02-21 16:33 . 2011-02-21 16:33	--------	d-----w-	c:\program files\Opera
2011-02-21 16:06 . 2011-02-21 16:06	--------	d-----w-	c:\program files\Opera 10.60 Beta
2011-02-21 15:41 . 2011-02-21 15:48	--------	d-----w-	c:\program files\PopTray
2011-02-20 18:25 . 2011-02-20 18:25	--------	d-----w-	c:\program files\Microsoft.NET
2011-02-20 16:28 . 2011-02-20 16:28	--------	d-----w-	C:\perflogs
2011-02-18 13:20 . 2011-02-18 13:23	--------	d-----w-	c:\program files\Wise Registry Cleaner
2011-02-17 15:35 . 2011-02-05 06:20	94208	----a-w-	c:\program files\Internet Explorer\nl\iediag.resources.dll
2011-02-17 15:35 . 2011-02-17 15:35	94208	----a-w-	c:\program files\Internet Explorer\en\iediag.resources.dll
2011-02-17 15:35 . 2011-02-17 15:35	307200	----a-w-	c:\program files\Internet Explorer\iediagcmd.exe
2011-02-17 15:35 . 2011-02-17 15:35	161280	----a-w-	c:\windows\system32\msls31.dll
2011-02-17 15:35 . 2011-02-17 15:35	1125376	----a-w-	c:\windows\system32\wininet.dll
2011-02-17 15:35 . 2011-02-17 15:35	107008	----a-w-	c:\program files\Internet Explorer\iecleanup.exe
2011-02-16 16:07 . 2011-02-16 16:08	--------	dc-h--w-	c:\programdata\{553764F8-6599-495D-B99E-4797D3DFC558}
2011-02-16 09:46 . 2011-02-16 15:15	--------	d-----w-	c:\users\Hilaire\email
2011-02-12 11:06 . 2011-02-16 16:08	--------	d-----w-	c:\programdata\Fighters
2011-02-11 14:39 . 2011-02-11 14:39	--------	d-----w-	c:\programdata\Kristanix Games
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-10 09:47 . 2010-06-24 09:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-23 15:04 . 2010-12-14 10:19	40648	----a-w-	c:\windows\avastSS.scr
2011-02-23 15:04 . 2010-12-14 10:19	190016	----a-w-	c:\windows\system32\aswBoot.exe
2011-02-23 14:56 . 2010-12-14 10:19	301528	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2010-12-14 10:19	49240	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2010-12-14 10:19	25432	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2010-12-14 10:19	53592	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2010-12-14 10:19	19544	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-02-02 16:11 . 2009-10-02 16:17	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-01-20 16:37 . 2011-02-10 15:21	638336	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-10 15:21	478720	----a-w-	c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-10 15:21	1029120	----a-w-	c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-10 15:21	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-10 15:21	189952	----a-w-	c:\windows\system32\d3d10core.dll
2011-01-20 16:08 . 2011-02-10 15:21	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2011-01-20 16:07 . 2011-02-10 15:21	37376	----a-w-	c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-10 15:21	258048	----a-w-	c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-10 15:21	586240	----a-w-	c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-10 15:21	2873344	----a-w-	c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-10 15:21	26112	----a-w-	c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-10 15:21	209920	----a-w-	c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-10 15:21	98816	----a-w-	c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-10 15:21	1554432	----a-w-	c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-10 15:21	876032	----a-w-	c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-10 15:21	667648	----a-w-	c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-10 15:21	847360	----a-w-	c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-10 15:21	288768	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-10 15:21	135680	----a-w-	c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-10 15:21	979456	----a-w-	c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-10 15:21	357376	----a-w-	c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-10 15:21	302592	----a-w-	c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-10 15:21	261632	----a-w-	c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-10 15:21	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-10 15:21	486400	----a-w-	c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-10 15:21	683008	----a-w-	c:\windows\system32\d2d1.dll
2011-01-20 13:44 . 2011-02-10 15:21	1068544	----a-w-	c:\windows\system32\DWrite.dll
2011-01-20 13:44 . 2011-02-10 15:21	797184	----a-w-	c:\windows\system32\FntCache.dll
2011-01-08 08:47 . 2011-02-10 15:19	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-10 15:19	292352	----a-w-	c:\windows\system32\atmfd.dll
2010-12-31 13:57 . 2011-02-10 15:23	2039808	----a-w-	c:\windows\system32\win32k.sys
2010-12-28 15:55 . 2011-01-12 15:11	413696	----a-w-	c:\windows\system32\odbc32.dll
2010-12-23 15:13 . 2010-12-23 15:13	658696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-20 17:09 . 2010-12-12 09:26	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2010-12-12 09:26	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-12-14 14:49 . 2011-01-12 15:11	1169408	----a-w-	c:\windows\system32\sdclt.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04	122512	----a-w-	c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech BT Wizard"="LBTWiz.exe -silent" [X]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-11 101136]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-02-23 3451496]
"sfagent"="c:\program files\Fighters\SPAMfighter\sfagent.exe" [2010-11-12 821384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2010-11-26 679936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07	932288	----a-r-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Password Guard v2]
2008-02-11 23:00	1838592	----a-w-	c:\progra~1\SYDATEC\PASSWO~1\pwguard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43	248040	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-03-03 15:49	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3610711996-1769753261-2712777353-1000]
"EnableNotificationsRef"=dword:00000001
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 135664]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-03-08 1405384]
R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-02-02 121480]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-03-04 15232]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-19 21504]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-03-04 64512]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\SPAMfighter\sfus.exe service [x]
S2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [2011-02-02 1176712]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
nosGetPlusHelper	REG_MULTI_SZ   	nosGetPlusHelper
.
Inhoud van de 'Gedeelde Taken' map
.
2011-03-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-03-04 08:20]
.
2011-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 15:49]
.
2011-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 15:49]
.
2011-03-12 c:\windows\Tasks\User_Feed_Synchronization-{7DF20E1A-0DCE-461E-A17B-4A27F5EBEB49}.job
- c:\windows\system32\msfeedssync.exe [2011-02-17 15:34]
.
2010-10-02 c:\windows\Tasks\User_Feed_Synchronization-{E44D27E0-7B62-432F-8035-1BBB9729ED05}.job
- c:\windows\system32\msfeedssync.exe [2011-02-17 15:34]
.
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://www.bigseekpro.com/burn4free/{7D95CA6D-DA29-4768-86D2-DA8F0A42221B}
uInternet Settings,ProxyOverride = local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - hxxp://www.tele2.be/mailconfig/config/bin/AccountHelper.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-12 19:54
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
.
c:\users\Hilaire\AppData\Local\Temp\catchme.dll 53248 bytes executable
C:\## aswSnx private storage
.
Scan succesvol afgerond
verborgen bestanden: 2
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,7b,e1,8f,58,c2,45,4a,95,17,2a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,7b,e1,8f,58,c2,45,4a,95,17,2a,\
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(4692)
c:\program files\SetPoint\lgscroll.dll
c:\program files\Epson Software\Easy Photo Print\EPTBL.dll
.
Voltooingstijd: 2011-03-12  19:58:43
ComboFix-quarantined-files.txt  2011-03-12 18:58
ComboFix2.txt  2010-12-14 17:38
.
Pre-Run: 215.589.376.000 bytes beschikbaar
Post-Run: 215.595.151.360 bytes beschikbaar
.
- - End Of File - - 2C4D2C148ECC75437A28E2FB40D65B3F