ComboFix 11-04-08.02 - Niels 09/04/2011  18:58:36.6.2 - x64 NETWORK
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.32.1043.18.3072.2042 [GMT 2:00]
Gestart vanuit: c:\users\Niels\Desktop\ComboFix.exe
AV: Telenet Security Pack 9.01 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Telenet Security Pack 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Telenet Security Pack 9.01 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-03-09 to 2011-04-09  ))))))))))))))))))))))))))))))
.
.
2011-04-09 17:06 . 2011-04-09 17:06	--------	d-----w-	c:\users\Public\AppData\Local\temp
2011-04-09 17:06 . 2011-04-09 17:06	--------	d-----w-	c:\users\Niels\AppData\Local\temp
2011-04-09 17:06 . 2011-04-09 17:06	--------	d-----w-	c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2011-04-09 17:06 . 2011-04-09 17:06	--------	d-----w-	c:\users\Elise\AppData\Local\temp
2011-04-09 17:06 . 2011-04-09 17:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-04-09 09:40 . 2011-04-09 09:40	--------	d-----w-	c:\program files (x86)\WinPcap
2011-04-09 09:39 . 2006-06-23 19:38	452096	----a-w-	c:\windows\SysWow64\nmap.exe
2011-04-09 09:39 . 2006-06-23 19:38	192	----a-w-	c:\windows\SysWow64\nmap_performance.reg
2011-04-09 09:39 . 2002-11-20 17:44	77824	----a-w-	c:\windows\SysWow64\nmapwin.exe
2011-04-09 09:39 . 2002-11-20 16:06	290816	----a-w-	c:\windows\SysWow64\nmapserv.exe
2011-04-09 09:39 . 2001-11-26 22:13	114688	----a-w-	c:\windows\SysWow64\CCGNU32.dll
2011-04-09 09:39 . 2004-08-04 02:21	81920	----a-w-	c:\windows\SysWow64\msado25.tlb
2011-04-09 09:39 . 1999-04-16 22:06	10752	----a-w-	c:\windows\SysWow64\aamd532.dll
2011-04-09 09:39 . 2004-06-09 13:59	939224	----a-w-	c:\windows\SysWow64\Flash.ocx
2011-04-09 09:39 . 2004-03-01 18:55	561179	----a-w-	c:\windows\SysWow64\dao360.dll
2011-04-09 09:39 . 2001-09-07 12:00	59904	----a-w-	c:\windows\SysWow64\wbemdisp.tlb
2011-04-09 09:39 . 2001-09-07 11:00	61440	----a-w-	c:\windows\SysWow64\msado20.tlb
2011-04-09 09:39 . 1998-06-08 22:00	137216	----a-w-	c:\windows\SysWow64\MSDERUN.DLL
2011-04-09 09:36 . 2011-04-09 14:49	--------	d-----w-	c:\program files (x86)\Net Tools
2011-04-09 09:13 . 2011-03-15 05:17	8424784	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0A2D22E-F049-479A-B55D-355AB4FC602F}\mpengine.dll
2011-04-08 12:47 . 2011-04-09 10:55	--------	d-----w-	c:\program files (x86)\megui
2011-04-08 11:22 . 2011-04-08 11:32	--------	d-----w-	c:\program files (x86)\Movie Subtitles Searcher
2011-04-08 11:09 . 2011-04-08 11:09	--------	d-----w-	c:\program files (x86)\Web Publish
2011-04-08 11:07 . 2011-04-08 11:07	--------	d-----w-	c:\windows\msapps
2011-04-08 08:36 . 2011-04-08 08:36	--------	d-----w-	c:\users\Niels\AppData\Local\PSU
2011-04-06 19:00 . 2011-04-06 19:00	--------	d-----w-	c:\users\Elise\AppData\Local\{F090B783-8EE3-49A1-BDCD-99CDFEE13C13}
2011-04-04 17:39 . 2011-04-04 17:40	--------	d-----w-	c:\users\Elise\AppData\Local\{7CA3AE04-E351-4A94-BFDF-0E6DDF0B5667}
2011-04-03 16:59 . 2011-04-03 16:59	--------	d-----w-	c:\users\Elise\AppData\Local\{DCA68806-C472-4F07-9862-CBE72BA1ECCA}
2011-04-02 08:59 . 2011-04-02 08:59	--------	d-----w-	c:\program files (x86)\SmartDoctor
2011-04-01 20:24 . 2011-04-01 20:24	--------	d-----w-	c:\users\Elise\AppData\Local\{3940439B-B2D5-4B6C-8597-78D6BB636919}
2011-04-01 12:25 . 2011-04-01 12:25	--------	d-----w-	c:\users\Niels\AppData\Roaming\Apple Computer
2011-03-31 14:50 . 2011-01-17 11:09	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-03-31 14:50 . 2011-01-17 05:47	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-03-31 13:35 . 2011-03-31 13:35	--------	d-----w-	c:\program files (x86)\USB_video_device
2011-03-31 13:34 . 2011-03-31 13:34	--------	d-----w-	c:\users\Niels\AppData\Roaming\InstallShield
2011-03-28 14:42 . 2011-03-18 18:03	142296	----a-w-	c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-28 14:42 . 2011-03-18 18:03	781272	----a-w-	c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-28 14:42 . 2011-03-18 18:03	728024	----a-w-	c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-28 14:42 . 2011-03-18 18:03	1975768	----a-w-	c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-28 14:42 . 2011-03-18 18:03	1893336	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-28 14:42 . 2011-03-18 18:03	1874904	----a-w-	c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-03-28 14:42 . 2011-03-18 18:03	15832	----a-w-	c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-28 14:42 . 2011-03-18 18:03	142296	----a-w-	c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-03-27 18:03 . 2011-03-27 18:03	--------	d-----w-	c:\users\Elise\AppData\Local\{32633AA9-9B15-4367-AE5A-F8A78FD75521}
2011-03-26 23:41 . 2011-03-26 23:41	--------	d-----w-	c:\users\Elise\AppData\Local\{AB1DEF9A-3A58-4346-840E-D1391D8C1A1C}
2011-03-26 09:14 . 2011-03-26 09:14	--------	d-----w-	c:\users\Niels\AppData\Local\{EA35F084-99DF-4ECD-95ED-F72E4578FA2B}
2011-03-25 19:58 . 2011-03-25 19:58	--------	d-----w-	c:\users\Elise\AppData\Local\{E6AF9E86-81A5-4E9C-BB6C-48861500B8D5}
2011-03-25 18:23 . 2011-03-25 18:23	--------	d-----w-	c:\users\Niels\AppData\Local\{EAE2671B-997F-4C6D-9490-A6F4A6172F69}
2011-03-24 19:18 . 2011-03-24 19:19	--------	d-----w-	c:\users\Elise\AppData\Local\{FD218D09-BE8A-435A-BE06-7A4C9AFB4CF7}
2011-03-23 13:11 . 2011-03-23 13:11	--------	d-----w-	c:\users\Elise\AppData\Local\{72C3C0E6-47AE-4739-BDED-B7045FACAF15}
2011-03-22 17:07 . 2011-03-22 17:07	--------	d-----w-	c:\users\Elise\AppData\Local\{408A0D30-AA74-423E-B47B-2B1442C56E40}
2011-03-22 10:03 . 2011-03-22 10:03	--------	d-----w-	c:\users\Niels\AppData\Local\{FF641A4D-DDA3-4B43-A1AB-23DB0C52A051}
2011-03-21 17:44 . 2011-03-21 17:44	--------	d-----w-	c:\program files\WinPcap
2011-03-21 17:44 . 2011-03-21 17:44	--------	d-----w-	c:\program files (x86)\XBSlink
2011-03-21 06:49 . 2011-03-21 06:49	--------	d-----w-	c:\users\Niels\AppData\Local\{B7F5B157-9D6B-47C5-A35F-08DEB81ECA0F}
2011-03-20 19:49 . 2011-03-20 19:49	--------	d-----w-	c:\users\Elise\AppData\Local\{E4EA7BB7-CA51-4FD0-8D27-EEB412963909}
2011-03-20 09:49 . 2011-03-20 09:49	--------	d-----w-	c:\users\Niels\AppData\Local\{6197BEA3-8E18-4525-9167-A3773A99EADD}
2011-03-19 19:45 . 2011-03-19 19:45	--------	d-----w-	c:\users\Elise\AppData\Local\{43216C0B-3F08-4054-9494-474EA87D2C7C}
2011-03-19 08:58 . 2011-03-19 08:58	--------	d-----w-	c:\users\Niels\AppData\Local\{FAF8A91D-806B-4476-AAAC-EA3F50568A6E}
2011-03-18 17:13 . 2011-03-18 17:13	--------	d-----w-	c:\users\Elise\AppData\Local\{B559229C-3161-49AB-85BB-AA4AA0ECFBC8}
2011-03-17 12:19 . 2011-03-17 12:19	--------	d-----w-	c:\users\Niels\AppData\Local\{809F0F08-D84B-4040-9749-E01A345A946E}
2011-03-16 05:36 . 2011-03-16 05:37	--------	d-----w-	c:\users\Niels\AppData\Local\{CF4AEA56-2E43-42E7-B794-737C9F4D4AF3}
2011-03-15 18:48 . 2011-03-15 18:48	--------	d-----w-	c:\users\Elise\AppData\Local\{4D39111D-40CB-4616-AF61-19C9376751C6}
2011-03-15 09:32 . 2011-03-15 09:32	--------	d-----w-	c:\users\Niels\AppData\Local\{50429E2A-336E-4526-835B-F593FDC0BFBF}
2011-03-14 19:59 . 2011-03-14 19:59	--------	d-----w-	c:\users\Elise\AppData\Local\{4447420A-FD04-4DE1-8F15-F9323FDC6F16}
2011-03-14 17:31 . 2011-03-14 17:31	0	----a-w-	c:\windows\SysWow64\ConduitEngine.tmp
2011-03-14 17:29 . 2011-03-14 17:29	--------	d-----w-	c:\program files (x86)\Conduit
2011-03-14 17:29 . 2011-03-14 17:31	--------	d-----w-	c:\program files (x86)\ESCOFLiP
2011-03-14 17:29 . 2011-03-14 17:29	--------	d-----w-	c:\users\Niels\AppData\Local\Conduit
2011-03-14 11:55 . 2011-03-14 11:56	--------	d-----w-	c:\users\Niels\AppData\Local\{C37B7401-9283-4C69-A423-EDD1CD32AFD6}
2011-03-13 13:03 . 2011-03-13 13:03	--------	d-----w-	c:\users\Elise\AppData\Local\{AD75D8BA-9CEF-4376-A947-DC37029D8366}
2011-03-13 10:01 . 2011-03-13 10:01	--------	d-----w-	c:\program files (x86)\ElcomSoft
2011-03-13 08:44 . 2011-03-13 08:44	388096	----a-r-	c:\users\Niels\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-13 08:39 . 2011-03-13 08:39	--------	d-----w-	c:\users\Niels\AppData\Local\{E59331F0-7C45-48C8-92B1-45F3CB0D13A9}
2011-03-12 15:39 . 2011-03-12 15:40	--------	d-----w-	c:\users\Elise\AppData\Local\{26544A3F-832C-4BB5-968B-F377E7ADA362}
2011-03-11 23:12 . 2011-03-11 23:13	--------	d-----w-	c:\users\Niels\AppData\Local\{A954524D-778A-43F4-AC9C-FEED09DD6FB2}
2011-03-11 23:00 . 2011-03-13 10:34	--------	d-----w-	c:\program files (x86)\RAR Password Recovery Magic
2011-03-11 10:45 . 2011-03-11 10:46	--------	d-----w-	c:\users\Niels\AppData\Local\{3CFBEE3F-145A-4D00-AB14-AE9A4D44255D}
2011-03-11 10:44 . 2011-03-25 19:54	--------	d-----w-	c:\users\Niels\AppData\Roaming\BitTorrent
2011-03-10 18:26 . 2011-03-10 18:26	--------	d-----w-	c:\users\Elise\AppData\Local\{FB6A4ACE-D499-4FD5-AFC3-8EA0DA6DC31D}
2011-03-10 18:02 . 2011-03-10 18:02	--------	d-----w-	c:\users\Elise\AppData\Local\Mozilla
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-31 11:58 . 2011-02-10 18:03	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-31 11:58 . 2011-02-10 18:03	704320	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-03-28 15:36 . 2011-01-16 21:56	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-03-28 15:36 . 2011-01-16 21:56	704320	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-03-10 16:33 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-03-10 16:33 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-03-09 12:13 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-19 12:05 . 2011-03-09 08:51	1139200	----a-w-	c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-09 08:51	1544192	----a-w-	c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-09 08:50	902656	----a-w-	c:\windows\system32\d2d1.dll
2011-02-19 06:30 . 2011-03-09 08:51	1076736	----a-w-	c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-09 08:50	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2011-02-08 16:34 . 2011-02-08 16:34	254528	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-07 16:34 . 2010-09-04 17:16	513080	----a-w-	c:\windows\system32\drivers\sptd.sys
2011-02-02 20:40 . 2010-09-08 15:25	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-02-02 17:11 . 2010-09-04 16:50	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-01-31 19:16 . 2010-09-16 19:48	215128	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2011-01-31 19:16 . 2010-09-16 19:48	215128	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2011-01-28 20:57 . 2011-01-28 20:57	2434856	----a-w-	c:\windows\SysWow64\pbsvc_bc2.exe
2011-01-21 20:49 . 2011-01-21 20:49	8120320	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2011-01-21 20:49 . 2011-01-21 20:49	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2011-01-21 20:49 . 2011-01-21 20:49	21610496	----a-w-	c:\windows\system32\atio6axx.dll
2011-01-21 20:49 . 2011-01-21 20:49	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2011-01-21 20:49 . 2011-01-21 20:49	6815232	----a-w-	c:\windows\system32\aticaldd64.dll
2011-01-21 20:49 . 2010-09-29 01:15	351232	----a-w-	c:\windows\system32\atiadlxx.dll
2011-01-21 20:49 . 2010-09-29 01:14	39936	----a-w-	c:\windows\system32\atiuxp64.dll
2011-01-21 20:49 . 2011-01-21 20:49	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2011-01-21 20:49 . 2011-01-21 20:49	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2011-01-21 20:49 . 2011-01-21 20:49	143360	----a-w-	c:\windows\system32\atiapfxx.exe
2011-01-21 20:49 . 2011-01-21 20:49	3460096	----a-w-	c:\windows\SysWow64\atiumdva.dll
2011-01-21 20:49 . 2011-01-21 20:49	16702976	----a-w-	c:\windows\SysWow64\atioglxx.dll
2011-01-21 20:49 . 2011-01-21 20:49	3217408	----a-w-	c:\windows\system32\atiumd6a.dll
2011-01-21 20:49 . 2011-01-21 20:49	120320	----a-w-	c:\windows\system32\atitmm64.dll
2011-01-21 20:49 . 2011-01-21 20:49	30720	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2011-01-21 20:49 . 2011-01-21 20:49	5258240	----a-w-	c:\windows\system32\atiumd64.dll
2011-01-21 20:49 . 2011-01-21 20:49	203776	----a-w-	c:\windows\system32\atiesrxx.exe
2011-01-21 20:49 . 2011-01-21 20:49	12800	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2011-01-21 20:49 . 2011-01-21 20:49	12800	----a-w-	c:\windows\system32\atiglpxx.dll
2011-01-21 20:49 . 2011-01-21 20:49	59392	----a-w-	c:\windows\system32\atiedu64.dll
2011-01-21 20:49 . 2010-09-29 01:49	423424	----a-w-	c:\windows\system32\atipdl64.dll
2011-01-21 20:49 . 2011-01-21 20:49	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2011-01-21 20:49 . 2011-01-21 20:49	478720	----a-w-	c:\windows\system32\atieclxx.exe
2011-01-21 20:49 . 2011-01-21 20:49	289792	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2011-01-21 20:49 . 2011-01-21 20:49	14848	----a-w-	c:\windows\system32\atig6pxx.dll
2011-01-21 20:49 . 2011-01-21 20:49	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2011-01-21 20:49 . 2011-01-21 20:49	249856	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2011-01-21 20:49 . 2011-01-21 20:49	16384	----a-w-	c:\windows\system32\atimuixx.dll
2011-01-21 20:49 . 2011-01-21 20:49	5441024	----a-w-	c:\windows\SysWow64\aticaldd.dll
2011-01-21 20:49 . 2011-01-21 20:49	550400	----a-w-	c:\windows\SysWow64\aticfx32.dll
2011-01-21 20:49 . 2010-08-04 01:23	58880	----a-w-	c:\windows\system32\coinst.dll
2011-01-21 20:49 . 2011-01-21 20:49	31744	----a-w-	c:\windows\system32\atig6txx.dll
2011-01-21 20:49 . 2011-01-21 20:49	27136	----a-w-	c:\windows\SysWow64\atigktxx.dll
2011-01-21 20:49 . 2011-01-21 20:49	356352	----a-w-	c:\windows\SysWow64\atipdlxx.dll
2011-01-21 20:49 . 2011-01-21 20:49	53760	----a-w-	c:\windows\system32\atimpc64.dll
2011-01-21 20:49 . 2011-01-21 20:49	53760	----a-w-	c:\windows\system32\amdpcom64.dll
2011-01-21 20:49 . 2011-01-21 20:49	4066816	----a-w-	c:\windows\SysWow64\atidxx32.dll
2011-01-21 20:49 . 2010-09-29 01:37	4794368	----a-w-	c:\windows\system32\atidxx64.dll
2011-01-21 20:49 . 2010-09-29 01:13	37888	----a-w-	c:\windows\system32\atiu9p64.dll
2011-01-21 20:49 . 2011-01-21 20:49	52736	----a-w-	c:\windows\SysWow64\atimpc32.dll
2011-01-21 20:49 . 2011-01-21 20:49	52736	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2011-01-21 20:49 . 2011-01-21 20:49	462848	----a-w-	c:\windows\system32\ATIDEMGX.dll
2011-01-21 20:49 . 2011-01-21 20:49	4122624	----a-w-	c:\windows\SysWow64\atiumdag.dll
2011-01-21 20:49 . 2010-09-29 01:54	648704	----a-w-	c:\windows\system32\aticfx64.dll
2011-01-21 20:49 . 2010-09-29 01:13	28672	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2011-01-21 20:49 . 2011-01-21 20:49	278528	----a-w-	c:\windows\SysWow64\Oemdspif.dll
2011-01-21 20:47 . 2011-01-21 20:47	9616	----a-w-	c:\windows\SysWow64\ealregsnapshot1.reg
2011-01-10 19:19 . 2010-11-13 22:40	82816	----a-w-	c:\users\Niels\AppData\Roaming\pcouffin.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2010-03-08 5174568]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2010-03-08 5174568]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-06-07 618496]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
c:\users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
emMon.lnk - c:\program files (x86)\USB_video_device\Driver\Driver32\emmon.exe [2011-3-31 81408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoViewContexMenu"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoUserNameInStart"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
R1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2010-11-30 194728]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2010-12-20 63992]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [x]
R3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WINFLASH64;WINFLASH64;c:\users\Elise\Desktop\Winflash\WinFlash64.sys [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\Telenet Security Pack\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\Telenet Security Pack\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64-stuurprogramma;c:\windows\system32\DRIVERS\Rtnic64.sys [x]
S3 SiSGbeLH;SiS191/SiS190 NDIS 6.0-stuurprogramma voor Ethernet-apparaat;c:\windows\system32\DRIVERS\SiSG664.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2011-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100342236-492287434-466883542-1001Core.job
- c:\users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 23:13]
.
2011-04-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100342236-492287434-466883542-1001UA.job
- c:\users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-12 23:13]
.
2011-04-09 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\TELENE~1\ANTI-V~1\fsav.exe [2010-10-24 15:56]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF32005.cfxxe" [X]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.facemoods.com/?a=ost
mStart Page = hxxp://nl.woofi.info
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: {B10EB023-E3FD-44B4-8033-829852D1B162} = 192.168.0.1
FF - ProfilePath - c:\users\Niels\AppData\Roaming\Mozilla\Firefox\Profiles\55eg7tcw.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://start.facemoods.com/results.php?f=5&a=ost&q=
.
- - - - ORPHANS VERWIJDERD - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll
Wow6432Node-HKLM-Run-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D47A8D7D-F7B2-48A9-B8D6-B44484D51B89} - (no file)
AddRemove-AutocompletePro2_is1 - c:\program files (x86)\AutocompletePro\unins000.exe
AddRemove-BFG-Mystery Case Files - Terug naar Ravenhearst - i:\games\Mystery Case Files - Terug naar Ravenhearst\Uninstall.exe
AddRemove-facemoods - c:\program files (x86)\facemoods.com\facemoods\1.4.17.3\uninstall.exe
AddRemove-Grand Theft Auto - d:\games\gta\Uninst.isu
AddRemove-Grand Theft Auto IV_is1 - d:\games\Grand Theft Auto IV\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-Sacred Underworld_is1 - d:\games\Sacred Underworld\unins000.exe
AddRemove-Sanny Builder 3_is1 - d:\program files\Sanny Builder 3\unins000.exe
AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-Star Wars Battlefront II_is1 - d:\games\Lucas Arts\Star Wars Battlefront II\unins000.exe
AddRemove-Tipard Blu-ray Converter_is1 - d:\tipard blu-ray converter\unins000.exe
AddRemove-Unreal - i:\ze\System\Uninst.isu
AddRemove-Unreal - Return To Na Pali - i:\games
AddRemove-Xfire - i:\program files\Xfire\uninst.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-2100342236-492287434-466883542-1002\Software\SecuROM\License information*]
"datasecu"=hex:9f,6f,50,61,b2,a6,cc,50,0d,57,a2,50,e2,e2,0f,4d,f0,6b,ba,4d,77,
   ef,a0,b4,a3,3d,ef,a1,ad,7b,49,18,10,8a,fb,f9,2f,f9,7e,c2,d6,53,e7,00,11,b3,\
"rkeysecu"=hex:5e,20,d8,6c,6a,6f,d6,ee,a9,9f,bb,24,a0,38,bc,f9
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2011-04-09  19:09:47
ComboFix-quarantined-files.txt  2011-04-09 17:09
.
Pre-Run: 17.397.321.728 bytes beschikbaar
Post-Run: 17.036.115.968 bytes beschikbaar
.
- - End Of File - - CF0F8B58E815C3B2A816BC80D327312E