ComboFix 11-05-21.03 - Hilaire 22/05/2011  18:33:09.10.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.32.1043.18.958.226 [GMT 2:00]
Gestart vanuit: c:\users\Hilaire\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Hilaire\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\StartUp\OpenOffice.org 3.2 .lnk
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-04-22 to 2011-05-22  ))))))))))))))))))))))))))))))
.
.
2011-05-22 16:43 . 2011-05-22 16:43	--------	d-----w-	c:\users\Hilaire\AppData\Local\temp
2011-05-22 16:43 . 2011-05-22 16:43	--------	d-----w-	c:\users\Public\AppData\Local\temp
2011-05-22 16:43 . 2011-05-22 16:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-05-21 07:25 . 2011-05-09 20:46	6962000	----a-w-	c:\progra~2\Microsoft\Windows Defender\Definition Updates\{56E70163-47FD-4304-9B59-9904AAB165A4}\mpengine.dll
2011-05-19 08:57 . 2011-05-19 18:18	--------	d-----w-	c:\progra~2\tmp
2011-05-19 08:52 . 2011-05-19 08:52	--------	d-----w-	c:\users\Hilaire\AppData\Local\{10FD886E-30D9-46F2-93A9-76BFF4BF0BBA}
2011-05-19 08:52 . 2011-05-19 08:52	--------	d-----w-	c:\users\Hilaire\AppData\Local\{63CAA081-713D-454A-ACE2-55BD185CB08B}
2011-05-16 14:44 . 2011-05-16 14:44	--------	d-----w-	c:\program files\FireTrust
2011-05-12 14:25 . 2011-04-07 12:01	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-05-09 07:41 . 2011-05-09 07:41	--------	d-----w-	c:\program files\Common Files\Java
2011-05-08 17:31 . 2011-05-08 17:32	--------	d-----w-	c:\program files\FoxTabVideoConverter
2011-05-08 17:16 . 2011-02-02 19:40	472808	----a-w-	c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-05-03 18:07 . 2011-05-03 18:07	--------	d-----w-	c:\users\Hilaire\AppData\Local\{19116B13-1E36-430F-BFC2-97D16D5C02C8}
2011-05-02 18:10 . 2009-09-04 15:29	1892184	----a-w-	c:\windows\system32\D3DX9_42.dll
2011-05-02 15:31 . 2011-05-16 09:07	--------	d-----w-	c:\users\Hilaire\Video
2011-05-01 16:19 . 2011-05-01 16:19	--------	d-----w-	c:\program files\Speccy
2011-05-01 15:42 . 2011-05-01 15:42	--------	d-----w-	c:\users\Hilaire\AppData\Local\{274211D8-6241-4F88-B68C-B6DC92A56487}
2011-04-29 12:43 . 2011-04-29 12:43	--------	d-----w-	c:\users\Hilaire\AppData\Local\{6D76665B-CEEE-4286-B49C-606B638DF2FE}
2011-04-29 00:05 . 2011-02-16 14:02	292864	----a-w-	c:\windows\system32\atmfd.dll
2011-04-29 00:05 . 2011-02-16 16:16	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-04-29 00:05 . 2011-02-22 13:24	213504	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 00:03 . 2011-03-12 21:55	876032	----a-w-	c:\windows\system32\XpsPrint.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-25 18:47 . 2011-03-25 18:47	86528	----a-w-	c:\windows\system32\iesysprep.dll
2011-03-25 18:47 . 2011-03-25 18:47	76800	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-03-25 18:47 . 2011-03-25 18:47	74752	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-03-25 18:47 . 2011-03-25 18:47	63488	----a-w-	c:\windows\system32\tdc.ocx
2011-03-25 18:47 . 2011-03-25 18:47	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-03-25 18:47 . 2011-03-25 18:47	161792	----a-w-	c:\windows\system32\msls31.dll
2011-03-25 18:47 . 2011-03-25 18:47	1126912	----a-w-	c:\windows\system32\wininet.dll
2011-03-25 18:47 . 2011-03-25 18:47	74752	----a-w-	c:\windows\system32\iesetup.dll
2011-03-25 18:47 . 2011-03-25 18:47	420864	----a-w-	c:\windows\system32\vbscript.dll
2011-03-25 18:47 . 2011-03-25 18:47	367104	----a-w-	c:\windows\system32\html.iec
2011-03-25 18:47 . 2011-03-25 18:47	23552	----a-w-	c:\windows\system32\licmgr10.dll
2011-03-25 18:47 . 2011-03-25 18:47	152064	----a-w-	c:\windows\system32\wextract.exe
2011-03-25 18:47 . 2011-03-25 18:47	150528	----a-w-	c:\windows\system32\iexpress.exe
2011-03-25 18:47 . 2011-03-25 18:47	1427456	----a-w-	c:\windows\system32\inetcpl.cpl
2011-03-25 18:47 . 2011-03-25 18:47	35840	----a-w-	c:\windows\system32\imgutil.dll
2011-03-25 18:47 . 2011-03-25 18:47	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-03-25 18:47 . 2011-03-25 18:47	1797632	----a-w-	c:\windows\system32\jscript9.dll
2011-03-25 18:47 . 2011-03-25 18:47	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2011-03-25 18:47 . 2011-03-25 18:47	11776	----a-w-	c:\windows\system32\mshta.exe
2011-03-25 18:47 . 2011-03-25 18:47	110592	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-03-25 18:47 . 2011-03-25 18:47	101888	----a-w-	c:\windows\system32\admparse.dll
2011-03-10 09:47 . 2010-06-24 09:33	18328	----a-w-	c:\progra~2\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-07 17:40 . 2011-03-07 17:40	98392	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2011-03-04 19:44 . 2006-07-24 01:00	45648	------w-	c:\windows\system32\drivers\pxhelp20.sys
2011-03-03 15:40 . 2011-04-29 00:04	173056	----a-w-	c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-04-29 00:04	458752	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-04-29 00:04	542720	----a-w-	c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-04-29 00:04	2159616	----a-w-	c:\windows\apppatch\AcGenral.dll
2011-02-28 11:10 . 2011-02-28 11:10	9216	----a-r-	c:\users\Hilaire\AppData\Roaming\Microsoft\Installer\{7426428E-71D4-452C-BA13-B14E5EB52859}\Icon7426428E16.exe
2011-02-23 15:04 . 2010-12-14 10:19	40648	----a-w-	c:\windows\avastSS.scr
2011-02-23 15:04 . 2010-12-14 10:19	190016	----a-w-	c:\windows\system32\aswBoot.exe
2011-02-23 14:56 . 2011-03-07 16:23	371544	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-02-23 14:56 . 2010-12-14 10:19	301528	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2010-12-14 10:19	49240	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2010-12-14 10:19	25432	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2010-12-14 10:19	53592	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2010-12-14 10:19	19544	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-02-22 14:13 . 2011-03-23 08:22	288768	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-02-22 13:33 . 2011-03-23 08:22	1068544	----a-w-	c:\windows\system32\DWrite.dll
2011-02-22 13:33 . 2011-03-23 08:22	797696	----a-w-	c:\windows\system32\FntCache.dll
2011-05-03 08:44 . 2011-03-25 18:28	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04	122512	----a-w-	c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-03 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech BT Wizard"="LBTWiz.exe -silent" [X]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-02-23 3451496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-11 101136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2011-5-3 679936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech BT Wizard]
LBTWiz.exe -silent [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07	932288	----a-r-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44	35760	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen]
2010-10-14 08:11	487424	----a-w-	c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Password Guard v2]
2008-02-11 23:00	1838592	----a-w-	c:\progra~1\SYDATEC\PASSWO~1\pwguard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 12:49	249064	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-03-03 15:49	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3610711996-1769753261-2712777353-1000]
"EnableNotificationsRef"=dword:00000001
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 135664]
R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-02-02 121480]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 135664]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-19 21504]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [2011-02-02 1176712]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
nosGetPlusHelper	REG_MULTI_SZ   	nosGetPlusHelper
.
Inhoud van de 'Gedeelde Taken' map
.
2011-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 15:49]
.
2011-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 15:49]
.
2011-05-22 c:\windows\Tasks\User_Feed_Synchronization-{7DF20E1A-0DCE-461E-A17B-4A27F5EBEB49}.job
- c:\windows\system32\msfeedssync.exe [2011-03-25 18:47]
.
2010-10-02 c:\windows\Tasks\User_Feed_Synchronization-{E44D27E0-7B62-432F-8035-1BBB9729ED05}.job
- c:\windows\system32\msfeedssync.exe [2011-03-25 18:47]
.
.
------- Bijkomende Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://www.bigseekpro.com/burn4free/{7D95CA6D-DA29-4768-86D2-DA8F0A42221B}
uInternet Settings,ProxyOverride = local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - hxxp://www.tele2.be/mailconfig/config/bin/AccountHelper.cab
FF - ProfilePath - c:\users\Hilaire\AppData\Roaming\Mozilla\Firefox\Profiles\l2kiirok.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-22 18:43
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
.
C:\## aswSnx private storage
.
Scan succesvol afgerond
verborgen bestanden: 1
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,7b,e1,8f,58,c2,45,4a,95,17,2a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,68,7b,e1,8f,58,c2,45,4a,95,17,2a,\
.
Voltooingstijd: 2011-05-22  18:47:15
ComboFix-quarantined-files.txt  2011-05-22 16:47
ComboFix2.txt  2011-03-12 18:58
ComboFix3.txt  2010-12-14 17:38
.
Pre-Run: 191.845.613.568 bytes beschikbaar
Post-Run: 191.886.008.320 bytes beschikbaar
.
Current=1 Default=1 Failed=0 LastKnownGood=9 Sets=1,2,3,4,5,6,7,8,9
- - End Of File - - AF5830D16EB24ECC52D1CE1E46B2DD8A