ComboFix 10-10-08.01 - v730523 09/10/2010  12:33:51.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.32.1043.18.1982.1205 [GMT 2:00]
Gestart vanuit: c:\users\v730523\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((   Bestanden Gemaakt van 2010-09-09 to 2010-10-09  ))))))))))))))))))))))))))))))
.

2010-10-09 10:46 . 2010-10-09 10:46	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-10-09 10:46 . 2010-10-09 10:46	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-10-09 10:29 . 2010-10-09 10:29	--------	d-----w-	C:\32788R22FWJFW
2010-10-07 13:33 . 2010-10-09 10:46	--------	d-----w-	c:\users\v730523\AppData\Local\temp
2010-10-06 18:15 . 2010-10-06 18:15	--------	d-----w-	c:\users\v730523\AppData\Roaming\Malwarebytes
2010-10-06 18:14 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-06 18:14 . 2010-10-06 19:00	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-10-06 18:14 . 2010-10-06 18:14	--------	d-----w-	c:\programdata\Malwarebytes
2010-10-06 18:14 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-10-04 11:48 . 2010-10-04 11:50	--------	d-----w-	c:\users\v730523\AppData\Local\Temp(9)
2010-10-02 19:20 . 2010-10-02 19:20	--------	d-----w-	c:\programdata\PassMark
2010-10-02 19:20 . 2010-10-02 19:20	--------	d-----w-	c:\program files\BurnInTest
2010-09-21 17:16 . 2010-09-21 17:16	552	----a-w-	c:\users\v730523\AppData\Local\d3d8caps.dat

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-09 10:33 . 2008-02-26 01:54	667352	----a-w-	c:\windows\system32\perfh013.dat
2010-10-09 10:33 . 2008-02-26 01:54	126854	----a-w-	c:\windows\system32\perfc013.dat
2010-10-09 10:11 . 2010-10-02 19:59	28029	----a-w-	c:\programdata\nvModes.dat
2010-10-09 09:57 . 2008-02-25 18:03	--------	d-----w-	c:\programdata\Symantec
2010-10-09 09:57 . 2008-02-25 18:03	--------	d-----w-	c:\program files\Common Files\Symantec Shared
2010-10-09 09:37 . 2006-11-02 10:25	86016	----a-w-	c:\windows\Inf\infstor.dat
2010-10-09 09:37 . 2006-11-02 10:25	51200	----a-w-	c:\windows\Inf\infpub.dat
2010-10-09 09:37 . 2006-11-02 10:25	143360	----a-w-	c:\windows\Inf\infstrng.dat
2010-10-09 09:37 . 2010-04-29 13:48	--------	d-----w-	c:\program files\a-squared Anti-Malware
2010-10-08 07:51 . 2010-10-08 07:51	0	---ha-w-	c:\users\v730523\BITFDEF.tmp
2010-10-07 14:07 . 2009-07-11 18:48	--------	d-----w-	c:\users\v730523\AppData\Roaming\MxBoost
2010-10-07 13:56 . 2010-03-09 12:38	--------	d-----w-	c:\users\v730523\AppData\Roaming\LimeWire
2010-10-06 18:29 . 2008-06-09 12:37	70808	----a-w-	c:\users\v730523\AppData\Local\GDIPFONTCACHEV1.DAT
2010-10-06 18:21 . 2008-07-25 17:55	1356	----a-w-	c:\users\v730523\AppData\Local\d3d9caps.dat
2010-10-06 18:12 . 2010-04-19 18:11	--------	d-----w-	c:\program files\Zynga
2010-10-06 18:12 . 2010-03-09 12:36	--------	d-----w-	c:\program files\ToggleDU
2010-10-05 10:59 . 2009-11-06 17:03	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-10-05 10:59 . 2008-08-21 07:17	--------	d-----w-	c:\program files\Google
2010-10-04 14:28 . 2009-08-15 13:55	--------	d-----w-	c:\programdata\Google Updater
2010-10-02 20:00 . 2008-04-17 10:37	--------	d-----w-	c:\programdata\NVIDIA
2010-09-21 17:16 . 2010-09-21 17:16	552	----a-w-	c:\users\v730523\AppData\Local\d3d8caps.tmp
2010-08-17 16:42 . 2008-02-25 19:03	--------	d-----w-	c:\program files\Common Files\Java
2010-08-17 16:38 . 2008-02-25 19:04	--------	d-----w-	c:\program files\Java
2010-08-12 23:17 . 2008-06-09 12:18	--------	d-----w-	c:\program files\Microsoft Works
2010-08-12 23:08 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-07-24 16:34 . 2009-08-02 21:35	24467	----a-w-	c:\users\v730523\AppData\Roaming\mdb.bin
2010-07-17 03:00 . 2010-05-31 07:15	423656	----a-w-	c:\windows\system32\deployJava1.dll
2008-02-26 02:32 . 2008-02-26 02:18	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-09-07 251336]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2009-07-14 206128]
"a-squared"="c:\program files\A-SQUARED ANTI-MALWARE\a2guard.exe" [2010-07-30 3634568]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^v730523^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\v730523\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04	39792	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-06-16 07:03	75008	----a-w-	c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-10-14 20:17	49152	----a-w-	c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2007-09-13 07:47	480560	----a-w-	c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
2007-09-04 11:54	554320	----a-w-	c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]
2007-09-19 12:31	202032	----a-w-	c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-09-30 17:34	181544	----a-w-	c:\program files\HP\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44	248552	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-12-27 08:36	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WAWifiMessage]
2007-01-08 14:53	311296	----a-w-	c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 133104]
S1 a2injectiondriver;a2injectiondriver;c:\program files\a-squared Anti-Malware\a2dix86.sys [2010-08-15 41816]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files\a-squared Anti-Malware\a2util32.sys [2010-05-10 11776]
S2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared Anti-Malware\a2service.exe [2010-07-30 1935656]
S3 a2acc;a2acc;c:\program files\A-SQUARED ANTI-MALWARE\a2accx86.sys [2010-06-28 71008]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map

2010-10-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-21 13:55]

2010-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 18:37]

2010-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-05 18:37]

2010-10-08 c:\windows\Tasks\HPCeeScheduleForv730523.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-02-25 10:58]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=81&bd=Pavilion&pf=laptop
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://ips.poi.de/ips-opdata/layout/fnac/objects/jordan.cab
FF - ProfilePath - c:\users\v730523\AppData\Roaming\Mozilla\Firefox\Profiles\ttd3g2co.default\
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\v730523\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS VERWIJDERD - - - -

MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe


.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(1172)
c:\windows\system32\ExplorerFrame.dll
c:\program files\IncrediMail\bin\B4ImApp.dll
c:\windows\system32\MLANG.dll
.
Voltooingstijd: 2010-10-09  12:51:40
ComboFix-quarantined-files.txt  2010-10-09 10:51
ComboFix2.txt  2010-10-08 09:08

Pre-Run: 78.196.051.968 bytes beschikbaar
Post-Run: 78.186.229.760 bytes beschikbaar

- - End Of File - - DF757CD0B67A13FAC1461BADFC1AF7F1