ComboFix 11-06-24.02 - Brian 25-06-2011   0:48.10.1 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.2038.1137 [GMT 2:00]
Gestart vanuit: c:\users\Brian\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Brian\Desktop\CFScript.txt..txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\ConduitEngine.tmp"
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Brian\AppData\Local\{1AF6D35A-16F3-4B70-A853-4D08F274C5DC}
c:\users\Brian\AppData\Local\{3FC72A34-B56B-419C-8C90-98636C95CE89}
c:\users\Brian\AppData\Local\{9A87B4E6-9974-4242-A104-928B49E2A8F4}
c:\users\Brian\AppData\Local\{B4B5DEFC-8F6F-4292-891F-D5C18FF12F54}
c:\users\Brian\AppData\Local\{E43C8180-2EF6-4866-A3D1-1B175664950D}
c:\users\Brian\AppData\Local\{EA8CF0D7-9813-473B-880D-A2DD3F0671CA}
c:\users\Brian\AppData\Local\{FCD8169F-E52A-4E83-BD6D-FA048B0C447F}
c:\users\Brian\AppData\Local\Conduit
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-05-24 to 2011-06-24  ))))))))))))))))))))))))))))))
.
.
2011-06-24 23:00 . 2011-06-24 23:00	--------	d-----w-	c:\users\Brian\AppData\Local\temp
2011-06-24 23:00 . 2011-06-24 23:00	--------	d-----w-	c:\users\Public\AppData\Local\temp
2011-06-24 23:00 . 2011-06-24 23:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-24 22:39 . 2011-06-24 22:39	28752	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6E0B4EA8-3BE8-4E65-9573-57CB800E8F28}\MpKsl1a2884cf.sys
2011-06-24 19:30 . 2011-06-07 15:55	7074640	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6E0B4EA8-3BE8-4E65-9573-57CB800E8F28}\mpengine.dll
2011-06-22 23:57 . 2011-06-22 23:57	--------	d-----w-	c:\users\Brian\AppData\Local\{8EC8D10B-BE04-4024-A1D8-B1E6E37DA3DB}
2011-06-22 00:49 . 2011-06-22 00:49	388096	----a-r-	c:\users\Brian\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-21 23:57 . 2011-06-21 23:57	0	----a-w-	c:\windows\system32\ConduitEngine.tmp
2011-06-21 23:57 . 2011-06-21 23:57	--------	d-----w-	c:\users\Brian\AppData\Local\Google
2011-06-18 17:48 . 2011-06-18 17:48	--------	d-----w-	c:\program files\Burn4Free
2011-06-18 00:18 . 2010-11-30 09:43	439632	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-06-18 00:17 . 2010-11-30 09:43	439632	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{89504F63-CF8E-4F64-825F-9108763CFFA1}\gapaengine.dll
2011-06-18 00:17 . 2011-06-07 15:55	7074640	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-14 23:42 . 2011-04-25 15:29	141104	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2011-06-14 23:42 . 2011-04-22 23:25	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-06-14 23:42 . 2011-04-22 23:35	1797632	----a-w-	c:\windows\system32\jscript9.dll
2011-06-14 23:26 . 2011-04-21 13:58	273408	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-14 23:25 . 2011-04-29 13:24	214016	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-14 23:25 . 2011-04-29 13:24	79872	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-14 23:25 . 2011-04-29 13:24	106496	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 23:25 . 2011-05-02 12:02	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-06-14 23:25 . 2010-12-20 16:35	563712	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-14 23:25 . 2011-05-02 17:16	739328	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-14 23:25 . 2011-04-29 13:25	146432	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-14 23:25 . 2011-04-29 13:25	102400	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-14 23:25 . 2011-04-14 14:59	75264	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-06-14 22:52 . 2011-06-14 22:53	--------	d-----w-	c:\program files\Microsoft Security Client
2011-06-14 22:51 . 2010-04-05 20:00	221568	----a-w-	c:\windows\system32\drivers\netio.sys
2011-06-12 17:45 . 2011-06-12 17:45	--------	d-----w-	c:\program files\Common Files\Java
2011-06-12 17:44 . 2011-06-12 17:44	--------	d-----w-	c:\program files\Java
2011-06-08 22:57 . 2011-06-01 13:34	51144	----a-w-	c:\windows\system32\drivers\Soluto.sys
2011-06-08 22:57 . 2011-06-08 22:57	--------	d-----w-	c:\program files\Soluto
2011-06-05 22:26 . 2011-06-22 00:49	--------	d-----w-	C:\test software
2011-06-05 22:17 . 2011-06-24 22:45	--------	d-----w-	C:\32788R22FWJFW
2011-05-26 20:51 . 2011-05-26 20:51	--------	d-----w-	c:\programdata\F-Secure
2011-05-26 20:46 . 2011-05-26 20:46	--------	d-----w-	c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-21 21:52 . 2011-05-22 22:03	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-12 17:44 . 2010-11-04 23:16	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-06-05 23:25 . 2011-05-11 01:23	17480	----a-w-	c:\windows\system32\drivers\hitmanpro35.sys
2011-05-29 07:11 . 2010-12-04 16:26	39984	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-12-04 16:26	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-04-28 18:17 . 2011-04-28 18:17	161792	----a-w-	c:\windows\system32\msls31.dll
2011-04-28 18:17 . 2011-04-28 18:17	1126912	----a-w-	c:\windows\system32\wininet.dll
2011-04-28 18:17 . 2011-04-28 18:17	86528	----a-w-	c:\windows\system32\iesysprep.dll
2011-04-28 18:17 . 2011-04-28 18:17	76800	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-04-28 18:17 . 2011-04-28 18:17	74752	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-04-28 18:17 . 2011-04-28 18:17	63488	----a-w-	c:\windows\system32\tdc.ocx
2011-04-28 18:17 . 2011-04-28 18:17	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-04-28 18:17 . 2011-04-28 18:17	367104	----a-w-	c:\windows\system32\html.iec
2011-04-28 18:17 . 2011-04-28 18:17	74752	----a-w-	c:\windows\system32\iesetup.dll
2011-04-28 18:17 . 2011-04-28 18:17	23552	----a-w-	c:\windows\system32\licmgr10.dll
2011-04-28 18:17 . 2011-04-28 18:17	1427456	----a-w-	c:\windows\system32\inetcpl.cpl
2011-04-28 18:17 . 2011-04-28 18:17	420864	----a-w-	c:\windows\system32\vbscript.dll
2011-04-28 18:17 . 2011-04-28 18:17	152064	----a-w-	c:\windows\system32\wextract.exe
2011-04-28 18:17 . 2011-04-28 18:17	150528	----a-w-	c:\windows\system32\iexpress.exe
2011-04-28 18:17 . 2011-04-28 18:17	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2011-04-28 18:17 . 2011-04-28 18:17	11776	----a-w-	c:\windows\system32\mshta.exe
2011-04-28 18:17 . 2011-04-28 18:17	35840	----a-w-	c:\windows\system32\imgutil.dll
2011-04-28 18:17 . 2011-04-28 18:17	101888	----a-w-	c:\windows\system32\admparse.dll
2011-04-28 18:17 . 2011-04-28 18:17	110592	----a-w-	c:\windows\system32\IEAdvpack.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2009-01-20 3563520]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-04 4907008]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2010-01-21 883200]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	\0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HyvesDesktop.exe]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59	254696	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51	17408	----a-w-	c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-858306250-2938697709-906041462-1000]
"EnableNotificationsRef"=dword:00000001
.
R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2011-06-01 51144]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-06-01 366624]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-11-07 38976]
R3 PSSDKLBF;PSSDKLBF;c:\windows\system32\Drivers\pssdklbf.sys [2010-11-07 53312]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-01-13 129440]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-02-07 717296]
S1 MpKsl1a2884cf;MpKsl1a2884cf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6E0B4EA8-3BE8-4E65-9573-57CB800E8F28}\MpKsl1a2884cf.sys [2011-06-24 28752]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2008-02-04 77824]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-10-29 65536]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-01-10 399416]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-07-29 51288]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2008-06-12 43608]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSL1A2884CF
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bthsvcs	REG_MULTI_SZ   	BthServ
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-25 01:00
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(4028)
c:\program files\Stardock\Fences\FencesMenu.dll
c:\program files\stardock\fences\DesktopDock.dll
.
Voltooingstijd: 2011-06-25  01:04:54
ComboFix-quarantined-files.txt  2011-06-24 23:04
ComboFix2.txt  2011-06-24 19:26
.
Pre-Run: 122.117.279.744 bytes beschikbaar
Post-Run: 122.006.700.032 bytes beschikbaar
.
- - End Of File - - 5561E842DEF3053EBF3F2B888E4CBC69