ComboFix 10-01-29.09 - brian 30-01-2010  16:48:27.3.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.1790.1010 [GMT 1:00]
Gestart vanuit: g:\programas\combofix\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\brian\AppData\Roaming\.#
c:\users\brian\AppData\Roaming\inst.exe

.
((((((((((((((((((((   Bestanden Gemaakt van 2009-12-28 to 2010-01-30  ))))))))))))))))))))))))))))))
.

2010-01-30 15:55 . 2010-01-30 15:55	--------	d-----w-	c:\users\brian\AppData\Local\temp
2010-01-30 15:55 . 2010-01-30 15:55	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-01-30 15:55 . 2010-01-30 15:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-01-30 14:20 . 2010-01-30 14:20	--------	d-----w-	c:\windows\LastGood
2010-01-30 11:40 . 2010-01-30 11:40	--------	d-----w-	c:\program files\Adobe(1)
2010-01-29 23:50 . 2010-01-30 15:44	--------	d-----w-	c:\users\brian\AppData\Roaming\uTorrent
2010-01-26 21:33 . 2010-01-26 21:33	--------	d-----w-	c:\programdata\LightScribe
2010-01-19 17:28 . 2010-01-24 15:42	--------	d-----w-	c:\programdata\DVD Shrink
2010-01-13 11:57 . 2009-10-19 13:38	156672	----a-w-	c:\windows\system32\t2embed.dll
2010-01-13 11:57 . 2009-10-19 13:35	72704	----a-w-	c:\windows\system32\fontsub.dll
2010-01-07 00:16 . 2010-01-07 00:16	25533440	----a-w-	c:\windows\system32\imageres.dll
2010-01-05 21:50 . 2010-01-05 21:50	--------	d-----w-	c:\programdata\agi
2010-01-05 20:29 . 2010-01-05 20:29	--------	d-----w-	c:\programdata\Stardock
2010-01-05 20:29 . 2007-06-05 10:26	56496	----a-w-	c:\windows\system32\wbhelp2.dll
2010-01-03 00:12 . 2010-01-03 00:13	--------	d-----w-	c:\users\brian\AppData\Local\Windows Live Writer
2010-01-03 00:12 . 2010-01-03 00:12	--------	d-----w-	c:\users\brian\AppData\Roaming\Windows Live Writer
2010-01-01 19:39 . 2010-01-01 19:39	--------	d-----w-	c:\program files\Windows Live SkyDrive

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 15:47 . 2008-01-21 06:47	652386	----a-w-	c:\windows\system32\perfh013.dat
2010-01-30 15:47 . 2008-01-21 06:47	121922	----a-w-	c:\windows\system32\perfc013.dat
2010-01-30 14:26 . 2009-12-09 12:32	--------	d-----w-	c:\program files\NETGEAR
2010-01-30 14:26 . 2008-04-07 11:59	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-01-30 14:12 . 2009-10-01 16:32	7808	----a-w-	c:\users\brian\AppData\Local\d3d9caps.dat
2010-01-30 14:11 . 2009-11-11 21:48	271356	----a-w-	c:\programdata\nvModes.dat
2010-01-30 14:09 . 2009-10-01 22:23	--------	d-----w-	c:\users\brian\AppData\Roaming\vlc
2010-01-30 14:09 . 2009-11-19 01:13	--------	d-----w-	c:\program files\Common Files\Adobe
2010-01-28 17:01 . 2009-10-08 17:37	--------	d-----w-	c:\users\brian\AppData\Roaming\Vso
2010-01-28 13:44 . 2009-12-14 01:01	12	----a-w-	c:\windows\bthservsdp.dat
2010-01-26 20:06 . 2009-10-02 21:17	--------	d-----w-	c:\users\brian\AppData\Roaming\dvdcss
2010-01-25 19:52 . 2009-10-08 17:37	47360	----a-w-	c:\users\brian\AppData\Roaming\pcouffin.sys
2010-01-25 19:52 . 2009-10-08 17:37	47360	----a-w-	c:\users\brian\AppData\Roaming\pcouffin.sys
2010-01-21 14:11 . 2009-10-01 21:11	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-01-16 11:49 . 2009-10-23 19:14	--------	d-----w-	c:\programdata\Messenger Plus!
2010-01-13 12:19 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-01-03 00:10 . 2009-10-01 20:44	--------	d-----w-	c:\program files\Windows Live
2010-01-02 06:38 . 2010-01-22 12:32	916480	----a-w-	c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 12:32	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 12:32	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 12:32	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2010-01-01 19:25 . 2009-12-27 23:43	--------	d-----w-	c:\program files\Zylom Games
2009-12-27 23:43 . 2009-12-27 23:43	--------	d-----w-	c:\programdata\Zylom
2009-12-15 21:49 . 2009-12-15 21:49	--------	d-----w-	c:\users\brian\AppData\Roaming\Convivea
2009-12-12 21:36 . 2009-11-08 19:09	--------	d-----w-	c:\program files\TeamViewer
2009-12-11 08:43 . 2009-12-11 08:43	--------	d-----w-	c:\users\brian\AppData\Roaming\Hardcore
2009-12-09 12:46 . 2008-04-07 12:49	--------	d-----w-	c:\programdata\Microsoft Help
2009-12-09 12:31 . 2009-12-09 12:31	--------	d-----w-	c:\programdata\NETGEAR
2009-12-07 23:10 . 2009-11-19 13:36	--------	d-----w-	c:\users\brian\AppData\Roaming\CyberLink
2009-12-06 12:08 . 2009-12-06 12:08	--------	d-----w-	c:\program files\Common Files\Motive
2009-12-06 12:08 . 2009-10-13 18:06	--------	d-----w-	c:\program files\Thuishelp
2009-12-06 12:03 . 2009-12-06 12:03	--------	d-----w-	c:\programdata\Motive
2009-11-24 23:54 . 2009-10-19 14:23	1280480	----a-w-	c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-10-19 14:24	114768	----a-w-	c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-10-19 14:24	20560	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-10-19 14:23	53328	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-10-19 14:24	48560	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-10-19 14:24	23120	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-10-19 14:24	97480	----a-w-	c:\windows\system32\AvastSS.scr
2009-11-14 01:24 . 2009-11-14 01:24	114048	----a-w-	c:\windows\system32\drivers\snapman.sys
2009-11-09 12:31 . 2009-12-09 12:46	24064	----a-w-	c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 12:46	30720	----a-w-	c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 12:46	411648	----a-w-	c:\windows\system32\drivers\http.sys
2009-11-05 17:27 . 2009-11-05 17:27	0	----a-w-	c:\users\brian\AppData\Roaming\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-01-07 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ccleaner"="d:\program files\Ccleaner\CCleaner.exe" [2009-12-21 1803064]
"Google Update"="c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-13 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 397312]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-20 6144000]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-16 821768]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Zesko_McciTrayApp"="c:\program files\Thuishelp\Zesko\Thuishelp.exe" [2008-04-14 1455104]

c:\users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WN111v2 Smart Wizard.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WN111v2 Smart Wizard.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):af,32,50,cd,d5,42,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-754506360-740247717-2686086553-1000]
"EnableNotificationsRef"=dword:00000004
"EnableNotifications"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [19-10-2009 15:24 114768]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\System32\drivers\jswpslwf.sys [1-10-2008 16:44 20384]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [1-10-2009 17:55 61424]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [19-10-2009 15:24 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [19-10-2009 15:23 53328]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3-3-2008 12:11 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [1-10-2009 17:57 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [7-4-2008 13:11 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25-4-2008 20:36 45056]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [1-10-2009 17:57 122368]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [8-12-2009 11:46 185640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [23-7-2008 7:24 44064]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25-4-2008 20:36 131072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [7-4-2008 22:21 210432]
S3 bthav;Bluetooth AV-profiel;c:\windows\System32\drivers\bthav.sys [10-7-2008 15:43 34816]
S3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNIMP50.sys [16-11-2006 14:36 21504]
S3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNISP50.sys [16-11-2006 14:36 20480]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21-1-2008 3:23 21504]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe --> c:\program files\NETGEAR\WN111v2\jswpsapi.exe [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [25-1-2008 10:12 25088]
S3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28-3-2007 6:51 43008]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [22-11-2009 21:29 75776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bthsvcs	REG_MULTI_SZ   	BthServ
.
Inhoud van de 'Gedeelde Taken' map

2010-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-754506360-740247717-2686086553-1000Core.job
- c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 23:46]

2010-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-754506360-740247717-2686086553-1000UA.job
- c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 23:46]

2010-01-30 c:\windows\Tasks\User_Feed_Synchronization-{5702D009-4177-4AD9-83B2-61A4B31D9403}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://google.nl/
IE: &D&ownload &met BitComet - d:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload alle video met BitComet - d:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload alles met BitComet - d:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: ziggo.nl\thuishelp
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.
- - - - ORPHANS VERWIJDERD - - - -

AddRemove-BitComet - d:\program files\bitcomet\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 16:55
Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-01-30  16:57:58
ComboFix-quarantined-files.txt  2010-01-30 15:57
ComboFix2.txt  2009-12-12 21:07
ComboFix3.txt  2009-10-12 19:45

Pre-Run: 111.123.820.544 bytes beschikbaar
Post-Run: 110.790.795.264 bytes beschikbaar

- - End Of File - - B0314C709D26696E1FA304BE5C518470