ComboFix 10-03-02.08 - brian 03-03-2010  16:24:26.4.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.1790.533 [GMT 1:00]
Gestart vanuit: c:\users\brian\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\brian\AppData\Roaming\.#
c:\users\brian\AppData\Roaming\.#\MBX@1244@2D2990.###
c:\users\brian\AppData\Roaming\.#\MBX@1244@2D29C0.###
c:\users\brian\AppData\Roaming\.#\MBX@1244@2D29F0.###

.
((((((((((((((((((((   Bestanden Gemaakt van 2010-02-03 to 2010-03-03  ))))))))))))))))))))))))))))))
.

2010-03-03 15:31 . 2010-03-03 15:31	--------	d-----w-	c:\users\brian\AppData\Local\temp
2010-03-03 15:31 . 2010-03-03 15:31	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-03-03 15:31 . 2010-03-03 15:31	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-03-02 21:54 . 2010-03-02 21:54	--------	d-----w-	c:\program files\Trend Micro
2010-03-02 20:41 . 2010-03-02 20:41	--------	d-----w-	c:\users\brian\AppData\Roaming\BitTorrent
2010-03-02 20:40 . 2010-03-02 20:41	--------	d-----w-	c:\program files\DNA
2010-03-02 17:48 . 2010-03-02 17:49	--------	d-----w-	c:\users\brian\AppData\Roaming\ImgBurn
2010-03-02 16:21 . 2010-03-02 16:21	--------	d-----w-	c:\users\brian\4181.tmp
2010-03-02 16:21 . 2010-03-02 16:21	--------	d--h--w-	c:\users\brian\Zero G Registry
2010-03-01 11:05 . 2010-03-01 11:05	--------	d-----w-	c:\program files\Common Files\Java
2010-02-28 19:51 . 2010-02-28 19:51	--------	d-----w-	c:\users\brian\AppData\Local\Seven Zip
2010-02-23 00:26 . 2010-02-23 00:26	--------	d-----w-	c:\program files\SystemRequirementsLab
2010-02-20 20:09 . 2010-02-20 20:09	--------	d-----w-	c:\program files\MSECache
2010-02-17 15:30 . 2010-02-17 15:30	691696	----a-w-	c:\windows\system32\drivers\sptd.sys
2010-02-16 23:14 . 2010-03-03 01:14	--------	d-----w-	c:\users\brian\AppData\Roaming\skypePM
2010-02-16 23:10 . 2010-03-03 01:17	--------	d-----w-	c:\users\brian\AppData\Roaming\Skype
2010-02-16 23:10 . 2010-02-16 23:10	--------	d-----w-	c:\program files\Common Files\Skype
2010-02-16 23:10 . 2010-02-16 23:10	--------	d-----r-	c:\program files\Skype
2010-02-16 23:04 . 2010-02-16 23:10	--------	d-----w-	c:\programdata\Skype
2010-02-14 21:29 . 2010-03-03 02:32	--------	d-----w-	c:\users\brian\AppData\Roaming\vlc
2010-02-11 11:54 . 2010-03-03 15:16	1356	----a-w-	c:\users\brian\AppData\Local\d3d9caps.dat
2010-02-08 15:35 . 2010-02-08 15:35	--------	d-----w-	c:\users\brian\AppData\Roaming\Template
2010-02-08 13:13 . 2010-02-08 13:14	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-02-04 21:19 . 2010-02-06 18:06	1	----a-w-	c:\users\brian\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-04 21:18 . 2010-02-04 21:18	--------	d-----w-	c:\users\brian\AppData\Roaming\OpenOffice.org
2010-02-04 19:23 . 2008-03-28 09:07	20992	----a-w-	c:\users\brian\AppData\Roaming\Convivea\Bit_Che\languages\compare.exe
2010-02-04 19:23 . 2010-02-04 19:23	--------	d-----w-	c:\users\brian\AppData\Roaming\Convivea
2010-02-04 19:23 . 2009-04-10 17:40	118784	----a-w-	c:\users\brian\AppData\Roaming\Convivea\Bit_Che\scripts\x.exe
2010-02-04 19:23 . 2008-03-28 09:02	60928	----a-w-	c:\users\brian\AppData\Roaming\Convivea\Bit_Che\scripts\update.exe
2010-02-04 19:23 . 2007-07-11 18:43	24557	----a-w-	c:\users\brian\AppData\Roaming\Convivea\Bit_Che\scripts\special.exe
2010-02-04 19:23 . 2003-08-19 04:06	80896	----a-w-	c:\users\brian\AppData\Roaming\Convivea\Bit_Che\scripts\x.dll
2010-02-04 03:04 . 2010-02-24 16:52	106552	----a-w-	c:\windows\system32\GDIPFONTCACHEV1.DAT

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-03 15:27 . 2008-01-21 06:47	652386	----a-w-	c:\windows\system32\perfh013.dat
2010-03-03 15:27 . 2008-01-21 06:47	121922	----a-w-	c:\windows\system32\perfc013.dat
2010-03-03 15:21 . 2009-12-14 01:01	12	----a-w-	c:\windows\bthservsdp.dat
2010-03-03 15:16 . 2009-11-11 21:48	330376	----a-w-	c:\programdata\nvModes.dat
2010-03-03 02:34 . 2010-01-29 23:50	--------	d-----w-	c:\users\brian\AppData\Roaming\uTorrent
2010-03-03 01:50 . 2009-10-02 21:17	--------	d-----w-	c:\users\brian\AppData\Roaming\dvdcss
2010-03-01 11:04 . 2009-10-01 20:41	--------	d-----w-	c:\program files\Java
2010-02-28 19:51 . 2008-04-07 12:54	--------	d-----w-	c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2010-02-28 12:59 . 2009-10-01 16:33	--------	d-----w-	c:\program files\Google
2010-02-17 15:22 . 2009-10-08 17:37	--------	d-----w-	c:\users\brian\AppData\Roaming\Vso
2010-02-16 23:14 . 2010-02-16 23:14	56	---ha-w-	c:\programdata\ezsidmv.dat
2010-02-12 00:23 . 2010-02-08 15:35	210	----a-w-	c:\users\brian\AppData\Roaming\wklnhst.dat
2010-02-10 20:02 . 2008-04-07 12:49	--------	d-----w-	c:\programdata\Microsoft Help
2010-02-10 20:02 . 2008-04-07 12:51	--------	d-----w-	c:\program files\Microsoft Works
2010-02-10 13:10 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-02-08 13:14 . 2009-10-01 19:09	--------	d-----w-	c:\programdata\NVIDIA
2010-02-04 03:03 . 2009-10-01 16:32	8224	----a-w-	c:\users\brian\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-01 18:01 . 2009-11-19 13:36	--------	d-----w-	c:\users\brian\AppData\Roaming\CyberLink
2010-01-30 14:26 . 2008-04-07 11:59	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-01-30 14:09 . 2009-11-19 01:13	--------	d-----w-	c:\program files\Common Files\Adobe
2010-01-30 11:40 . 2010-01-30 11:40	--------	d-----w-	c:\program files\Adobe(1)
2010-01-26 21:33 . 2010-01-26 21:33	--------	d-----w-	c:\programdata\LightScribe
2010-01-25 19:52 . 2009-10-08 17:37	47360	----a-w-	c:\users\brian\AppData\Roaming\pcouffin.sys
2010-01-25 19:52 . 2009-10-08 17:37	47360	----a-w-	c:\users\brian\AppData\Roaming\pcouffin.sys
2010-01-25 12:00 . 2010-02-24 16:46	471552	----a-w-	c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 16:46	152576	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 16:46	152064	----a-w-	c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 16:46	471552	----a-w-	c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 16:46	332288	----a-w-	c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 16:46	526336	----a-w-	c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 16:46	346624	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 16:46	518144	----a-w-	c:\windows\system32\RMActivate.exe
2010-01-25 08:21 . 2010-02-24 16:46	347136	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2010-01-23 09:26 . 2010-02-24 16:46	2048	----a-w-	c:\windows\system32\tzres.dll
2010-01-21 14:11 . 2009-10-01 21:11	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-01-16 11:49 . 2009-10-23 19:14	--------	d-----w-	c:\programdata\Messenger Plus!
2010-01-11 21:18 . 2010-01-11 21:18	962664	----a-w-	c:\windows\system32\nvsvc.dll
2010-01-11 21:18 . 2010-01-11 21:18	13679720	----a-w-	c:\windows\system32\nvcpl.dll
2010-01-11 21:18 . 2010-01-11 21:18	129640	----a-w-	c:\windows\system32\nvvsvc.exe
2010-01-11 21:18 . 2010-01-11 21:18	110696	----a-w-	c:\windows\system32\nvmctray.dll
2010-01-06 15:39 . 2010-02-24 16:46	1696256	----a-w-	c:\windows\system32\gameux.dll
2010-01-06 15:38 . 2010-02-24 16:46	28672	----a-w-	c:\windows\system32\Apphlpdm.dll
2010-01-06 15:38 . 2010-02-24 16:46	173056	----a-w-	c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-24 16:46	542720	----a-w-	c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-24 16:46	458752	----a-w-	c:\windows\AppPatch\AcSpecfc.dll
2010-01-06 15:38 . 2010-02-24 16:46	2159616	----a-w-	c:\windows\AppPatch\AcGenral.dll
2010-01-06 13:30 . 2010-02-24 16:46	4240384	----a-w-	c:\windows\system32\GameUXLegacyGDFs.dll
2010-01-05 21:50 . 2010-01-05 21:50	--------	d-----w-	c:\programdata\agi
2010-01-03 00:12 . 2010-01-03 00:12	--------	d-----w-	c:\users\brian\AppData\Roaming\Windows Live Writer
2010-01-03 00:10 . 2009-10-01 20:44	--------	d-----w-	c:\program files\Windows Live
2010-01-02 06:38 . 2010-01-22 12:32	916480	----a-w-	c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 12:32	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 12:32	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 12:32	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2009-12-17 16:14 . 2009-10-01 20:41	411368	----a-w-	c:\windows\system32\deploytk.dll
2009-12-11 11:43 . 2010-02-10 12:32	302080	----a-w-	c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 12:32	98816	----a-w-	c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 12:32	904776	----a-w-	c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 12:32	3600456	----a-w-	c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 12:32	3548216	----a-w-	c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 12:32	30720	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-10 12:32	12288	----a-w-	c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 12:32	1314816	----a-w-	c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 12:32	22528	----a-w-	c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 12:32	31744	----a-w-	c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 12:32	123904	----a-w-	c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 12:32	13312	----a-w-	c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 12:32	82944	----a-w-	c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 12:32	50176	----a-w-	c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 12:32	91136	----a-w-	c:\windows\system32\avifil32.dll
2009-12-04 15:56 . 2010-02-10 12:32	212992	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 15:56 . 2010-02-10 12:32	105984	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ccleaner"="d:\program files\Ccleaner\CCleaner.exe" [2010-01-26 1724728]
"Google Update"="c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-13 135664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-03-01 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 397312]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-20 6144000]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-16 821768]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WN111v2 Smart Wizard.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WN111v2 Smart Wizard.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orion.lnk]
path=c:\users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
backup=c:\windows\pss\Orion.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-13 23:46	135664	----atw-	c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zesko_McciTrayApp]
2008-04-14 13:32	1455104	----a-w-	c:\program files\Thuishelp\Zesko\Thuishelp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):af,32,50,cd,d5,42,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-754506360-740247717-2686086553-1000]
"EnableNotificationsRef"=dword:00000004
"EnableNotifications"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [19-10-2009 15:24 114768]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\System32\drivers\jswpslwf.sys [1-10-2008 16:44 20384]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [1-10-2009 17:55 61424]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [19-10-2009 15:24 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [19-10-2009 15:23 53328]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3-3-2008 12:11 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [1-10-2009 17:57 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [7-4-2008 13:11 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25-4-2008 20:36 45056]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [1-10-2009 17:57 122368]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [11-2-2010 12:42 172328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [23-7-2008 7:24 44064]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [17-2-2010 16:30 691696]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16-2-2010 2:18 135664]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25-4-2008 20:36 131072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [7-4-2008 22:21 210432]
S3 bthav;Bluetooth AV-profiel;c:\windows\System32\drivers\bthav.sys [10-7-2008 15:43 34816]
S3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNIMP50.sys [16-11-2006 14:36 21504]
S3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNISP50.sys [16-11-2006 14:36 20480]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe --> c:\program files\NETGEAR\WN111v2\jswpsapi.exe [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\System32\drivers\teamviewervpn.sys [25-1-2008 10:12 25088]
S3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [28-3-2007 6:51 43008]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [22-11-2009 21:29 75776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bthsvcs	REG_MULTI_SZ   	BthServ
.
Inhoud van de 'Gedeelde Taken' map

2010-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 01:18]

2010-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 01:18]

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-754506360-740247717-2686086553-1000Core.job
- c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 23:46]

2010-03-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-754506360-740247717-2686086553-1000UA.job
- c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 23:46]

2010-03-03 c:\windows\Tasks\User_Feed_Synchronization-{5702D009-4177-4AD9-83B2-61A4B31D9403}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://google.nl/
IE: &D&ownload &met BitComet - d:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload alle video met BitComet - d:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload alles met BitComet - d:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: ziggo.nl\thuishelp
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.66.0.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-03 16:31
Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-03-03  16:34:12
ComboFix-quarantined-files.txt  2010-03-03 15:34

Pre-Run: 123.981.443.072 bytes beschikbaar
Post-Run: 124.144.144.384 bytes beschikbaar

- - End Of File - - A98AEE54705A9A95A42769FB61AA6130