ComboFix 10-03-24.01 - brian 24-03-2010  20:00:39.6.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.31.1043.18.1790.1004 [GMT 1:00]
Gestart vanuit: c:\users\brian\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\brian\AppData\Roaming\.#
c:\users\brian\AppData\Roaming\.#\MBX@AF0@1732990.###
c:\users\brian\AppData\Roaming\.#\MBX@AF0@17329C0.###
c:\users\brian\AppData\Roaming\.#\MBX@AF0@17329F0.###
c:\users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Productregistratie.lnk

.
((((((((((((((((((((   Bestanden Gemaakt van 2010-02-24 to 2010-03-24  ))))))))))))))))))))))))))))))
.

2010-03-24 18:29 . 2010-03-24 18:29	--------	d-----w-	c:\programdata\Messenger Plus!
2010-03-24 18:24 . 2010-03-24 18:24	2560	----a-w-	c:\windows\_MSRSTRT.EXE
2010-03-24 18:07 . 2010-03-24 18:07	--------	d-----w-	c:\program files\Conduit
2010-03-24 18:07 . 2010-03-24 18:24	--------	d-----w-	c:\program files\Messenger_Plus_Live_Netherlands
2010-03-24 16:45 . 2010-03-24 16:45	--------	d-----w-	c:\program files\Common Files\Logitech
2010-03-24 16:45 . 2010-03-24 16:45	--------	d-----w-	c:\users\brian\AppData\Local\Downloaded Installations
2010-03-24 16:44 . 2010-03-24 16:44	--------	d-----w-	c:\users\brian\AppData\Roaming\Logitech
2010-03-24 16:43 . 2010-03-24 16:43	--------	d-----w-	c:\users\brian\AppData\Roaming\Leadertech
2010-03-24 16:43 . 2010-03-24 16:43	53248	----a-r-	c:\users\brian\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-03-24 16:40 . 2008-05-02 01:38	301656	----a-w-	c:\windows\system32\BtCoreIf.dll
2010-03-24 16:40 . 2008-05-02 01:40	84496	----a-w-	c:\windows\system32\KemXML.dll
2010-03-24 16:40 . 2008-05-02 01:40	117264	----a-w-	c:\windows\system32\KemWnd.dll
2010-03-24 16:40 . 2008-05-02 01:39	170512	----a-w-	c:\windows\system32\kemutb.dll
2010-03-24 16:40 . 2008-05-02 01:39	145936	----a-w-	c:\windows\system32\KemUtil.dll
2010-03-24 16:40 . 2010-03-24 16:40	--------	d-----w-	c:\programdata\Logitech
2010-03-24 16:40 . 2010-03-24 16:43	--------	d-----w-	c:\program files\Common Files\Logishrd
2010-03-24 16:40 . 2010-03-24 16:40	--------	d-----w-	c:\programdata\LogiShrd
2010-03-24 00:55 . 2010-03-24 00:55	--------	d-----w-	c:\program files\Windows Live
2010-03-24 00:37 . 2010-03-24 00:37	--------	d-----w-	c:\users\brian\AppData\Roaming\Thinstall
2010-03-24 00:37 . 2010-03-24 00:37	--------	d-----w-	c:\users\brian\AppData\Local\Thinstall
2010-03-18 01:22 . 2009-11-24 23:48	23120	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2010-03-18 01:22 . 2009-11-24 23:49	48560	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2010-03-18 01:22 . 2009-11-24 23:50	114768	----a-w-	c:\windows\system32\drivers\aswSP.sys
2010-03-18 01:22 . 2009-11-24 23:50	20560	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2010-03-18 01:22 . 2009-11-24 23:47	97480	----a-w-	c:\windows\system32\AvastSS.scr
2010-03-18 01:22 . 2009-11-24 23:54	1280480	----a-w-	c:\windows\system32\aswBoot.exe
2010-03-18 01:22 . 2009-11-24 23:49	53328	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2010-03-15 19:28 . 2007-03-30 16:43	61440	----a-w-	c:\windows\system32\vsnpstd3.dll
2010-03-15 19:28 . 2006-09-18 13:12	843776	----a-w-	c:\windows\vsnpstd3.exe
2010-03-15 19:28 . 2006-09-18 13:12	843776	----a-w-	c:\windows\system32\vsnpstd3.exe
2010-03-15 19:28 . 2010-03-15 19:28	--------	d-----w-	c:\program files\VGA USB Camera
2010-03-15 19:28 . 2007-03-30 10:12	10199296	----a-w-	c:\windows\system32\drivers\snpstd3.sys
2010-03-15 19:28 . 2006-12-27 13:33	172032	----a-w-	c:\windows\system32\rsnpstd3.dll
2010-03-15 19:28 . 2006-12-27 13:33	172032	----a-w-	c:\windows\rsnpstd3.dll
2010-03-15 19:28 . 2005-11-23 12:55	53248	----a-w-	c:\windows\system32\csnpstd3.dll
2010-03-15 19:27 . 2010-03-15 19:27	--------	d-----w-	c:\users\brian\AppData\Roaming\InstallShield
2010-03-15 15:29 . 2004-11-29 18:43	458752	----a-w-	c:\windows\amcap.exe
2010-03-13 18:04 . 2010-03-13 18:04	--------	d-----w-	c:\users\brian\AppData\Roaming\AC1
2010-03-10 22:04 . 2010-02-20 23:06	24064	----a-w-	c:\windows\system32\nshhttp.dll
2010-03-10 22:04 . 2010-02-20 20:53	411648	----a-w-	c:\windows\system32\drivers\http.sys
2010-03-10 22:04 . 2010-02-20 23:05	30720	----a-w-	c:\windows\system32\httpapi.dll
2010-03-08 18:35 . 2010-03-08 18:35	--------	d-----w-	c:\program files\Skype
2010-03-06 16:03 . 2010-03-22 21:08	--------	d-----w-	c:\users\brian\AppData\Roaming\vlc
2010-03-06 15:51 . 2010-02-12 10:32	293376	----a-w-	c:\windows\system32\browserchoice.exe
2010-03-05 11:29 . 2010-03-05 11:29	--------	d-----w-	c:\program files\Microsoft CAPICOM 2.1.0.2
2010-03-05 01:25 . 2010-03-05 01:25	--------	d-----w-	c:\users\brian\AppData\Roaming\Stardock
2010-03-05 01:25 . 2010-03-05 01:25	--------	dc-h--w-	c:\programdata\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}
2010-03-05 01:25 . 2009-10-02 17:59	3254528	-c--a-w-	c:\programdata\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe
2010-03-05 01:24 . 2010-03-05 01:24	--------	d-----w-	c:\users\brian\AppData\Local\PackageAware
2010-03-04 19:04 . 2010-03-04 19:04	--------	d-----w-	c:\users\brian\AppData\Roaming\ImgBurn
2010-03-04 15:36 . 2010-03-04 15:36	--------	d-----w-	c:\users\brian\AppData\Local\Scansoft
2010-03-04 15:23 . 2010-03-04 15:23	--------	d-----w-	c:\users\brian\AppData\Roaming\Canon
2010-03-04 15:09 . 2010-03-04 15:09	--------	d-----w-	c:\programdata\CanonIJPLM
2010-03-04 15:07 . 2010-03-04 15:07	--------	d-----w-	c:\programdata\InstallShield
2010-03-04 15:07 . 2010-03-04 15:07	--------	d-----w-	c:\users\brian\AppData\Roaming\ScanSoft
2010-03-04 15:07 . 2010-03-04 15:07	--------	d-----w-	c:\programdata\ScanSoft
2010-03-04 15:07 . 2010-03-04 15:07	--------	d-----w-	c:\program files\Common Files\ScanSoft Shared
2010-03-04 15:07 . 2010-03-04 15:07	--------	d-----w-	c:\program files\ScanSoft
2010-03-04 15:06 . 2010-03-04 15:06	--------	d-----w-	c:\program files\Common Files\CANON
2010-03-04 15:04 . 2010-03-04 15:04	--------	d--h--w-	c:\windows\system32\CanonIJ Uninstaller Information
2010-03-04 15:03 . 2007-03-23 07:29	98304	----a-w-	c:\windows\system32\CNC210I.DLL
2010-03-04 15:03 . 2007-03-19 01:16	200704	----a-w-	c:\windows\system32\CNC210L.DLL
2010-03-04 15:03 . 2007-03-15 05:12	188416	----a-w-	c:\windows\system32\CNC210O.DLL
2010-03-04 15:03 . 2007-03-23 07:30	1400832	----a-w-	c:\windows\system32\CNC210C.DLL
2010-03-04 15:03 . 2010-03-04 15:03	--------	d--h--w-	c:\program files\CanonBJ
2010-03-04 15:02 . 2010-03-04 15:09	--------	d-----w-	c:\program files\Canon
2010-03-02 20:41 . 2010-03-02 20:41	--------	d-----w-	c:\users\brian\AppData\Roaming\BitTorrent
2010-03-02 16:21 . 2010-03-02 16:21	--------	d-----w-	c:\users\brian\4181.tmp
2010-03-02 16:21 . 2010-03-02 16:21	--------	d--h--w-	c:\users\brian\Zero G Registry
2010-03-01 11:05 . 2010-03-01 11:05	--------	d-----w-	c:\program files\Common Files\Java
2010-02-28 19:51 . 2010-02-28 19:51	--------	d-----w-	c:\users\brian\AppData\Local\Seven Zip
2010-02-23 00:26 . 2010-02-23 00:26	--------	d-----w-	c:\program files\SystemRequirementsLab

.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-24 18:29 . 2008-01-21 06:47	652386	----a-w-	c:\windows\system32\perfh013.dat
2010-03-24 18:29 . 2008-01-21 06:47	121922	----a-w-	c:\windows\system32\perfc013.dat
2010-03-24 18:26 . 2009-11-11 21:48	330376	----a-w-	c:\programdata\nvModes.dat
2010-03-24 18:24 . 2009-12-14 01:01	12	----a-w-	c:\windows\bthservsdp.dat
2010-03-24 18:02 . 2010-01-29 23:50	--------	d-----w-	c:\users\brian\AppData\Roaming\uTorrent
2010-03-24 16:51 . 2010-03-24 16:51	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-03-24 16:51 . 2010-03-24 16:51	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-03-24 16:40 . 2008-04-07 11:59	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-03-22 18:46 . 2009-10-02 21:17	--------	d-----w-	c:\users\brian\AppData\Roaming\dvdcss
2010-03-19 00:33 . 2009-11-08 19:09	--------	d-----w-	c:\program files\TeamViewer
2010-03-18 01:39 . 2009-10-19 14:23	--------	d-----w-	c:\program files\Alwil Software
2010-03-18 01:13 . 2010-02-11 11:54	8592	----a-w-	c:\users\brian\AppData\Local\d3d9caps.dat
2010-03-17 19:18 . 2010-02-16 23:10	--------	d-----w-	c:\users\brian\AppData\Roaming\Skype
2010-03-12 09:44 . 2009-10-08 17:37	--------	d-----w-	c:\users\brian\AppData\Roaming\Vso
2010-03-11 02:24 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-03-10 01:27 . 2010-02-16 23:14	--------	d-----w-	c:\users\brian\AppData\Roaming\skypePM
2010-03-04 15:07 . 2008-04-07 12:00	--------	d-----w-	c:\program files\Common Files\InstallShield
2010-03-04 11:59 . 2009-11-19 01:13	--------	d-----w-	c:\program files\Common Files\Adobe
2010-03-01 11:04 . 2009-10-01 20:41	--------	d-----w-	c:\program files\Java
2010-02-28 19:51 . 2008-04-07 12:54	--------	d-----w-	c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2010-02-28 12:59 . 2009-10-01 16:33	--------	d-----w-	c:\program files\Google
2010-02-24 16:52 . 2010-02-04 03:04	106552	----a-w-	c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-02-20 20:09 . 2010-02-20 20:09	--------	d-----w-	c:\program files\MSECache
2010-02-17 15:30 . 2010-02-17 15:30	691696	----a-w-	c:\windows\system32\drivers\sptd.sys
2010-02-16 23:14 . 2010-02-16 23:14	56	---ha-w-	c:\programdata\ezsidmv.dat
2010-02-16 23:10 . 2010-02-16 23:10	--------	d-----w-	c:\program files\Common Files\Skype
2010-02-16 23:10 . 2010-02-16 23:04	--------	d-----w-	c:\programdata\Skype
2010-02-12 00:23 . 2010-02-08 15:35	210	----a-w-	c:\users\brian\AppData\Roaming\wklnhst.dat
2010-02-10 20:02 . 2008-04-07 12:49	--------	d-----w-	c:\programdata\Microsoft Help
2010-02-10 20:02 . 2008-04-07 12:51	--------	d-----w-	c:\program files\Microsoft Works
2010-02-08 15:35 . 2010-02-08 15:35	--------	d-----w-	c:\users\brian\AppData\Roaming\Template
2010-02-08 13:14 . 2009-10-01 19:09	--------	d-----w-	c:\programdata\NVIDIA
2010-02-08 13:14 . 2010-02-08 13:13	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-02-06 18:06 . 2010-02-04 21:19	1	----a-w-	c:\users\brian\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-04 21:18 . 2010-02-04 21:18	--------	d-----w-	c:\users\brian\AppData\Roaming\OpenOffice.org
2010-02-04 19:23 . 2010-02-04 19:23	--------	d-----w-	c:\users\brian\AppData\Roaming\Convivea
2010-02-04 03:03 . 2009-10-01 16:32	8224	----a-w-	c:\users\brian\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-01 18:01 . 2009-11-19 13:36	--------	d-----w-	c:\users\brian\AppData\Roaming\CyberLink
2010-01-30 11:40 . 2010-01-30 11:40	--------	d-----w-	c:\program files\Adobe(1)
2010-01-26 21:33 . 2010-01-26 21:33	--------	d-----w-	c:\programdata\LightScribe
2010-01-25 19:52 . 2009-10-08 17:37	47360	----a-w-	c:\users\brian\AppData\Roaming\pcouffin.sys
2010-01-25 19:52 . 2009-10-08 17:37	47360	----a-w-	c:\users\brian\AppData\Roaming\pcouffin.sys
2010-01-25 12:00 . 2010-02-24 16:46	471552	----a-w-	c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 16:46	152576	----a-w-	c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 16:46	152064	----a-w-	c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 16:46	471552	----a-w-	c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 16:46	332288	----a-w-	c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 16:46	526336	----a-w-	c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 16:46	346624	----a-w-	c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 16:46	518144	----a-w-	c:\windows\system32\RMActivate.exe
2010-01-25 08:21 . 2010-02-24 16:46	347136	----a-w-	c:\windows\system32\RMActivate_ssp.exe
2010-01-23 09:26 . 2010-02-24 16:46	2048	----a-w-	c:\windows\system32\tzres.dll
2010-01-11 21:18 . 2010-01-11 21:18	962664	----a-w-	c:\windows\system32\nvsvc.dll
2010-01-11 21:18 . 2010-01-11 21:18	13679720	----a-w-	c:\windows\system32\nvcpl.dll
2010-01-11 21:18 . 2010-01-11 21:18	129640	----a-w-	c:\windows\system32\nvvsvc.exe
2010-01-11 21:18 . 2010-01-11 21:18	110696	----a-w-	c:\windows\system32\nvmctray.dll
2010-01-06 15:39 . 2010-02-24 16:46	1696256	----a-w-	c:\windows\system32\gameux.dll
2010-01-06 15:38 . 2010-02-24 16:46	28672	----a-w-	c:\windows\system32\Apphlpdm.dll
2010-01-06 15:38 . 2010-02-24 16:46	173056	----a-w-	c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-24 16:46	542720	----a-w-	c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-24 16:46	458752	----a-w-	c:\windows\AppPatch\AcSpecfc.dll
2010-01-06 15:38 . 2010-02-24 16:46	2159616	----a-w-	c:\windows\AppPatch\AcGenral.dll
2010-01-06 13:30 . 2010-02-24 16:46	4240384	----a-w-	c:\windows\system32\GameUXLegacyGDFs.dll
2010-01-02 06:38 . 2010-01-22 12:32	916480	----a-w-	c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 12:32	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 12:32	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 12:32	133632	----a-w-	c:\windows\system32\ieUnatt.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 15:05	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-01-13 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-05-09 397312]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-20 6144000]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-16 821768]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-18 843776]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592]
Logitech SetPoint.lnk - d:\program files\logitech instalatie\SetPoint\SetPoint.exe [2010-3-24 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "d:\program files\Fences public\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WN111v2 Smart Wizard.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WN111v2 Smart Wizard.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Orion.lnk]
path=c:\users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
backup=c:\windows\pss\Orion.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2007-05-14 16:01	644696	----a-w-	c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-13 23:46	135664	----atw-	c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23	1008184	----a-w-	c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zesko_McciTrayApp]
2008-04-14 13:32	1455104	----a-w-	c:\program files\Thuishelp\Zesko\Thuishelp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):af,32,50,cd,d5,42,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-754506360-740247717-2686086553-1000]
"EnableNotificationsRef"=dword:00000004
"EnableNotifications"=dword:00000001

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 135664]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-04-07 210432]
R3 bthav;Bluetooth AV-profiel;c:\windows\system32\drivers\bthav.sys [2008-07-10 34816]
R3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\DNIMp50.sys [2006-11-16 21504]
R3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\system32\Drivers\DNISp50.sys [2006-11-16 20480]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [x]
R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista;c:\windows\system32\DRIVERS\WUSB54GCx86.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\DRIVERS\WN111v2v.sys [x]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2007-12-16 75776]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-17 691696]
S1 aswSP;avast! Self Protection; [x]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-10-01 20384]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-06-25 44064]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bthsvcs	REG_MULTI_SZ   	BthServ
.
Inhoud van de 'Gedeelde Taken' map

2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 01:18]

2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-16 01:18]

2010-03-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-754506360-740247717-2686086553-1000Core.job
- c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 23:46]

2010-03-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-754506360-740247717-2686086553-1000UA.job
- c:\users\brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-13 23:46]

2010-03-24 c:\windows\Tasks\User_Feed_Synchronization-{5702D009-4177-4AD9-83B2-61A4B31D9403}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
IE: &D&ownload &met BitComet - d:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload alle video met BitComet - d:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload alles met BitComet - d:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: ziggo.nl\thuishelp
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.66.0.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-24 20:07
Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ... 

scannen van verborgen autostart items ... 

scannen van verborgen bestanden ... 

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Voltooingstijd: 2010-03-24  20:10:05
ComboFix-quarantined-files.txt  2010-03-24 19:10

Pre-Run: 116.904.386.560 bytes beschikbaar
Post-Run: 116.976.078.848 bytes beschikbaar

- - End Of File - - D5626D04F76E79F94999BF38054BCA84