ComboFix 13-08-25.01 - gebruiker 26/08/2013   9:59.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.32.1043.18.2037.1305 [GMT 2:00]
Gestart vanuit: c:\documents and settings\gebruiker\Bureaublad\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
FW: Cloud Antivirus Firewall *Disabled* {1337562C-110A-4AF8-B12B-750C0B30E802}
 * Nieuw herstelpunt werd aangemaakt
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\gebruiker\WINDOWS
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2013-07-26 to 2013-08-26  ))))))))))))))))))))))))))))))
.
.
2013-08-26 07:23 . 2012-11-07 08:00	46672	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2013-08-24 09:51 . 2013-08-24 09:51	388096	----a-r-	c:\documents and settings\gebruiker\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-24 09:51 . 2013-08-24 09:51	--------	d-----w-	c:\program files\Trend Micro
2013-08-24 08:28 . 2013-08-24 08:28	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2013-08-24 08:28 . 2013-04-04 12:50	22856	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-08-24 08:26 . 2013-08-26 07:31	--------	d--h--r-	c:\documents and settings\gebruiker\Onlangs geopend
2013-08-14 17:14 . 2013-08-14 17:16	--------	d-----w-	c:\windows\system32\MRT
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-26 02:49 . 2004-09-08 16:26	920064	----a-w-	c:\windows\system32\wininet.dll
2013-07-26 02:48 . 2004-09-08 16:26	43520	----a-w-	c:\windows\system32\licmgr10.dll
2013-07-26 02:48 . 2004-09-08 16:26	1469440	------w-	c:\windows\system32\inetcpl.cpl
2013-07-25 15:58 . 2004-09-08 16:26	385024	----a-w-	c:\windows\system32\html.iec
2013-07-25 07:28 . 2012-04-02 07:24	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-07-25 07:28 . 2011-05-14 07:25	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-10 10:37 . 2004-09-08 16:26	406016	----a-w-	c:\windows\system32\usp10.dll
2013-07-08 08:37 . 2013-07-08 08:37	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-07-08 08:37 . 2010-12-13 14:52	144896	----a-w-	c:\windows\system32\javacpl.cpl
2013-07-08 08:37 . 2012-12-21 13:48	867240	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-08 08:37 . 2010-12-13 14:52	789416	----a-w-	c:\windows\system32\deployJava1.dll
2013-07-04 07:33 . 2004-09-08 16:26	2154496	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33 . 2004-08-04 00:58	2033152	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-06-11 11:27 . 2013-06-25 07:27	3840296	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNConsole.dll
2013-06-10 12:13 . 2013-06-25 07:26	917288	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSCCGUIUtils.dll
2013-06-10 06:51 . 2013-06-25 07:27	2498344	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUAConfig.dll
2013-06-09 20:01 . 2013-06-25 07:26	182752	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\psenlc.dll
2013-06-07 06:20 . 2013-06-25 07:27	3185448	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNPnlConfig.dll
2013-06-07 06:18 . 2013-06-25 07:27	520488	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUASBoot.exe
2013-06-06 14:33 . 2013-06-25 07:26	192808	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModProcMon.dll
2013-06-06 14:33 . 2013-06-25 07:26	128296	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModURL.dll
2013-06-05 21:24 . 2013-06-25 07:27	865760	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUAResources.dll
2013-06-05 11:21 . 2013-06-25 07:26	354600	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANUpgSI.dll
2013-06-05 10:55 . 2013-06-25 07:26	269096	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModFirewall.dll
2013-06-05 09:08 . 2004-09-08 16:26	1876864	----a-w-	c:\windows\system32\win32k.sys
2013-06-04 07:22 . 2004-09-08 16:26	563200	----a-w-	c:\windows\system32\qedit.dll
2013-06-01 14:28 . 2013-06-25 07:27	238560	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNUtils.dll
2013-06-01 14:28 . 2013-06-25 07:27	984032	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMsg.dll
2013-05-31 14:04 . 2013-06-25 07:27	2595296	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNProcMon.dll
2013-05-30 18:55 . 2013-06-25 07:26	300000	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSANModADM.dll
2013-05-30 09:03 . 2013-06-25 07:27	536544	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUAAction.dll
2013-05-29 15:18 . 2013-06-25 07:27	183264	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUASysTray.dll
2013-05-29 15:16 . 2013-06-25 07:26	198112	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSINUNC.dll
2013-05-29 15:16 . 2013-06-25 07:26	138720	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSINEvAg.dll
2013-05-29 15:16 . 2013-06-25 07:27	127720	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\Vista\PSINProt.sys
2013-05-29 15:16 . 2013-06-25 07:27	137448	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\Vista\PSINProt.sys
2013-05-29 15:16 . 2013-06-25 07:27	127720	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\W7\PSINProt.sys
2013-05-29 15:16 . 2013-06-25 07:27	137448	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\W7\PSINProt.sys
2013-05-29 15:16 . 2013-06-25 07:26	127720	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\psinprot\x86_W8\PSINProt.sys
2013-05-29 15:16 . 2013-06-25 07:26	137448	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\psinprot\x64_W8\PSINProt.sys
2013-05-29 15:16 . 2013-06-25 07:27	128104	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\Xp\PSINProt.sys
2013-05-29 03:55 . 2013-06-25 07:27	246504	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSStrm.sys
2013-05-29 03:55 . 2013-06-25 07:27	106216	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNStlsc.sys
2013-05-29 03:55 . 2013-06-25 07:26	246504	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSStrm\x64\NNSStrm.sys
2013-05-29 03:55 . 2013-06-25 07:26	106216	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNStlsc\x64\NNStlsc.sys
2013-05-29 03:55 . 2013-06-25 07:27	118504	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSPrv.sys
2013-05-29 03:55 . 2013-06-25 07:27	114920	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSSmtp.sys
2013-05-29 03:55 . 2013-06-25 07:26	114920	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSSmtp\x64\NNSSmtp.sys
2013-05-29 03:55 . 2013-06-25 07:26	118504	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSPrv\x64\NNSPrv.sys
2013-05-29 03:55 . 2013-06-25 07:27	69864	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSPihsw.sys
2013-05-29 03:55 . 2013-06-25 07:27	305896	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSProt.sys
2013-05-29 03:55 . 2013-06-25 07:27	119016	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSPop3.sys
2013-05-29 03:55 . 2013-06-25 07:26	69864	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSpihsw\x64\NNSPihsw.sys
2013-05-29 03:55 . 2013-06-25 07:26	305896	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSProt\x64\NNSProt.sys
2013-05-29 03:55 . 2013-06-25 07:26	119016	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSPop3\x64\NNSPop3.sys
2013-05-29 03:55 . 2013-06-25 07:27	95464	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSpicc.sys
2013-05-29 03:55 . 2013-06-25 07:27	61160	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSpihs.sys
2013-05-29 03:55 . 2013-06-25 07:27	114920	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSIds.sys
2013-05-29 03:55 . 2013-06-25 07:27	109288	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSHttps.sys
2013-05-29 03:55 . 2013-06-25 07:26	95464	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSpicc\x64\NNSpicc.sys
2013-05-29 03:55 . 2013-06-25 07:26	114920	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSIds\x64\NNSIds.sys
2013-05-29 03:55 . 2013-06-25 07:26	109288	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSHttps\x64\NNSHttps.sys
2013-05-29 03:55 . 2013-06-25 07:27	91368	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSAlpc.sys
2013-05-29 03:55 . 2013-06-25 07:27	122088	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System64\drivers\NNSHttp.sys
2013-05-29 03:55 . 2013-06-25 07:26	91368	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSAlpc\x64\NNSAlpc.sys
2013-05-29 03:55 . 2013-06-25 07:26	122088	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSHttp\x64\NNSHttp.sys
2013-05-29 03:55 . 2013-06-25 07:26	191968	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NNSStGen.dll
2013-05-29 03:55 . 2013-06-25 07:26	101856	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\NConv.dll
2013-05-29 03:55 . 2013-06-25 07:27	93928	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNStlsc.sys
2013-05-29 03:55 . 2013-06-25 07:27	230376	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSStrm.sys
2013-05-29 03:55 . 2013-06-25 07:27	108904	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSSmtp.sys
2013-05-29 03:55 . 2013-06-25 07:26	93928	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNStlsc\x86\NNStlsc.sys
2013-05-29 03:55 . 2013-06-25 07:26	230376	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSStrm\x86\NNSStrm.sys
2013-05-29 03:55 . 2013-06-25 07:26	108904	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSSmtp\x86\NNSSmtp.sys
2013-05-29 03:55 . 2013-06-25 07:27	287336	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSProt.sys
2013-05-29 03:55 . 2013-06-25 07:27	161384	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSPrv.sys
2013-05-29 03:55 . 2013-06-25 07:27	106344	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSPop3.sys
2013-05-29 03:55 . 2013-06-25 07:26	161384	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSPrv\x86\NNSPrv.sys
2013-05-29 03:55 . 2013-06-25 07:26	287336	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSProt\x86\NNSProt.sys
2013-05-29 03:55 . 2013-06-25 07:26	106344	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSPop3\x86\NNSPop3.sys
2013-05-29 03:55 . 2013-06-25 07:27	61672	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSPihsw.sys
2013-05-29 03:55 . 2013-06-25 07:27	52328	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSpihs.sys
2013-05-29 03:55 . 2013-06-25 07:27	95464	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSpicc.sys
2013-05-29 03:55 . 2013-06-25 07:27	124648	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSIds.sys
2013-05-29 03:55 . 2013-06-25 07:26	95464	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSpicc\x86\NNSpicc.sys
2013-05-29 03:55 . 2013-06-25 07:26	61672	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSpihsw\x86\NNSPihsw.sys
2013-05-29 03:55 . 2013-06-25 07:26	124648	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSIds\x86\NNSIds.sys
2013-05-29 03:55 . 2013-06-25 07:27	84200	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSAlpc.sys
2013-05-29 03:55 . 2013-06-25 07:27	126184	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSHttp.sys
2013-05-29 03:55 . 2013-06-25 07:27	107752	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\System32\drivers\NNSHttps.sys
2013-05-29 03:55 . 2013-06-25 07:26	107752	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSHttps\x86\NNSHttps.sys
2013-05-29 03:55 . 2013-06-25 07:26	84200	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSAlpc\x86\NNSAlpc.sys
2013-05-29 03:55 . 2013-06-25 07:26	126184	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\Drivers\NNSHttp\x86\NNSHttp.sys
2013-05-29 02:08 . 2013-06-25 07:26	333792	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PrlTranslator.dll
2013-05-28 10:03 . 2013-06-25 07:27	2295264	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNSuspects.dll
2013-05-28 10:03 . 2013-06-25 07:27	2551776	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNScan.dll
2013-05-28 10:03 . 2013-06-25 07:27	2238432	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNResources.dll
2013-05-28 10:03 . 2013-06-25 07:27	2203104	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNReports.dll
2013-05-28 10:03 . 2013-06-25 07:27	115168	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNProcMonMng.dll
2013-05-28 10:02 . 2013-06-25 07:27	512992	----a-w-	c:\windows\system32\GroupPolicy\Machine\Scripts\Shutdown\Pan2.tmp\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\documents and settings\gebruiker\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\documents and settings\gebruiker\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\documents and settings\gebruiker\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\documents and settings\gebruiker\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2011-02-19 826368]
"PSUAMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\
Dropbox.lnk - c:\documents and settings\gebruiker\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Snelle start.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
backup=c:\windows\pss\Adobe Reader Snelle start.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^gebruiker^Menu Start^Programma's^Opstarten^Dropbox.lnk]
path=c:\documents and settings\gebruiker\Menu Start\Programma's\Opstarten\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-23 00:08	483328	----a-w-	c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 16:43	69632	----a-w-	c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-11 01:20	689488	----a-w-	c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 17:02	15360	----a-w-	c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-06-27 14:38	162328	----a-w-	c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-06-27 14:38	141848	----a-w-	c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-09 17:53	153136	----a-w-	c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-06-27 14:38	137752	----a-w-	c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-06-13 12:49	16377344	----a-w-	c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32	253816	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-09-30 08:16	68856	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\SELECT\\KIES.exe"=
"c:\\DfW2.6\\Digora.exe"=
"c:\\DfW2.6\\DfWAdmin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Documents and Settings\\gebruiker\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1315:TCP"= 1315:TCP:Digora
.
R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [26/11/2012 17:48 82728]
R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [26/11/2012 17:48 119080]
R1 NNSHTTPS;NNSHttps;c:\windows\system32\drivers\NNSHttps.sys [9/01/2013 22:45 95584]
R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [26/11/2012 17:48 123944]
R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [26/11/2012 17:48 94632]
R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [26/11/2012 17:48 105640]
R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [26/11/2012 17:48 286888]
R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [26/11/2012 17:48 159528]
R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [26/11/2012 17:48 108200]
R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [28/11/2012 15:04 218024]
R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [26/11/2012 17:48 93096]
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [9/11/2012 20:01 178728]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [27/01/2013 21:16 140512]
R2 PenCommService;Livescribe Pulse Smartpen Service;c:\program files\Common Files\Livescribe\PenComm\PenCommService.exe [1/10/2012 21:06 470528]
R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [27/10/2011 12:09 65536]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [9/11/2012 20:01 149288]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [9/11/2012 20:01 102184]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [9/11/2012 20:01 114216]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [9/11/2012 20:01 123560]
R2 PSUAService;Panda Product Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSUAService.exe [27/01/2013 23:38 37088]
R2 SOLID Server 4.2;SOLID Server 4.2;c:\solid4.2\solid.exe -sstart  -cc:\solid4.2\ -n "SOLID Server 4.2" --> c:\solid4.2\solid.exe -sstart  -cc:\solid4.2\ -n SOLID Server 4.2 [?]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [14/04/2008 19:11 41216]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13/07/2012 13:28 160944]
S3 NNSNAHS;Network Activity Hook Server Service;c:\windows\system32\drivers\NNSNAHS.sys [22/10/2012 13:08 38824]
S3 PulseUsb;Livescribe Smartpen USB Driver;c:\windows\system32\drivers\PulseUsb.sys [31/01/2013 14:43 20480]
S4 NNSPIHS;NNSPihs;c:\windows\system32\drivers\NNSpihs.sys [26/11/2012 17:48 51496]
.
--- Andere Services/Drivers In Geheugen ---
.
*Deregistered* - PSKMAD
.
Inhoud van de 'Gedeelde Taken' map
.
2013-08-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 07:28]
.
2013-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 09:33]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 09:33]
.
2013-08-26 c:\windows\Tasks\User_Feed_Synchronization-{FC643F5C-3160-478A-9BFF-FDE45C46E5E3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
IE: Convert link target to Adobe PDF
IE: Convert link target to existing PDF
IE: Convert selected links to Adobe PDF
IE: Convert selected links to existing PDF
IE: Convert selection to Adobe PDF
IE: Convert selection to existing PDF
IE: Convert to Adobe PDF
IE: Convert to existing PDF
TCP: DhcpNameServer = 192.168.10.1
FF - ProfilePath - c:\documents and settings\gebruiker\Application Data\Mozilla\Firefox\Profiles\ryvspka0.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/
FF - ExtSQL: !HIDDEN! 2009-09-02 18:46; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS VERWIJDERD - - - -
.
ShellIconOverlayIdentifiers-{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6} - (no file)
ShellIconOverlayIdentifiers-{9AE343CB-BA45-4618-AF6A-0230EE6FC793} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-08-26 10:04
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ... 
.
scannen van verborgen autostart items ... 
.
scannen van verborgen bestanden ... 
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'explorer.exe'(960)
c:\documents and settings\gebruiker\Application Data\Dropbox\bin\DropboxExt.19.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Voltooingstijd: 2013-08-26  10:06:18
ComboFix-quarantined-files.txt  2013-08-26 08:06
.
Pre-Run: 126.114.455.552 bytes beschikbaar
Post-Run: 126.719.590.400 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BE0524C044AB64D51F0FE70F745ED0CB
8F558EB6672622401DA993E1E865C861