ComboFix 11-05-23.02 - Brian 24-05-2011   0:25.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.3959.2343 [GMT 2:00]
Gestart vanuit: c:\users\Brian\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Brian\Desktop\CFScript.txt..txt
AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Brian\AppData\Local\{0BB28A8C-A8E1-4A4A-A5D6-CC55CE3375D8}
c:\users\Brian\AppData\Local\{1F89C8FC-3CF0-4EC0-91CA-41F8DAD6B751}
c:\users\Brian\AppData\Local\{26BA7BBA-03C9-46ED-94CC-412716773084}
c:\users\Brian\AppData\Local\{29E77774-8DA3-4A18-9FC0-57697BBC8F58}
c:\users\Brian\AppData\Local\{3C0E1068-A7C8-499A-BE77-922C2B7E48BB}
c:\users\Brian\AppData\Local\{4216A81F-DB6C-4531-85CA-BA160AC519A8}
c:\users\Brian\AppData\Local\{4C5618BE-D5DE-45E8-92EC-A87B95548DE3}
c:\users\Brian\AppData\Local\{4F811CF2-E8F9-4C5E-B2B0-EAF497CEE715}
c:\users\Brian\AppData\Local\{53DEB455-35E4-4665-9754-1A5647828984}
c:\users\Brian\AppData\Local\{5B02BCCA-ACB6-4963-8A55-A6C42293C6A4}
c:\users\Brian\AppData\Local\{5C8EF62A-7A0D-49D5-8D48-79982A3EBD98}
c:\users\Brian\AppData\Local\{7B0370E6-395E-45E3-8273-2958BC6E7C5E}
c:\users\Brian\AppData\Local\{7F6D1FD4-CEA4-4A44-BA91-8A276006900D}
c:\users\Brian\AppData\Local\{821D5A7C-4378-4E25-83FF-DCA83C342D46}
c:\users\Brian\AppData\Local\{83A294BA-78B4-43BE-911F-878386CBC212}
c:\users\Brian\AppData\Local\{8E58A4E0-20F1-4848-A56F-DA13BD68F96F}
c:\users\Brian\AppData\Local\{9894EE77-B2E2-43B1-B57E-3AC583667781}
c:\users\Brian\AppData\Local\{9C4ED46C-F168-4F34-93AE-724CDC5EFB5E}
c:\users\Brian\AppData\Local\{9D153491-12B9-4235-8A53-3B4FB12BAC38}
c:\users\Brian\AppData\Local\{A67AFCED-D3A3-4CC3-A56F-24DCF7DE2923}
c:\users\Brian\AppData\Local\{AB41BA59-9E6B-4F5F-A09F-C355F585DBDE}
c:\users\Brian\AppData\Local\{B50FED8F-4DAC-408C-8EAF-744640406D12}
c:\users\Brian\AppData\Local\{B6D2F1E4-8080-4FB2-B844-A05028E52D9A}
c:\users\Brian\AppData\Local\{BC80B540-F3AF-4C20-B153-97188B39FA8F}
c:\users\Brian\AppData\Local\{BCB293A6-48E5-4094-A4F9-2EEE5D16D401}
c:\users\Brian\AppData\Local\{C216B3B9-422D-4A13-9699-0E64D482B976}
c:\users\Brian\AppData\Local\{C915B5F0-BC9E-4DC7-917E-C21B1210490E}
c:\users\Brian\AppData\Local\{DCF1FE7F-EE3D-407B-9466-FB706B1DADB0}
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-04-23 to 2011-05-23  ))))))))))))))))))))))))))))))
.
.
2011-05-23 22:28 . 2011-05-23 22:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-05-21 17:36 . 2011-05-21 17:46	--------	d-----w-	c:\program files (x86)\games
2011-05-19 20:57 . 2011-05-19 20:57	42664	----a-w-	c:\windows\SysWow64\drivers\fsbts.sys
2011-05-18 21:07 . 2011-05-18 21:23	--------	d-----w-	c:\users\Brian\AppData\Roaming\Auslogics
2011-05-16 18:11 . 2011-05-16 18:12	--------	d-----w-	c:\users\Brian\AppData\Local\Google
2011-05-16 18:11 . 2011-05-16 18:11	--------	d-----w-	c:\program files (x86)\Google
2011-05-16 18:11 . 2011-05-21 14:22	--------	d-----w-	C:\test software
2011-05-16 17:42 . 2011-05-16 17:54	--------	d-----w-	c:\users\Brian\AppData\Roaming\IrfanView
2011-05-15 23:58 . 2011-05-15 23:58	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-05-15 23:31 . 2011-05-15 23:31	--------	d-----w-	c:\users\Brian\AppData\Roaming\f-secure
2011-05-15 23:31 . 2011-05-15 23:31	--------	d-----w-	c:\programdata\F-Secure
2011-05-15 23:28 . 2011-05-15 23:28	--------	d-----w-	c:\windows\Sun
2011-05-15 23:23 . 2011-05-15 23:26	--------	d-----w-	c:\windows\BDOSCAN8
2011-05-14 10:33 . 2011-05-14 10:33	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-12 20:59 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-12 20:59 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-05-12 19:35 . 2011-05-12 19:35	--------	d-----w-	c:\program files (x86)\MP3 Splitter Joiner Pro
2011-05-12 16:43 . 2011-04-09 07:02	5562240	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-05-12 16:43 . 2011-04-09 06:02	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-05-12 16:43 . 2011-04-09 06:02	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-05-10 15:05 . 2006-06-20 08:56	225280	----a-w-	c:\windows\SysWow64\rewire.dll
2011-05-10 15:05 . 2009-08-02 20:09	1554944	----a-w-	c:\windows\SysWow64\vorbis.acm
2011-05-10 15:04 . 2011-05-10 15:31	--------	d-----w-	c:\program files (x86)\VstPlugins
2011-05-10 15:04 . 2011-05-10 15:05	--------	d-----w-	c:\program files (x86)\Image-Line
2011-05-10 15:04 . 2011-05-10 15:04	--------	d-----w-	c:\program files (x86)\Outsim
2011-05-10 14:03 . 2011-05-10 14:04	--------	d-----w-	C:\virtual dj pro
2011-05-09 23:22 . 2011-05-09 23:22	--------	d-----w-	c:\users\Brian\VirtualBox VMs
2011-05-09 23:19 . 2011-04-26 12:38	231600	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2011-05-09 23:19 . 2011-04-26 12:37	56816	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2011-05-06 15:28 . 2011-05-06 15:28	--------	d-----w-	c:\users\Brian\AppData\Roaming\Belastingdienst
2011-05-05 21:47 . 2008-02-28 12:26	1414440	----a-w-	c:\windows\SysWow64\ShellManager310E2D762.dll
2011-05-04 18:19 . 2011-05-16 23:30	--------	d-----w-	c:\users\Brian\AppData\Roaming\Nero
2011-05-04 18:09 . 2011-05-04 18:09	--------	d-----w-	c:\users\Brian\AppData\Local\Ahead
2011-05-04 18:05 . 2011-05-16 23:33	--------	d-----w-	c:\program files (x86)\Common Files\Nero
2011-05-04 18:05 . 2011-05-16 23:32	--------	d-----w-	c:\program files (x86)\Nero
2011-05-04 18:05 . 2011-05-16 23:28	--------	d-----w-	c:\programdata\Nero
2011-05-03 11:42 . 2011-04-18 07:15	8802128	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7703F742-549C-4714-98ED-0C3EAEC0D81F}\mpengine.dll
2011-05-02 01:06 . 2011-05-05 21:41	--------	d-----w-	c:\programdata\MFAData
2011-05-02 00:30 . 2011-05-18 20:37	--------	d-----w-	c:\program files (x86)\Common Files\Plasmoo
2011-04-29 17:47 . 2011-04-29 17:47	--------	d-----w-	c:\users\Brian\AppData\Roaming\Foxit Software
2011-04-29 17:46 . 2011-04-29 17:46	--------	d-----w-	c:\program files (x86)\Foxit Software
2011-04-29 15:14 . 2011-04-29 15:14	--------	d-----w-	c:\programdata\SurfRight
2011-04-29 15:11 . 2011-05-12 16:50	20040	----a-w-	c:\windows\system32\drivers\hitmanpro35.sys
2011-04-29 15:10 . 2011-04-29 15:10	--------	d-----w-	c:\programdata\Hitman Pro
2011-04-27 09:57 . 2011-04-27 09:57	--------	d-----w-	c:\users\Brian\AppData\Roaming\Panda Security
2011-04-27 09:57 . 2011-04-27 09:57	--------	d-----w-	c:\users\Brian\AppData\Roaming\SurfSecret Privacy Suite
2011-04-27 09:57 . 2011-04-27 09:59	--------	d-----w-	c:\users\Brian\AppData\Local\panda2_0dn
2011-04-27 09:57 . 2011-05-23 19:58	--------	d-----w-	c:\programdata\Panda Security URL Filtering
2011-04-27 09:56 . 2011-04-27 10:00	--------	d-----w-	c:\program files (x86)\Panda Security
2011-04-27 09:56 . 2011-04-27 09:56	--------	d-----w-	c:\programdata\Panda Security
2011-04-27 09:39 . 2011-03-12 12:08	1465344	----a-w-	c:\windows\system32\XpsPrint.dll
2011-04-27 09:39 . 2011-03-12 11:23	870912	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2011-04-26 12:37 . 2011-04-26 12:37	156912	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2011-04-24 22:31 . 2011-05-10 15:55	--------	d-----w-	c:\users\Brian\AppData\Roaming\dvdcss
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-22 00:16 . 2011-04-22 00:16	53248	----a-r-	c:\users\Brian\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-04-21 23:44 . 2010-06-24 09:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-21 23:19 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-04-21 23:19 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-04-21 22:30 . 2011-04-21 22:30	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-04-21 22:30 . 2011-04-21 22:30	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-04-21 22:30 . 2011-04-21 22:30	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-04-21 22:30 . 2011-04-21 22:30	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-21 22:30 . 2011-04-21 22:30	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-21 22:30 . 2011-04-21 22:30	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-04-21 22:30 . 2011-04-21 22:30	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-04-21 22:30 . 2011-04-21 22:30	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-04-21 22:30 . 2011-04-21 22:30	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-04-21 22:30 . 2011-04-21 22:30	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-04-21 22:30 . 2011-04-21 22:30	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-04-21 22:30 . 2011-04-21 22:30	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-04-21 22:30 . 2011-04-21 22:30	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-04-21 22:30 . 2011-04-21 22:30	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-04-21 22:30 . 2011-04-21 22:30	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-04-21 22:30 . 2011-04-21 22:30	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-04-21 22:30 . 2011-04-21 22:30	2303488	----a-w-	c:\windows\system32\jscript9.dll
2011-04-21 22:30 . 2011-04-21 22:30	222208	----a-w-	c:\windows\system32\msls31.dll
2011-04-21 22:30 . 2011-04-21 22:30	1797632	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-04-21 22:30 . 2011-04-21 22:30	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-04-21 22:30 . 2011-04-21 22:30	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-04-21 22:30 . 2011-04-21 22:30	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-04-21 22:30 . 2011-04-21 22:30	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-04-21 22:30 . 2011-04-21 22:30	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-04-21 22:30 . 2011-04-21 22:30	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-04-21 22:30 . 2011-04-21 22:30	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-04-21 22:30 . 2011-04-21 22:30	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-04-21 22:30 . 2011-04-21 22:30	12288	----a-w-	c:\windows\system32\mshta.exe
2011-04-21 22:30 . 2011-04-21 22:30	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-04-21 22:30 . 2011-04-21 22:30	114176	----a-w-	c:\windows\system32\admparse.dll
2011-04-21 22:30 . 2011-04-21 22:30	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-04-21 22:30 . 2011-04-21 22:30	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-04-21 22:30 . 2011-04-21 22:30	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-04-21 22:30 . 2011-04-21 22:30	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-21 22:30 . 2011-04-21 22:30	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-04-21 22:30 . 2011-04-21 22:30	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-04-21 22:30 . 2011-04-21 22:30	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-04-21 22:30 . 2011-04-21 22:30	448512	----a-w-	c:\windows\system32\html.iec
2011-04-21 22:30 . 2011-04-21 22:30	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-04-21 22:30 . 2011-04-21 22:30	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-04-21 22:30 . 2011-04-21 22:30	160256	----a-w-	c:\windows\system32\wextract.exe
2011-04-21 22:30 . 2011-04-21 22:30	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-04-14 08:06 . 2011-04-22 14:40	54728	----a-w-	c:\windows\system32\drivers\Soluto.sys
2011-04-14 03:07 . 2011-04-22 00:02	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-04-13 22:40 . 2011-04-13 22:40	4284416	----a-w-	c:\windows\SysWow64\GPhotos.scr
2011-04-01 03:10 . 2011-04-01 03:10	539232	----a-w-	c:\windows\SysWow64\LVUI2RC.dll
2011-04-01 03:10 . 2011-04-01 03:10	543328	----a-w-	c:\windows\SysWow64\LVUI2.dll
2011-04-01 03:08 . 2011-04-01 03:08	301664	----a-w-	c:\windows\SysWow64\lvcodec2.dll
2011-04-01 03:07 . 2011-04-01 03:07	4184672	----a-w-	c:\windows\system32\drivers\lvuvc64.sys
2011-04-01 03:07 . 2011-04-01 03:07	559712	----a-w-	c:\windows\system32\LVUIRC64.dll
2011-04-01 03:07 . 2011-04-01 03:07	767584	----a-w-	c:\windows\system32\LVUI64.dll
2011-04-01 03:07 . 2011-04-01 03:07	10877272	----a-w-	c:\windows\SysWow64\LogiDPP.dll
2011-04-01 03:07 . 2011-04-01 03:07	10877272	----a-w-	c:\windows\system32\LogiDPP.dll
2011-04-01 03:07 . 2011-04-01 03:07	102744	----a-w-	c:\windows\SysWow64\LogiDPPApp.exe
2011-04-01 03:07 . 2011-04-01 03:07	102744	----a-w-	c:\windows\system32\LogiDPPApp.exe
2011-04-01 03:06 . 2011-04-01 03:06	331608	----a-w-	c:\windows\SysWow64\DevManagerCore.dll
2011-04-01 03:06 . 2011-04-01 03:06	331608	----a-w-	c:\windows\system32\DevManagerCore.dll
2011-04-01 03:06 . 2011-04-01 03:06	341856	----a-w-	c:\windows\system32\drivers\lvrs64.sys
2011-04-01 03:05 . 2011-04-01 03:05	261728	----a-w-	c:\windows\system32\lvco13251014.dll
2011-04-01 03:05 . 2011-04-01 03:05	172128	----a-w-	c:\windows\system32\lvcod64.dll
2011-04-01 02:56 . 2011-04-01 02:56	39318	----a-w-	c:\windows\system32\Repository.reg
2011-03-22 22:02 . 2011-03-22 22:02	15192	----a-w-	c:\windows\system32\drivers\iKeyLFT264.dll
2011-03-11 06:34 . 2011-04-21 21:48	1359872	----a-w-	c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-21 21:48	1395712	----a-w-	c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-21 21:48	1164288	----a-w-	c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:33 . 2011-04-21 21:48	1137664	----a-w-	c:\windows\SysWow64\mfc42.dll
2011-03-08 06:29 . 2011-04-21 21:47	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-21 21:47	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:19 . 2011-04-27 09:39	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-27 09:39	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-21 21:47	183296	----a-w-	c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-21 21:47	30208	----a-w-	c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-21 21:47	28672	----a-w-	c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-21 21:47	3135488	----a-w-	c:\windows\system32\win32k.sys
2011-02-24 06:15 . 2011-04-21 21:47	476160	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:38 . 2011-04-21 21:47	288256	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 04:56 . 2011-04-21 21:43	158208	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 04:56 . 2011-04-21 21:47	467456	----a-w-	c:\windows\system32\drivers\srv.sys
2011-02-23 04:56 . 2011-04-21 21:47	411648	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-02-23 04:55 . 2011-04-21 21:47	167936	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-02-23 04:55 . 2011-04-21 21:43	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 04:55 . 2011-04-21 21:43	128000	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 04:55 . 2011-04-21 21:43	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-23 98304]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"PSUNMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-02-24 423232]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-05-17 231592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]
WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R1 ctredr15.sys;ctredr15.sys;c:\windows\system32\drivers\ctredr15.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BthAvrcp;Bluetooth AVRCP-profiel;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-12-16 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-04-14 352800]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-12-16 16:17	473408	----a-w-	c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-12-16 16:17	473408	----a-w-	c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2009-10-02 134656]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.nl/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Brian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1553324041-628334424-3962532922-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1553324041-628334424-3962532922-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2011-05-24  00:30:42
ComboFix-quarantined-files.txt  2011-05-23 22:30
ComboFix2.txt  2011-05-23 19:49
.
Pre-Run: 1.461.704.916.992 bytes beschikbaar
Post-Run: 1.461.661.376.512 bytes beschikbaar
.
- - End Of File - - 93B368255EFC552B88CCD6BC17B24962