ComboFix 11-05-23.02 - rajni 24-05-2011  12:30:02.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.1791.598 [GMT 2:00]
Gestart vanuit: c:\users\rajni\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Nieuw herstelpunt werd aangemaakt
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2011-04-24 to 2011-05-24  ))))))))))))))))))))))))))))))
.
.
2011-05-24 10:34 . 2011-05-24 10:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-05-22 17:42 . 2011-05-22 17:42	--------	d-----w-	c:\programdata\Kaspersky Lab
2011-05-22 17:38 . 2011-05-22 17:38	--------	d-----w-	c:\windows\BDOSCAN8
2011-05-22 17:38 . 2011-05-22 17:39	--------	d--h--w-	c:\windows\AxInstSV
2011-05-22 16:43 . 2011-05-22 16:43	--------	d-----w-	c:\users\rajni\AppData\Roaming\f-secure
2011-05-22 16:40 . 2011-05-22 16:40	--------	d-----w-	c:\programdata\F-Secure
2011-05-22 16:21 . 2011-05-22 16:21	20040	----a-w-	c:\windows\system32\drivers\hitmanpro35.sys
2011-05-22 16:21 . 2011-05-22 16:21	--------	d-----w-	c:\programdata\Hitman Pro
2011-05-22 16:09 . 2011-05-22 16:15	--------	d-----w-	C:\test software
2011-05-21 23:36 . 2011-05-21 23:36	--------	d-----w-	c:\users\rajni\AppData\Local\{69F08FDD-7DA1-4888-9EAC-5358BB386056}
2011-05-20 20:38 . 2011-05-20 20:38	--------	d-----w-	c:\program files (x86)\Common Files\Plasmoo
2011-05-20 20:38 . 2011-05-20 20:38	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2011-05-20 19:23 . 2011-05-20 19:23	--------	d-----w-	c:\users\rajni\AppData\Local\{A3DD1233-F0C1-4334-9E10-7A6B51C4E4A2}
2011-05-16 22:33 . 2011-05-16 22:34	--------	d-----w-	c:\users\rajni\AppData\Local\{6729CDB6-39AB-479C-8D25-393A4B9E3C6E}
2011-05-16 22:20 . 2011-05-22 15:55	--------	d-----w-	c:\users\rajni\AppData\Local\Google
2011-05-16 22:20 . 2011-05-22 19:44	--------	d-----w-	c:\program files\Google
2011-05-16 22:20 . 2011-05-22 19:44	--------	d-----w-	c:\program files (x86)\Google
2011-05-15 11:57 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-15 11:57 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-05-15 11:55 . 2011-05-17 18:41	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-15 11:22 . 2011-05-15 11:22	--------	d-----w-	c:\users\rajni\AppData\Local\{63BC68F1-2D77-4000-9ED5-0B20E06F76FF}
2011-05-15 10:43 . 2011-04-09 07:02	5562240	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-05-15 10:43 . 2011-04-09 06:02	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-05-15 10:43 . 2011-04-09 06:02	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-05-08 18:21 . 2011-05-08 18:21	--------	d-----w-	c:\users\rajni\AppData\Local\{F6A3C143-11D9-409C-B1F4-F73BF73EC745}
2011-05-07 22:01 . 2011-05-07 22:01	--------	d-----w-	c:\users\rajni\AppData\Local\{AA5844D4-B50A-4A13-B6C2-88C9041CC80C}
2011-05-06 20:48 . 2011-05-06 20:48	--------	d-----w-	c:\users\rajni\AppData\Local\{F4C1D17C-15C7-4213-93D3-F50257CEE331}
2011-05-02 18:57 . 2011-05-02 18:58	--------	d-----w-	c:\users\rajni\AppData\Local\{586FEF53-162C-4D31-8311-92A881B29BDF}
2011-04-29 14:57 . 2011-04-29 14:57	--------	d-----w-	c:\users\rajni\AppData\Local\{180F25FE-08A8-421C-BB22-8B0402536DBE}
2011-04-28 18:31 . 2011-04-28 18:31	--------	d-----w-	c:\users\rajni\AppData\Local\{5AEB5D1C-E1FF-432B-9265-D06E8887F5A7}
2011-04-28 00:17 . 2011-03-12 12:08	1465344	----a-w-	c:\windows\system32\XpsPrint.dll
2011-04-28 00:17 . 2011-03-12 11:23	870912	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2011-04-28 00:17 . 2011-03-11 06:41	189824	----a-w-	c:\windows\system32\drivers\storport.sys
2011-04-28 00:17 . 2011-03-11 06:41	1659776	----a-w-	c:\windows\system32\drivers\ntfs.sys
2011-04-28 00:17 . 2011-03-11 06:41	148352	----a-w-	c:\windows\system32\drivers\nvraid.sys
2011-04-28 00:17 . 2011-03-11 06:41	410496	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2011-04-28 00:17 . 2011-03-11 06:41	27008	----a-w-	c:\windows\system32\drivers\amdxata.sys
2011-04-28 00:17 . 2011-03-11 06:33	2565632	----a-w-	c:\windows\system32\esent.dll
2011-04-28 00:17 . 2011-03-11 06:30	96768	----a-w-	c:\windows\system32\fsutil.exe
2011-04-28 00:17 . 2011-03-11 05:33	1699328	----a-w-	c:\windows\SysWow64\esent.dll
2011-04-28 00:17 . 2011-03-11 05:31	74240	----a-w-	c:\windows\SysWow64\fsutil.exe
2011-04-28 00:16 . 2011-03-11 06:41	166272	----a-w-	c:\windows\system32\drivers\nvstor.sys
2011-04-28 00:16 . 2011-03-11 06:41	107904	----a-w-	c:\windows\system32\drivers\amdsata.sys
2011-04-28 00:16 . 2011-02-18 10:51	31232	----a-w-	c:\windows\system32\prevhost.exe
2011-04-28 00:16 . 2011-02-18 05:39	31232	----a-w-	c:\windows\SysWow64\prevhost.exe
2011-04-28 00:16 . 2011-02-25 06:19	2871808	----a-w-	c:\windows\explorer.exe
2011-04-28 00:16 . 2011-02-25 05:30	2616320	----a-w-	c:\windows\SysWow64\explorer.exe
2011-04-28 00:12 . 2011-04-28 00:12	--------	d-----w-	c:\users\rajni\AppData\Local\{6C331B91-0EB1-4635-89E0-4CC380C9F05F}
2011-04-28 00:01 . 2011-04-28 00:01	--------	d-----w-	c:\users\rajni\AppData\Roaming\dvdcss
2011-04-27 22:58 . 2011-04-27 22:58	--------	d-----w-	c:\users\rajni\AppData\Roaming\Panda Security
2011-04-27 22:57 . 2011-04-27 22:57	--------	d-----w-	c:\programdata\Panda Security
2011-04-27 22:57 . 2011-04-27 22:57	--------	d-----w-	c:\program files (x86)\Panda Security
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 08:06 . 2011-04-21 17:56	54728	----a-w-	c:\windows\system32\drivers\Soluto.sys
2011-04-13 15:28 . 2011-04-13 15:28	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-04-12 00:34 . 2010-06-24 09:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-12 00:16 . 2011-04-12 00:16	53248	----a-r-	c:\users\rajni\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-04-11 23:30 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-04-11 23:30 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-04-11 23:08 . 2011-04-11 23:08	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-04-11 23:08 . 2011-04-11 23:08	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-11 23:08 . 2011-04-11 23:08	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-11 23:08 . 2011-04-11 23:08	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-04-11 23:08 . 2011-04-11 23:08	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-04-11 23:08 . 2011-04-11 23:08	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-04-11 23:08 . 2011-04-11 23:08	1797632	----a-w-	c:\windows\SysWow64\jscript9.dll
2011-04-11 23:08 . 2011-04-11 23:08	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-04-11 23:08 . 2011-04-11 23:08	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-04-11 23:08 . 2011-04-11 23:08	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-04-11 23:08 . 2011-04-11 23:08	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-04-11 23:08 . 2011-04-11 23:08	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-04-11 23:08 . 2011-04-11 23:08	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-04-11 23:08 . 2011-04-11 23:08	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-04-11 23:08 . 2011-04-11 23:08	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-04-11 23:08 . 2011-04-11 23:08	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-04-11 23:08 . 2011-04-11 23:08	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-04-11 23:08 . 2011-04-11 23:08	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-04-11 23:08 . 2011-04-11 23:08	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-04-11 23:08 . 2011-04-11 23:08	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-04-11 23:08 . 2011-04-11 23:08	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-11 23:08 . 2011-04-11 23:08	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-04-11 23:08 . 2011-04-11 23:08	222208	----a-w-	c:\windows\system32\msls31.dll
2011-04-11 23:08 . 2011-04-11 23:08	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-04-11 23:08 . 2011-04-11 23:08	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-04-11 23:08 . 2011-04-11 23:08	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-04-11 23:08 . 2011-04-11 23:08	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-04-11 23:08 . 2011-04-11 23:08	2303488	----a-w-	c:\windows\system32\jscript9.dll
2011-04-11 23:08 . 2011-04-11 23:08	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-04-11 23:08 . 2011-04-11 23:08	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-04-11 23:08 . 2011-04-11 23:08	12288	----a-w-	c:\windows\system32\mshta.exe
2011-04-11 23:08 . 2011-04-11 23:08	114176	----a-w-	c:\windows\system32\admparse.dll
2011-04-11 23:08 . 2011-04-11 23:08	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-04-11 23:08 . 2011-04-11 23:08	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-04-11 23:08 . 2011-04-11 23:08	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-04-11 23:08 . 2011-04-11 23:08	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-04-11 23:08 . 2011-04-11 23:08	448512	----a-w-	c:\windows\system32\html.iec
2011-04-11 23:08 . 2011-04-11 23:08	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-04-11 23:08 . 2011-04-11 23:08	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-04-11 23:08 . 2011-04-11 23:08	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-04-11 23:08 . 2011-04-11 23:08	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-04-11 23:08 . 2011-04-11 23:08	160256	----a-w-	c:\windows\system32\wextract.exe
2011-04-11 08:21 . 2011-04-22 12:27	8802128	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E7702FC-F822-4E88-BDB5-4934B400DD55}\mpengine.dll
2011-04-01 05:10 . 2011-04-01 05:10	539232	----a-w-	c:\windows\SysWow64\LVUI2RC.dll
2011-04-01 05:10 . 2011-04-01 05:10	543328	----a-w-	c:\windows\SysWow64\LVUI2.dll
2011-04-01 05:08 . 2011-04-01 05:08	301664	----a-w-	c:\windows\SysWow64\lvcodec2.dll
2011-04-01 05:07 . 2011-04-01 05:07	4184672	----a-w-	c:\windows\system32\drivers\lvuvc64.sys
2011-04-01 05:07 . 2011-04-01 05:07	559712	----a-w-	c:\windows\system32\LVUIRC64.dll
2011-04-01 05:07 . 2011-04-01 05:07	767584	----a-w-	c:\windows\system32\LVUI64.dll
2011-04-01 05:07 . 2011-04-01 05:07	10877272	----a-w-	c:\windows\SysWow64\LogiDPP.dll
2011-04-01 05:07 . 2011-04-01 05:07	10877272	----a-w-	c:\windows\system32\LogiDPP.dll
2011-04-01 05:07 . 2011-04-01 05:07	102744	----a-w-	c:\windows\SysWow64\LogiDPPApp.exe
2011-04-01 05:07 . 2011-04-01 05:07	102744	----a-w-	c:\windows\system32\LogiDPPApp.exe
2011-04-01 05:06 . 2011-04-01 05:06	331608	----a-w-	c:\windows\SysWow64\DevManagerCore.dll
2011-04-01 05:06 . 2011-04-01 05:06	331608	----a-w-	c:\windows\system32\DevManagerCore.dll
2011-04-01 05:06 . 2011-04-01 05:06	341856	----a-w-	c:\windows\system32\drivers\lvrs64.sys
2011-04-01 05:05 . 2011-04-01 05:05	261728	----a-w-	c:\windows\system32\lvco13251014.dll
2011-04-01 05:05 . 2011-04-01 05:05	172128	----a-w-	c:\windows\system32\lvcod64.dll
2011-04-01 04:56 . 2011-04-01 04:56	39318	----a-w-	c:\windows\system32\Repository.reg
2011-03-22 22:02 . 2011-03-22 22:02	15192	----a-w-	c:\windows\system32\drivers\iKeyLFT264.dll
2011-03-11 06:34 . 2011-04-13 14:10	1359872	----a-w-	c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-13 14:10	1395712	----a-w-	c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-13 14:10	1137664	----a-w-	c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-13 14:10	1164288	----a-w-	c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:29 . 2011-04-13 14:09	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-13 14:09	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:19 . 2011-04-28 00:16	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-28 00:16	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-13 14:10	183296	----a-w-	c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-13 14:10	30208	----a-w-	c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-13 14:10	28672	----a-w-	c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-13 14:10	3135488	----a-w-	c:\windows\system32\win32k.sys
2011-02-24 06:15 . 2011-04-13 14:31	476160	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:38 . 2011-04-13 14:31	288256	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PSUNMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-02-24 423232]
"LWS"="c:\windows programma's\logitech webcam\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\windows programma's\PSI\psi_tray.exe [2011-1-10 291896]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]
WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S2 MBAMService;MBAMService;c:\windows programma's\malwarebytes\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-12-16 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\windows programma's\PSI\PSIA.exe [2011-01-10 993848]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-04-14 352800]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 130048]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Secunia Update Agent;Secunia Update Agent;c:\windows programma's\PSI\sua.exe [2011-01-10 399416]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2011-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 22:20]
.
2011-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-16 22:20]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-12-16 16:17	473408	----a-w-	c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-12-16 16:17	473408	----a-w-	c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\windows programma's\fences\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.nl/
mLocal Page = c:\windows\SysWOW64\blank.htm
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1442498207-2955624652-1038492164-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1442498207-2955624652-1038492164-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2011-05-24  12:37:35
ComboFix-quarantined-files.txt  2011-05-24 10:37
.
Pre-Run: 291.063.808.000 bytes beschikbaar
Post-Run: 291.313.299.456 bytes beschikbaar
.
- - End Of File - - 3D655C0543C12F92235A8F147901A2D4