Dannyjs

Ja, het komt niet meer voor. De iconen op het bureaublad heb ik ook terug (aangevinkt in de rechtermuismenu onder 'beeld') Bedankt hiervoor Zal mijn malwarebeveiliging ook moeten bekijken. Danny

# AdwCleaner v3.018 - Report created 28/01/2014 at 20:26:34 # Updated 28/01/2014 by Xplode # Operating System : Windows 8 (64 bits) # Username : Admin - HP-THUISPC # Running from : C:\Users\Admin\Downloads\adwcleaner (1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\InstallCore ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 -\\ Google Chrome v32.0.1700.76 [ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1169 octets] - [28/01/2014 20:23:19] AdwCleaner[s0].txt - [1000 octets] - [28/01/2014 20:26:34] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1060 octets] ##########

Hoi, Ze zeggen mij juist dat de computer vandaag nog gebruikt geweest is. Waaronder ook opslag op een USB stick. Ik weet niet of dit gevolgen heeft voor het verdere verloop. Danny

Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Admin on ma 27/01/2014 at 20:17:22,80. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Admin\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-27-170417.log 16026 bytes ==== Deleting Files \ Folders ====================== C:\Users\Admin\Downloads\infrarecorder [1] not found C:\Program Files (x86)\RightSurf not found C:\Users\Admin\AppData\Roaming\InfraRecorder deleted C:\Program Files (x86)\InfraRecorder deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=106 folders=19 18250677 bytes) ==== EOF on ma 27/01/2014 at 20:18:34,29 ======================

[ATTACH]30060[/ATTACH] zoek-results.log

log.txt downloaden

Hallo Sinds vandaag heb ik geen enkel icoon meer op het bureaublad staan. Op internetpagina (IE) komt er langs rechts een inschuifbalk tevoorschijn met titel 'Related Searches' en soms een pop-upvenster aan de onderkant. Volgens ik kon vinden zou het om malware gaan. Gisteren heb ik het programma 'InfraRecorder' (om een iso-bestand op een DVD te branden)gedownload en ook het iso-bestand van linuxmint. Wat kan ik doen om dit te verwijderen? Alvast bedankt voor de reactie Danny Hieronder het RSIT log (kan het RSIT niet meesturen. Bijlage bijvoegen gaat niet. In het venster om het bestand te kiezen komt de inschuifbalk en de knop van bestand kiezen valt uit het venster. Ook het bijplakken bij het bericht gaat niet)

Nogmaals bedankt

Het ziet er goed uit. Alle zoekopdrachten komen goed terecht.

HitmanPro 3.7.1.186 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : PRELOAD Windows . . . . . . . : 5.1.3.2600.X86/2 User name . . . . . . : PRELOAD\admin License . . . . . . . : Free Scan date . . . . . . : 2013-01-30 22:54:09 Scan mode . . . . . . : Normal Scan duration . . . . : 3m 22s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 437 Objects scanned . . . : 769.615 Files scanned . . . . : 47.704 Remnants scanned . . : 203.244 files / 518.667 keys Malware _____________________________________________________________________ C:\WINDOWS\system32\Lffpx73.dll Size . . . . . . . : 102.400 bytes Age . . . . . . . : 74.0 days (2012-11-17 21:59:42) Entropy . . . . . : 5.6 SHA-256 . . . . . : 1E087D3C0FC91739763FEB9575B484DE80DBFBB9252E63FD44089C7800559343 > G Data . . . . . . : Gen:Variant.Symmi.8356 (Engine A) > Ikarus . . . . . . : Trojan.Crypt!IK Fuzzy . . . . . . : 115.0 Startup C:\WINDOWS\Tasks\UQNAEBM.job Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) HKU\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\AskTB5.6 (AskBar) Cookies _____________________________________________________________________ C:\Documents and Settings\admin\Cookies\0F5G68ZE.txt C:\Documents and Settings\admin\Cookies\0HBO3BQJ.txt C:\Documents and Settings\admin\Cookies\0IHHOCIA.txt C:\Documents and Settings\admin\Cookies\0IMG9AIT.txt C:\Documents and Settings\admin\Cookies\0K3E0D60.txt C:\Documents and Settings\admin\Cookies\0KLBPFMT.txt C:\Documents and Settings\admin\Cookies\0QFCJ3VZ.txt C:\Documents and Settings\admin\Cookies\0QW6J1F1.txt C:\Documents and Settings\admin\Cookies\0ZN1D40R.txt C:\Documents and Settings\admin\Cookies\1332G3JE.txt C:\Documents and Settings\admin\Cookies\14SXFHKF.txt C:\Documents and Settings\admin\Cookies\1YNKHADZ.txt C:\Documents and Settings\admin\Cookies\1ZW5D6BT.txt C:\Documents and Settings\admin\Cookies\21TK81TT.txt C:\Documents and Settings\admin\Cookies\24H6U99U.txt C:\Documents and Settings\admin\Cookies\2F9J15P2.txt C:\Documents and Settings\admin\Cookies\2JB1V3SZ.txt C:\Documents and Settings\admin\Cookies\2JIHKVB2.txt C:\Documents and Settings\admin\Cookies\2NFX8W90.txt C:\Documents and Settings\admin\Cookies\2X1Y3ZZ9.txt C:\Documents and Settings\admin\Cookies\2Z6AOSUA.txt C:\Documents and Settings\admin\Cookies\30EYXN5M.txt C:\Documents and Settings\admin\Cookies\32GKW5V3.txt C:\Documents and Settings\admin\Cookies\331PD0BN.txt C:\Documents and Settings\admin\Cookies\33D7BJFP.txt C:\Documents and Settings\admin\Cookies\34X5DRCL.txt C:\Documents and Settings\admin\Cookies\3A2AN1XV.txt C:\Documents and Settings\admin\Cookies\3EM4BX2Q.txt C:\Documents and Settings\admin\Cookies\3PCSTTQU.txt C:\Documents and Settings\admin\Cookies\3SYOFN73.txt C:\Documents and Settings\admin\Cookies\3T0D2BGR.txt C:\Documents and Settings\admin\Cookies\3XJD6BQI.txt C:\Documents and Settings\admin\Cookies\44XTH6ZU.txt C:\Documents and Settings\admin\Cookies\478QO8LI.txt C:\Documents and Settings\admin\Cookies\4A6CAMRV.txt C:\Documents and Settings\admin\Cookies\4CPGU5Q2.txt C:\Documents and Settings\admin\Cookies\4D2RFAIK.txt C:\Documents and Settings\admin\Cookies\4PLDXU5H.txt C:\Documents and Settings\admin\Cookies\4RMF54GH.txt C:\Documents and Settings\admin\Cookies\4YDYWYMQ.txt C:\Documents and Settings\admin\Cookies\4ZRF4TSF.txt C:\Documents and Settings\admin\Cookies\52LA36E5.txt C:\Documents and Settings\admin\Cookies\54L9J4OQ.txt C:\Documents and Settings\admin\Cookies\568MFU0K.txt C:\Documents and Settings\admin\Cookies\5IMB4UHT.txt C:\Documents and Settings\admin\Cookies\5NOT817W.txt C:\Documents and Settings\admin\Cookies\5Q2DZD7F.txt C:\Documents and Settings\admin\Cookies\5UFXL1I1.txt C:\Documents and Settings\admin\Cookies\5XTCLQXC.txt C:\Documents and Settings\admin\Cookies\61WFF17C.txt C:\Documents and Settings\admin\Cookies\6295681U.txt C:\Documents and Settings\admin\Cookies\66OT5BP1.txt C:\Documents and Settings\admin\Cookies\69JP87TC.txt C:\Documents and Settings\admin\Cookies\6BRTRPD3.txt C:\Documents and Settings\admin\Cookies\6G0UY828.txt C:\Documents and Settings\admin\Cookies\6MLPX44T.txt C:\Documents and Settings\admin\Cookies\6ONFSX62.txt C:\Documents and Settings\admin\Cookies\6PS4EAD0.txt C:\Documents and Settings\admin\Cookies\6UMLE6SH.txt C:\Documents and Settings\admin\Cookies\6W1OHV1Q.txt C:\Documents and Settings\admin\Cookies\70I04ZJW.txt C:\Documents and Settings\admin\Cookies\71A6WGHI.txt C:\Documents and Settings\admin\Cookies\72F4YH4X.txt C:\Documents and Settings\admin\Cookies\72VMEDSO.txt C:\Documents and Settings\admin\Cookies\743AZO9W.txt C:\Documents and Settings\admin\Cookies\76LHOWL9.txt C:\Documents and Settings\admin\Cookies\77Z0E8QV.txt C:\Documents and Settings\admin\Cookies\78NUWD51.txt C:\Documents and Settings\admin\Cookies\7FFI3HVI.txt C:\Documents and Settings\admin\Cookies\7FG4VZUZ.txt C:\Documents and Settings\admin\Cookies\7GJWKQMJ.txt C:\Documents and Settings\admin\Cookies\7VDKAKS4.txt C:\Documents and Settings\admin\Cookies\7YMEA3MK.txt C:\Documents and Settings\admin\Cookies\84N0PA10.txt C:\Documents and Settings\admin\Cookies\856E1888.txt C:\Documents and Settings\admin\Cookies\88SHPJFC.txt C:\Documents and Settings\admin\Cookies\8FLM1RBF.txt C:\Documents and Settings\admin\Cookies\8JU61BRX.txt C:\Documents and Settings\admin\Cookies\8MQT2LGU.txt C:\Documents and Settings\admin\Cookies\8RU5JU3O.txt C:\Documents and Settings\admin\Cookies\91JTUWFR.txt C:\Documents and Settings\admin\Cookies\951E2XSK.txt C:\Documents and Settings\admin\Cookies\9735UGXB.txt C:\Documents and Settings\admin\Cookies\976Q4SC3.txt C:\Documents and Settings\admin\Cookies\98AHS3WS.txt C:\Documents and Settings\admin\Cookies\99M66J1F.txt C:\Documents and Settings\admin\Cookies\9KC2JZEA.txt C:\Documents and Settings\admin\Cookies\9L4D33KZ.txt C:\Documents and Settings\admin\Cookies\9Q8477HY.txt C:\Documents and Settings\admin\Cookies\9RJ827PU.txt C:\Documents and Settings\admin\Cookies\9V9FDHEY.txt C:\Documents and Settings\admin\Cookies\A0KBMLB2.txt C:\Documents and Settings\admin\Cookies\A62DS91O.txt C:\Documents and Settings\admin\Cookies\admin@2hot****[2].txt C:\Documents and Settings\admin\Cookies\admin@ad.adocean[1].txt C:\Documents and Settings\admin\Cookies\admin@ad.caradisiac[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.adtop[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.adultpopunders[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.asp[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.belcenter[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.bnmedia[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.carbu[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.carocean.co[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.christianpost[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.columbusmagazine[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.eisma[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.elkspel[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.emesa[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.friendlyjerk[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.kookjij[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.myjizztube[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.neudesicmediagroup[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.nmv[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.o2[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.oneclicktube[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.****ostiefn[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.postimees[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.raasnet[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.routeyou[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.songteksten[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.stockverkoopadressen[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.supplyframe[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.traffikings[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.watchmygf[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.adremedy[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver.bluestar-interactive[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver.deinternetregie[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.ignitad[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.ikiosk[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.qplaygames[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.yopi[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver2.spele[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver3.spele[2].txt C:\Documents and Settings\admin\Cookies\admin@advertentie.zoekwekker[1].txt C:\Documents and Settings\admin\Cookies\admin@adverteren-gratis[2].txt C:\Documents and Settings\admin\Cookies\admin@advertising.studioemma[1].txt C:\Documents and Settings\admin\Cookies\admin@am1.activemeter[2].txt C:\Documents and Settings\admin\Cookies\admin@amateursexpert[2].txt C:\Documents and Settings\admin\Cookies\admin@auth.livejasmin[2].txt C:\Documents and Settings\admin\Cookies\admin@banners.facebookofsex[1].txt C:\Documents and Settings\admin\Cookies\admin@crazy****7[2].txt C:\Documents and Settings\admin\Cookies\admin@delivery.adyea[2].txt C:\Documents and Settings\admin\Cookies\admin@dicksgeilesexxxpagina[1].txt C:\Documents and Settings\admin\Cookies\admin@dumpa****[2].txt C:\Documents and Settings\admin\Cookies\admin@facebookofsex[1].txt C:\Documents and Settings\admin\Cookies\admin@free.****dirt[2].txt C:\Documents and Settings\admin\Cookies\admin@freezingsex[1].txt C:\Documents and Settings\admin\Cookies\admin@fuck-tube[1].txt C:\Documents and Settings\admin\Cookies\admin@fuck-vids[1].txt C:\Documents and Settings\admin\Cookies\admin@fuckinghard[1].txt C:\Documents and Settings\admin\Cookies\admin@gratis-****o-filmpjes[2].txt C:\Documents and Settings\admin\Cookies\admin@gratis****ofilmpje[2].txt C:\Documents and Settings\admin\Cookies\admin@hornymatches[1].txt C:\Documents and Settings\admin\Cookies\admin@idfact.adservinginternational[1].txt C:\Documents and Settings\admin\Cookies\admin@in.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@justmakeitsexy[1].txt C:\Documents and Settings\admin\Cookies\admin@m.mystats[2].txt C:\Documents and Settings\admin\Cookies\admin@m2.sexgarantie[2].txt C:\Documents and Settings\admin\Cookies\admin@m2.sexgarantie[3].txt C:\Documents and Settings\admin\Cookies\admin@mature-amateur-sex[2].txt C:\Documents and Settings\admin\Cookies\admin@naked[2].txt C:\Documents and Settings\admin\Cookies\admin@noobfuck[2].txt C:\Documents and Settings\admin\Cookies\admin@novo****[2].txt C:\Documents and Settings\admin\Cookies\admin@onetwo****[2].txt C:\Documents and Settings\admin\Cookies\admin@****oland.x0[1].txt C:\Documents and Settings\admin\Cookies\admin@****omedia[1].txt C:\Documents and Settings\admin\Cookies\admin@****toob[1].txt C:\Documents and Settings\admin\Cookies\admin@****visit[1].txt C:\Documents and Settings\admin\Cookies\admin@****ycom[1].txt C:\Documents and Settings\admin\Cookies\admin@privesexopname[1].txt C:\Documents and Settings\admin\Cookies\admin@ptrfc[1].txt C:\Documents and Settings\admin\Cookies\admin@realhomesex[1].txt C:\Documents and Settings\admin\Cookies\admin@rts.doublepimp[1].txt C:\Documents and Settings\admin\Cookies\admin@rts.lj.doublepimp[1].txt C:\Documents and Settings\admin\Cookies\admin@sexdategezocht[1].txt C:\Documents and Settings\admin\Cookies\admin@sexfilm[1].txt C:\Documents and Settings\admin\Cookies\admin@sexkanjer[1].txt C:\Documents and Settings\admin\Cookies\admin@sexprofielen[1].txt C:\Documents and Settings\admin\Cookies\admin@sexvideoshub[2].txt C:\Documents and Settings\admin\Cookies\admin@sexxxtoob[2].txt C:\Documents and Settings\admin\Cookies\admin@sexy-bitches[2].txt C:\Documents and Settings\admin\Cookies\admin@sexyclips[1].txt C:\Documents and Settings\admin\Cookies\admin@sexyclips[2].txt C:\Documents and Settings\admin\Cookies\admin@sexyfunpics[2].txt C:\Documents and Settings\admin\Cookies\admin@sexytimez[2].txt C:\Documents and Settings\admin\Cookies\admin@simpel.adservinginternational[2].txt C:\Documents and Settings\admin\Cookies\admin@sparkle.adservinginternational[1].txt C:\Documents and Settings\admin\Cookies\admin@static.freewebs.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.belgacom[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.belgacomtv[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.edgevertising[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.n3po[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.n3po[3].txt C:\Documents and Settings\admin\Cookies\admin@stats.searchtrack[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.velleman[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.yours[2].txt C:\Documents and Settings\admin\Cookies\admin@t4.trackalyzer[1].txt C:\Documents and Settings\admin\Cookies\admin@teensexcraze[2].txt C:\Documents and Settings\admin\Cookies\admin@thuisexperimenteren[2].txt C:\Documents and Settings\admin\Cookies\admin@topamateur****[1].txt C:\Documents and Settings\admin\Cookies\admin@track.monitis[2].txt C:\Documents and Settings\admin\Cookies\admin@trackalyzer[1].txt C:\Documents and Settings\admin\Cookies\admin@tsprotraffic[1].txt C:\Documents and Settings\admin\Cookies\admin@twofuckers[1].txt C:\Documents and Settings\admin\Cookies\admin@videos****o[1].txt C:\Documents and Settings\admin\Cookies\admin@watchgf****[1].txt C:\Documents and Settings\admin\Cookies\admin@webanalytics.crownpeak.com.re.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@www.amateursexpert[1].txt C:\Documents and Settings\admin\Cookies\admin@www.dicksgeilesexxxpagina[2].txt C:\Documents and Settings\admin\Cookies\admin@www.fuck-tube[2].txt C:\Documents and Settings\admin\Cookies\admin@www.fuck-vids[1].txt C:\Documents and Settings\admin\Cookies\admin@www.fuckinghard[1].txt C:\Documents and Settings\admin\Cookies\admin@www.fucksexxx[1].txt C:\Documents and Settings\admin\Cookies\admin@www.gratis-****o-filmpjes[1].txt C:\Documents and Settings\admin\Cookies\admin@www.gratissexfilmpjes[2].txt C:\Documents and Settings\admin\Cookies\admin@www.gratissexfilmpjes[3].txt C:\Documents and Settings\admin\Cookies\admin@www.homesexdaily[1].txt C:\Documents and Settings\admin\Cookies\admin@www.justmakeitsexy[1].txt C:\Documents and Settings\admin\Cookies\admin@www.keiharde****o[1].txt C:\Documents and Settings\admin\Cookies\admin@www.keiharde****o[3].txt C:\Documents and Settings\admin\Cookies\admin@www.mystats[1].txt C:\Documents and Settings\admin\Cookies\admin@www.onetwo****[2].txt C:\Documents and Settings\admin\Cookies\admin@www.****-paradise[1].txt C:\Documents and Settings\admin\Cookies\admin@www.****ycom[1].txt C:\Documents and Settings\admin\Cookies\admin@www.realitykings[3].txt C:\Documents and Settings\admin\Cookies\admin@www.sexprofielen[1].txt C:\Documents and Settings\admin\Cookies\admin@www.sexvideoshub[2].txt C:\Documents and Settings\admin\Cookies\admin@www.sexyclips[2].txt C:\Documents and Settings\admin\Cookies\admin@www.sexytimez[1].txt C:\Documents and Settings\admin\Cookies\admin@www.teensexcraze[1].txt C:\Documents and Settings\admin\Cookies\admin@www.the****clips[2].txt C:\Documents and Settings\admin\Cookies\admin@www.tini****[1].txt C:\Documents and Settings\admin\Cookies\admin@www.xxxmofo[1].txt C:\Documents and Settings\admin\Cookies\admin@www.xxx****[2].txt C:\Documents and Settings\admin\Cookies\admin@xxxmofo[3].txt C:\Documents and Settings\admin\Cookies\admin@xxx****x[1].txt C:\Documents and Settings\admin\Cookies\admin@xxxprivates[1].txt C:\Documents and Settings\admin\Cookies\ALRAV6JC.txt C:\Documents and Settings\admin\Cookies\ANG4V927.txt C:\Documents and Settings\admin\Cookies\ASQ026VM.txt C:\Documents and Settings\admin\Cookies\AWP9VJSV.txt C:\Documents and Settings\admin\Cookies\AXCPWM7S.txt C:\Documents and Settings\admin\Cookies\B4L3GZBH.txt C:\Documents and Settings\admin\Cookies\B93SG5M1.txt C:\Documents and Settings\admin\Cookies\BG506ERF.txt C:\Documents and Settings\admin\Cookies\BGH9C169.txt C:\Documents and Settings\admin\Cookies\BHCSKTQ9.txt C:\Documents and Settings\admin\Cookies\BNH2CS5R.txt C:\Documents and Settings\admin\Cookies\C3S1G3JO.txt C:\Documents and Settings\admin\Cookies\C6E1Y9P7.txt C:\Documents and Settings\admin\Cookies\C8VEKI1W.txt C:\Documents and Settings\admin\Cookies\CDT2ZI6M.txt C:\Documents and Settings\admin\Cookies\CE1SS5M8.txt C:\Documents and Settings\admin\Cookies\CENFUHDB.txt C:\Documents and Settings\admin\Cookies\CH8MHPMK.txt C:\Documents and Settings\admin\Cookies\CJGEBJ1S.txt C:\Documents and Settings\admin\Cookies\CQHK3LE3.txt C:\Documents and Settings\admin\Cookies\D0VSOP6E.txt C:\Documents and Settings\admin\Cookies\D4574B6D.txt C:\Documents and Settings\admin\Cookies\D7BE316S.txt C:\Documents and Settings\admin\Cookies\D7DBBZDB.txt C:\Documents and Settings\admin\Cookies\D7GLE6VV.txt C:\Documents and Settings\admin\Cookies\DGTJAZMG.txt C:\Documents and Settings\admin\Cookies\DH89861S.txt C:\Documents and Settings\admin\Cookies\DMDH8QRL.txt C:\Documents and Settings\admin\Cookies\DOPEWJY4.txt C:\Documents and Settings\admin\Cookies\DRJ136FU.txt C:\Documents and Settings\admin\Cookies\DZV9O5K6.txt C:\Documents and Settings\admin\Cookies\E1UIGJI6.txt C:\Documents and Settings\admin\Cookies\E63Y83VH.txt C:\Documents and Settings\admin\Cookies\EB9MF6NT.txt C:\Documents and Settings\admin\Cookies\EIUABBCT.txt C:\Documents and Settings\admin\Cookies\F0WEL552.txt C:\Documents and Settings\admin\Cookies\F2D1PMIM.txt C:\Documents and Settings\admin\Cookies\FABEW3B7.txt C:\Documents and Settings\admin\Cookies\FQ5471DM.txt C:\Documents and Settings\admin\Cookies\FS0NRAOS.txt C:\Documents and Settings\admin\Cookies\FXH6TJDL.txt C:\Documents and Settings\admin\Cookies\G28KSAAY.txt C:\Documents and Settings\admin\Cookies\G2GW3VOH.txt C:\Documents and Settings\admin\Cookies\GGTMNGN0.txt C:\Documents and Settings\admin\Cookies\GOFCKGCA.txt C:\Documents and Settings\admin\Cookies\GYQKO3K6.txt C:\Documents and Settings\admin\Cookies\GZMG0BC5.txt C:\Documents and Settings\admin\Cookies\H15R3QHJ.txt C:\Documents and Settings\admin\Cookies\H1B1E1RB.txt C:\Documents and Settings\admin\Cookies\H2PDRCOB.txt C:\Documents and Settings\admin\Cookies\H8X299OL.txt C:\Documents and Settings\admin\Cookies\HBK60RPY.txt C:\Documents and Settings\admin\Cookies\HE4HR27Q.txt C:\Documents and Settings\admin\Cookies\HF5M3FQL.txt C:\Documents and Settings\admin\Cookies\HKCHQU29.txt C:\Documents and Settings\admin\Cookies\HL2C4YL7.txt C:\Documents and Settings\admin\Cookies\HV3N6N7P.txt C:\Documents and Settings\admin\Cookies\I0ADO2KO.txt C:\Documents and Settings\admin\Cookies\I97W983F.txt C:\Documents and Settings\admin\Cookies\I9JREUDA.txt C:\Documents and Settings\admin\Cookies\IC3TJE5O.txt C:\Documents and Settings\admin\Cookies\IEIYAH4B.txt C:\Documents and Settings\admin\Cookies\IMOIMCTD.txt C:\Documents and Settings\admin\Cookies\IRE3MEZS.txt C:\Documents and Settings\admin\Cookies\IX7IOR8I.txt C:\Documents and Settings\admin\Cookies\J13Y9LBI.txt C:\Documents and Settings\admin\Cookies\J22KZ5PB.txt C:\Documents and Settings\admin\Cookies\J9004GUH.txt C:\Documents and Settings\admin\Cookies\JHPA7JIR.txt C:\Documents and Settings\admin\Cookies\JIWY2TDV.txt C:\Documents and Settings\admin\Cookies\JPM1M8MH.txt C:\Documents and Settings\admin\Cookies\JSQLK705.txt C:\Documents and Settings\admin\Cookies\JT27J99Q.txt C:\Documents and Settings\admin\Cookies\JXFNH5F6.txt C:\Documents and Settings\admin\Cookies\K0TIDSD5.txt C:\Documents and Settings\admin\Cookies\KGXY57ZR.txt C:\Documents and Settings\admin\Cookies\KIGURJSS.txt C:\Documents and Settings\admin\Cookies\KM54RE9P.txt C:\Documents and Settings\admin\Cookies\KOOOAPOT.txt C:\Documents and Settings\admin\Cookies\KP31QQ1Q.txt C:\Documents and Settings\admin\Cookies\KXYNK9BY.txt C:\Documents and Settings\admin\Cookies\KYXIZB5O.txt C:\Documents and Settings\admin\Cookies\LEFW36NL.txt C:\Documents and Settings\admin\Cookies\LJAHX2W8.txt C:\Documents and Settings\admin\Cookies\LK67GXFC.txt C:\Documents and Settings\admin\Cookies\LQ2ZKONA.txt C:\Documents and Settings\admin\Cookies\LXC7164S.txt C:\Documents and Settings\admin\Cookies\MHA716L4.txt C:\Documents and Settings\admin\Cookies\MHGPNG1R.txt C:\Documents and Settings\admin\Cookies\MS7TCD1Y.txt C:\Documents and Settings\admin\Cookies\MU5RM44B.txt C:\Documents and Settings\admin\Cookies\MUDKG9AX.txt C:\Documents and Settings\admin\Cookies\MZZSJZCF.txt C:\Documents and Settings\admin\Cookies\N17J1E3U.txt C:\Documents and Settings\admin\Cookies\N2S9P93U.txt C:\Documents and Settings\admin\Cookies\N54ZJ91K.txt C:\Documents and Settings\admin\Cookies\N9YLAH7L.txt C:\Documents and Settings\admin\Cookies\NAOPMOCS.txt C:\Documents and Settings\admin\Cookies\NB78BRUN.txt C:\Documents and Settings\admin\Cookies\NDCN8SAE.txt C:\Documents and Settings\admin\Cookies\NEEC3YD5.txt C:\Documents and Settings\admin\Cookies\NHEV3L32.txt C:\Documents and Settings\admin\Cookies\NQDHQJGY.txt C:\Documents and Settings\admin\Cookies\NUSU85P6.txt C:\Documents and Settings\admin\Cookies\NVLZA1QS.txt C:\Documents and Settings\admin\Cookies\NXV0Z6X6.txt C:\Documents and Settings\admin\Cookies\NY6UBFFN.txt C:\Documents and Settings\admin\Cookies\NZJIJSOK.txt C:\Documents and Settings\admin\Cookies\NZRJ25XR.txt C:\Documents and Settings\admin\Cookies\O07P8WTM.txt C:\Documents and Settings\admin\Cookies\O11540TT.txt C:\Documents and Settings\admin\Cookies\O3PR9YNE.txt C:\Documents and Settings\admin\Cookies\O4Z3S92J.txt C:\Documents and Settings\admin\Cookies\O8ZEU0LL.txt C:\Documents and Settings\admin\Cookies\OACWCKCO.txt C:\Documents and Settings\admin\Cookies\OD4MSB9Z.txt C:\Documents and Settings\admin\Cookies\OMGTHXT4.txt C:\Documents and Settings\admin\Cookies\OO8TAIH1.txt C:\Documents and Settings\admin\Cookies\OQAAY7AZ.txt C:\Documents and Settings\admin\Cookies\OTUXEJ9K.txt C:\Documents and Settings\admin\Cookies\OU2FNY2V.txt C:\Documents and Settings\admin\Cookies\OV8AAE7Q.txt C:\Documents and Settings\admin\Cookies\OVYBI1PK.txt C:\Documents and Settings\admin\Cookies\OYBC66BO.txt C:\Documents and Settings\admin\Cookies\P72IIBIX.txt C:\Documents and Settings\admin\Cookies\PFDEBL4C.txt C:\Documents and Settings\admin\Cookies\PNYMXQWS.txt C:\Documents and Settings\admin\Cookies\PQ1KKW5S.txt C:\Documents and Settings\admin\Cookies\PSTBW6FP.txt C:\Documents and Settings\admin\Cookies\Q4VKZTRN.txt C:\Documents and Settings\admin\Cookies\QD59KWLR.txt C:\Documents and Settings\admin\Cookies\QW749JL4.txt C:\Documents and Settings\admin\Cookies\QX2OX261.txt C:\Documents and Settings\admin\Cookies\R1YNANQK.txt C:\Documents and Settings\admin\Cookies\R826OW0Z.txt C:\Documents and Settings\admin\Cookies\REDDAJ74.txt C:\Documents and Settings\admin\Cookies\RKB81BF7.txt C:\Documents and Settings\admin\Cookies\RU5FKP27.txt C:\Documents and Settings\admin\Cookies\RZ32GSZI.txt C:\Documents and Settings\admin\Cookies\S7F7NSWN.txt C:\Documents and Settings\admin\Cookies\SCXO5H1D.txt C:\Documents and Settings\admin\Cookies\SFTOOVX7.txt C:\Documents and Settings\admin\Cookies\SMLX4NKC.txt C:\Documents and Settings\admin\Cookies\SSRZRMRY.txt C:\Documents and Settings\admin\Cookies\T21MPCJT.txt C:\Documents and Settings\admin\Cookies\T2U71KAG.txt C:\Documents and Settings\admin\Cookies\T4ZKVCSF.txt C:\Documents and Settings\admin\Cookies\TGPLLALP.txt C:\Documents and Settings\admin\Cookies\TUARRBX8.txt C:\Documents and Settings\admin\Cookies\U3ZA49RL.txt C:\Documents and Settings\admin\Cookies\U4SMRJPG.txt C:\Documents and Settings\admin\Cookies\U5VODR8M.txt C:\Documents and Settings\admin\Cookies\UD5OT3F1.txt C:\Documents and Settings\admin\Cookies\UEM6UCQY.txt C:\Documents and Settings\admin\Cookies\UGPM8J17.txt C:\Documents and Settings\admin\Cookies\UGZC6570.txt C:\Documents and Settings\admin\Cookies\UN4HE5WO.txt C:\Documents and Settings\admin\Cookies\UVID54MN.txt C:\Documents and Settings\admin\Cookies\UWEEHDGL.txt C:\Documents and Settings\admin\Cookies\UZ5058I5.txt C:\Documents and Settings\admin\Cookies\UZIGPRTI.txt C:\Documents and Settings\admin\Cookies\UZOSWSLZ.txt C:\Documents and Settings\admin\Cookies\V3JLW0IS.txt C:\Documents and Settings\admin\Cookies\V5KZ5USI.txt C:\Documents and Settings\admin\Cookies\V6QW35HB.txt C:\Documents and Settings\admin\Cookies\V7EN0ZT3.txt C:\Documents and Settings\admin\Cookies\VI0G5PRL.txt C:\Documents and Settings\admin\Cookies\VI8UTUEP.txt C:\Documents and Settings\admin\Cookies\WCGC26TR.txt C:\Documents and Settings\admin\Cookies\WG0HCKX1.txt C:\Documents and Settings\admin\Cookies\WJKMUH1W.txt C:\Documents and Settings\admin\Cookies\WSUVKYPQ.txt C:\Documents and Settings\admin\Cookies\WT8LQMC7.txt C:\Documents and Settings\admin\Cookies\X181HP80.txt C:\Documents and Settings\admin\Cookies\X2BZXTW5.txt C:\Documents and Settings\admin\Cookies\X6EAU0OR.txt C:\Documents and Settings\admin\Cookies\X6OJG04H.txt C:\Documents and Settings\admin\Cookies\XC0SOSUD.txt C:\Documents and Settings\admin\Cookies\XC1NNCGD.txt C:\Documents and Settings\admin\Cookies\XC48G65B.txt C:\Documents and Settings\admin\Cookies\XD5WQZ1Q.txt C:\Documents and Settings\admin\Cookies\XYUF30Z1.txt C:\Documents and Settings\admin\Cookies\YCURW1WG.txt C:\Documents and Settings\admin\Cookies\YFWM2RQV.txt C:\Documents and Settings\admin\Cookies\YICAPPMA.txt C:\Documents and Settings\admin\Cookies\YTWDLJ5W.txt C:\Documents and Settings\admin\Cookies\YWGY6G1K.txt C:\Documents and Settings\admin\Cookies\YWSC9UQH.txt C:\Documents and Settings\admin\Cookies\Z3DTRECR.txt C:\Documents and Settings\admin\Cookies\Z8KA1DJN.txt C:\Documents and Settings\admin\Cookies\ZC705S2K.txt C:\Documents and Settings\admin\Cookies\ZD439BWK.txt C:\Documents and Settings\admin\Cookies\ZDQ9NQNJ.txt C:\Documents and Settings\admin\Cookies\ZE2ML63O.txt C:\Documents and Settings\admin\Cookies\ZH261RSS.txt C:\Documents and Settings\admin\Cookies\ZPD4OYAX.txt

OTL Extras logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Nero Software AG) "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.) "C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch-software "{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp "{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes "{13356EC0-FF25-44e8-ADD8-6316F1242834}" = CameraDrivers "{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack "{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver "{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload "{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1 "{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print "{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus "{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1 "{3BA4A5B0-09B7-4baf-977D-9883A6D00A7F}" = CameraUserGuides "{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap "{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm "{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan "{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig "{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1 "{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder "{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{91EBCCB9-A539-4306-AC5A-F372E0D6092B}" = OpenOffice.org 3.3 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1043-7B44-A71000000002}" = Adobe Reader 7.1.0 - Nederlands "{AE8BF750-EC1C-45d0-94F1-57895DADDEAC}" = HP Photosmart-camera's 6.0 "{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER "{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317 "{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support "{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant "{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML "{FD04987D-96A6-4FE1-813B-82B77B8B809C}" = EPSON PRINT Image Framer Tool "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection "Adobe ActiveShare" = Adobe ActiveShare 1.3 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "BlockCAD3.19_is1" = BlockCAD 3.19 "Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0 "EDUROM Tafeltrainer" = EDUROM Tafeltrainer "EPSON Printer and Utilities" = EPSON-printersoftware "ESPR340 Gebruikershandleiding" = ESPR340 Gebruikershandleiding "HP Imaging Device Functions" = HP Imaging Device Functions 6.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.0 "HP PrecisionScan LTX" = HP PrecisionScan LTX "HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0 "HTRDIKey" = Huggly's Schildpadden Speurtocht "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Ik zie Fantasie" = Ik zie Fantasie "Ik zie, ik zie in het spookhuis" = Ik zie, ik zie in het spookhuis "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "Junior Interactif" = Junior Interactif "Lucky luke - De zingende draad-Dutch" = Lucky luke - De zingende draad "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MuseScore" = MuseScore 1.0 MuseScore score typesetter "NeroMultiInstaller!UninstallKey" = Nero Suite "NIS" = Norton Internet Security "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Overhoor_is1" = Overhoor voor Windows 4.5.1 "Partituur Expert" = Partituur Expert 2005 "PrintMaster 7.00" = PrintMaster 7.00 "QSuite_is1" = QSuite Ver2.1 "QuickTime" = QuickTime "Recuva" = Recuva "Samsung ML-1640 Series" = Samsung ML-1640 Series "SlowView" = SlowView "SpellenSpektakel" = Disney’s SpellenSpektakel "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4 "Teach2000.7 XP - The Troolean Edition_is1" = Teach2000 8.42 "TimeCalendar_is1" = TimeCalendar 1.6.7 "Trellix2DeinstKey9" = Trellix Web "VLC media player" = VLC media player 1.1.11 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1" = Albelli.be Fotoboeken "Dropbox" = Dropbox "FREEDOM SceneView" = FREEDOM SceneView "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 17/01/2013 19:07:49 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 14:09:05 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 17:26:06 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:35:25 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:01 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:04 | Computer Name = PRELOAD | Source = Application Hang | ID = 1001 Description = Fout-bucket 02337167. Error - 26/01/2013 7:41:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:41:58 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:42:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 29/01/2013 17:37:02 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. [ System Events ] Error - 28/01/2013 15:54:46 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7023 Description = De Application Management-service is gestopt met de volgende foutcode: %%126. Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd < End of report >

OTL logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\admin\Bureaublad\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) PRC - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.) PRC - C:\Program Files\TimeCalendar\TC.exe (RScience) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () MOD - C:\WINDOWS\system32\ssp2ml3.dll () ========== Services (SafeList) ========== SRV - (Planner voor Automatische LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Ad-Aware Service) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SBAMSvc) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe (Symantec Corporation) SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () SRV - (Start BT in service) -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVENG.SYS (Symantec Corporation) DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys (Symantec Corporation) DRV - (gfibto) -- C:\WINDOWS\system32\drivers\gfibto.sys (GFI Software) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130126.002\IDSXpx86.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtspx.sys (Symantec Corporation) DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccsetx86.sys (Symantec Corporation) DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symtdi.sys (Symantec Corporation) DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ironx86.sys (Symantec Corporation) DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys (Symantec Corporation) DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.) DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.) DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.) DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.) DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.) DRV - (BTHidMgr) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys (IVT Corporation.) DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys (IVT Corporation.) DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.) DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation) DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.) DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.) DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Belgian Athletics - Calendar - Results - Rankings - Athletes IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{3A4F4D88-B593-47C7-89B2-4AD73260F074}: "URL" = {searchTerms} - Bing IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/10/03 22:28:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/01/29 07:33:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\VideoBar@meep.com: C:\Program Files\Meep\FF\ [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2013/01/24 20:50:56 | 000,582,262 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost #[iPv6] O1 - Hosts: 127.0.0.1 fr.a2dfp.net O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 abcstats.com O1 - Hosts: 127.0.0.1 a.abv.bg O1 - Hosts: 127.0.0.1 adserver.abv.bg O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 ca.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 achmedia.com O1 - Hosts: 127.0.0.1 aconti.net O1 - Hosts: 127.0.0.1 secure.aconti.net O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti] O1 - Hosts: 127.0.0.1 csh.actiondesk.com O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 ads.activepower.net O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 cms.ad2click.nl O1 - Hosts: 15666 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) O4 - HKCU..\Run: [TimeCalendar] C:\Program Files\TimeCalendar\TC.exe (RScience) O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30F776CA-CAB3-4AE9-8448-D3C936EA91BC}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/08/29 16:02:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell\AutoRun\command - "" = I:\DPFMate.exe O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/01/29 22:46:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/26 14:06:04 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/26 13:11:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/01/24 20:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\host [2013/01/23 21:30:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programma's\HiJackThis [2013/01/13 22:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus [2013/01/13 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\LavasoftStatistics [2013/01/13 22:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Ad-Aware Antivirus [2013/01/13 22:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [2013/01/13 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations [2013/01/13 22:16:58 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:58 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 22:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp [2013/01/13 22:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection [2013/01/13 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner [2013/01/07 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics [2013/01/07 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Windows PowerShell 1.0 [2013/01/07 14:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2013/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2013/01/07 12:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013/01/07 12:46:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2013/01/07 12:44:57 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2013/01/07 12:44:57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2013/01/07 12:44:57 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2013/01/07 12:44:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/29 22:50:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/01/29 22:46:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/29 22:01:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/01/29 19:01:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/01/29 07:34:52 | 000,012,710 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/01/29 07:34:14 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/29 07:33:23 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\UQNAEBM.job [2013/01/29 07:33:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/01/26 17:01:55 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk [2013/01/26 17:01:24 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Dropbox.lnk [2013/01/26 14:06:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/25 01:36:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2013/01/24 20:50:56 | 000,582,262 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS [2013/01/24 20:27:08 | 000,024,666 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/23 21:10:16 | 001,249,549 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 09:53:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2013/01/21 23:35:37 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:47:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013/01/21 20:30:39 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:56 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/20 12:00:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/18 19:21:34 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\spider.sav [2013/01/15 03:18:31 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:16:55 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:55 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 10:52:58 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG [2013/01/10 02:35:34 | 000,509,332 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat [2013/01/10 02:35:34 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/01/10 02:35:34 | 000,091,008 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat [2013/01/10 02:35:34 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/01/10 02:27:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/01/09 09:55:12 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2013/01/09 09:55:12 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2013/01/09 00:06:43 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2013/01/08 20:52:33 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/01/08 20:52:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/01/07 13:03:00 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/01/06 06:33:58 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2012/12/31 13:33:22 | 000,009,160 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/23 21:10:10 | 001,249,549 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 16:12:05 | 000,024,666 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/21 23:35:33 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:30:39 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:46 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/15 03:18:31 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:49:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/13 22:21:49 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/09 00:06:43 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2012/12/31 13:33:20 | 000,009,160 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [2012/11/17 21:59:42 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\Lffpx73.dll [2012/09/17 21:07:07 | 000,028,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/08/17 16:40:41 | 000,000,375 | ---- | C] () -- C:\WINDOWS\Disney.ini [2012/06/10 20:29:08 | 000,000,996 | ---- | C] () -- C:\WINDOWS\wininit.ini [2012/05/09 18:40:02 | 000,000,076 | ---- | C] () -- C:\WINDOWS\rack32a.ini [2012/02/16 08:23:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/05 16:01:22 | 021,073,936 | ---- | C] () -- C:\Program Files\vlc-1.1.11-win32.exe [2011/09/26 17:48:39 | 000,000,354 | ---- | C] () -- C:\WINDOWS\hegames.ini [2011/07/20 08:12:58 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/07/20 08:12:58 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2009/03/30 13:26:37 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\admin\jagex_runescape_preferences.dat [2007/09/26 19:57:59 | 000,009,773 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate [2007/03/01 21:22:15 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/10/08 19:59:39 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat [2006/09/27 19:23:02 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\admin\default.pls ========== ZeroAccess Check ========== [2006/10/08 19:36:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:02:39 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:02:44 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 < End of report > - - - Updated - - - OTL logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\admin\Bureaublad\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) PRC - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.) PRC - C:\Program Files\TimeCalendar\TC.exe (RScience) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () MOD - C:\WINDOWS\system32\ssp2ml3.dll () ========== Services (SafeList) ========== SRV - (Planner voor Automatische LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Ad-Aware Service) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SBAMSvc) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe (Symantec Corporation) SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () SRV - (Start BT in service) -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVENG.SYS (Symantec Corporation) DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys (Symantec Corporation) DRV - (gfibto) -- C:\WINDOWS\system32\drivers\gfibto.sys (GFI Software) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130126.002\IDSXpx86.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtspx.sys (Symantec Corporation) DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccsetx86.sys (Symantec Corporation) DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symtdi.sys (Symantec Corporation) DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ironx86.sys (Symantec Corporation) DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys (Symantec Corporation) DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.) DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.) DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.) DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.) DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.) DRV - (BTHidMgr) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys (IVT Corporation.) DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys (IVT Corporation.) DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.) DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation) DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.) DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.) DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atletiekinfo.be/ IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{3A4F4D88-B593-47C7-89B2-4AD73260F074}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/10/03 22:28:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/01/29 07:33:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\VideoBar@meep.com: C:\Program Files\Meep\FF\ [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2013/01/24 20:50:56 | 000,582,262 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost #[iPv6] O1 - Hosts: 127.0.0.1 fr.a2dfp.net O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 abcstats.com O1 - Hosts: 127.0.0.1 a.abv.bg O1 - Hosts: 127.0.0.1 adserver.abv.bg O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 ca.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 achmedia.com O1 - Hosts: 127.0.0.1 aconti.net O1 - Hosts: 127.0.0.1 secure.aconti.net O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti] O1 - Hosts: 127.0.0.1 csh.actiondesk.com O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 ads.activepower.net O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 cms.ad2click.nl O1 - Hosts: 15666 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) O4 - HKCU..\Run: [TimeCalendar] C:\Program Files\TimeCalendar\TC.exe (RScience) O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30F776CA-CAB3-4AE9-8448-D3C936EA91BC}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/08/29 16:02:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell\AutoRun\command - "" = I:\DPFMate.exe O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/01/29 22:46:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/26 14:06:04 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/26 13:11:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/01/24 20:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\host [2013/01/23 21:30:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programma's\HiJackThis [2013/01/13 22:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus [2013/01/13 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\LavasoftStatistics [2013/01/13 22:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Ad-Aware Antivirus [2013/01/13 22:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [2013/01/13 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations [2013/01/13 22:16:58 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:58 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 22:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp [2013/01/13 22:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection [2013/01/13 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner [2013/01/07 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics [2013/01/07 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Windows PowerShell 1.0 [2013/01/07 14:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2013/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2013/01/07 12:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013/01/07 12:46:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2013/01/07 12:44:57 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2013/01/07 12:44:57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2013/01/07 12:44:57 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2013/01/07 12:44:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/29 22:50:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/01/29 22:46:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/29 22:01:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/01/29 19:01:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/01/29 07:34:52 | 000,012,710 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/01/29 07:34:14 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/29 07:33:23 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\UQNAEBM.job [2013/01/29 07:33:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/01/26 17:01:55 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk [2013/01/26 17:01:24 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Dropbox.lnk [2013/01/26 14:06:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/25 01:36:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2013/01/24 20:50:56 | 000,582,262 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS [2013/01/24 20:27:08 | 000,024,666 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/23 21:10:16 | 001,249,549 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 09:53:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2013/01/21 23:35:37 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:47:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013/01/21 20:30:39 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:56 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/20 12:00:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/18 19:21:34 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\spider.sav [2013/01/15 03:18:31 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:16:55 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:55 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 10:52:58 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG [2013/01/10 02:35:34 | 000,509,332 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat [2013/01/10 02:35:34 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/01/10 02:35:34 | 000,091,008 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat [2013/01/10 02:35:34 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/01/10 02:27:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/01/09 09:55:12 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2013/01/09 09:55:12 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2013/01/09 00:06:43 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2013/01/08 20:52:33 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/01/08 20:52:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/01/07 13:03:00 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/01/06 06:33:58 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2012/12/31 13:33:22 | 000,009,160 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/23 21:10:10 | 001,249,549 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 16:12:05 | 000,024,666 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/21 23:35:33 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:30:39 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:46 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/15 03:18:31 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:49:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/13 22:21:49 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/09 00:06:43 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2012/12/31 13:33:20 | 000,009,160 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [2012/11/17 21:59:42 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\Lffpx73.dll [2012/09/17 21:07:07 | 000,028,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/08/17 16:40:41 | 000,000,375 | ---- | C] () -- C:\WINDOWS\Disney.ini [2012/06/10 20:29:08 | 000,000,996 | ---- | C] () -- C:\WINDOWS\wininit.ini [2012/05/09 18:40:02 | 000,000,076 | ---- | C] () -- C:\WINDOWS\rack32a.ini [2012/02/16 08:23:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/05 16:01:22 | 021,073,936 | ---- | C] () -- C:\Program Files\vlc-1.1.11-win32.exe [2011/09/26 17:48:39 | 000,000,354 | ---- | C] () -- C:\WINDOWS\hegames.ini [2011/07/20 08:12:58 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/07/20 08:12:58 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2009/03/30 13:26:37 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\admin\jagex_runescape_preferences.dat [2007/09/26 19:57:59 | 000,009,773 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate [2007/03/01 21:22:15 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/10/08 19:59:39 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat [2006/09/27 19:23:02 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\admin\default.pls ========== ZeroAccess Check ========== [2006/10/08 19:36:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:02:39 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:02:44 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 < End of report > - - - Updated - - - OTL Extras logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Nero Software AG) "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.) "C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch-software "{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp "{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes "{13356EC0-FF25-44e8-ADD8-6316F1242834}" = CameraDrivers "{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack "{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver "{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload "{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1 "{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print "{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus "{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1 "{3BA4A5B0-09B7-4baf-977D-9883A6D00A7F}" = CameraUserGuides "{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap "{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm "{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan "{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig "{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1 "{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder "{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{91EBCCB9-A539-4306-AC5A-F372E0D6092B}" = OpenOffice.org 3.3 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1043-7B44-A71000000002}" = Adobe Reader 7.1.0 - Nederlands "{AE8BF750-EC1C-45d0-94F1-57895DADDEAC}" = HP Photosmart-camera's 6.0 "{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER "{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317 "{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support "{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant "{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML "{FD04987D-96A6-4FE1-813B-82B77B8B809C}" = EPSON PRINT Image Framer Tool "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection "Adobe ActiveShare" = Adobe ActiveShare 1.3 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "BlockCAD3.19_is1" = BlockCAD 3.19 "Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0 "EDUROM Tafeltrainer" = EDUROM Tafeltrainer "EPSON Printer and Utilities" = EPSON-printersoftware "ESPR340 Gebruikershandleiding" = ESPR340 Gebruikershandleiding "HP Imaging Device Functions" = HP Imaging Device Functions 6.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.0 "HP PrecisionScan LTX" = HP PrecisionScan LTX "HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0 "HTRDIKey" = Huggly's Schildpadden Speurtocht "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Ik zie Fantasie" = Ik zie Fantasie "Ik zie, ik zie in het spookhuis" = Ik zie, ik zie in het spookhuis "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "Junior Interactif" = Junior Interactif "Lucky luke - De zingende draad-Dutch" = Lucky luke - De zingende draad "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MuseScore" = MuseScore 1.0 MuseScore score typesetter "NeroMultiInstaller!UninstallKey" = Nero Suite "NIS" = Norton Internet Security "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Overhoor_is1" = Overhoor voor Windows 4.5.1 "Partituur Expert" = Partituur Expert 2005 "PrintMaster 7.00" = PrintMaster 7.00 "QSuite_is1" = QSuite Ver2.1 "QuickTime" = QuickTime "Recuva" = Recuva "Samsung ML-1640 Series" = Samsung ML-1640 Series "SlowView" = SlowView "SpellenSpektakel" = Disney’s SpellenSpektakel "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4 "Teach2000.7 XP - The Troolean Edition_is1" = Teach2000 8.42 "TimeCalendar_is1" = TimeCalendar 1.6.7 "Trellix2DeinstKey9" = Trellix Web "VLC media player" = VLC media player 1.1.11 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1" = Albelli.be Fotoboeken "Dropbox" = Dropbox "FREEDOM SceneView" = FREEDOM SceneView "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 17/01/2013 19:07:49 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 14:09:05 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 17:26:06 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:35:25 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:01 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:04 | Computer Name = PRELOAD | Source = Application Hang | ID = 1001 Description = Fout-bucket 02337167. Error - 26/01/2013 7:41:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:41:58 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:42:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 29/01/2013 17:37:02 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. [ System Events ] Error - 28/01/2013 15:54:46 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7023 Description = De Application Management-service is gestopt met de volgende foutcode: %%126. Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd < End of report >

Alles verwijdert alsook zylom en 3d collapse. Terug opgestart maar het probleem blijft.

Alle zoekopdrachten worden nog algeleid naar de site van de zoekmachine zelf. Zowel google als bing. Een lege pagina is het resultaat

15:24:25.0203 0912 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 15:24:26.0156 0912 ============================================================ 15:24:26.0156 0912 Current date / time: 2013/01/26 15:24:26.0156 15:24:26.0156 0912 SystemInfo: 15:24:26.0156 0912 15:24:26.0156 0912 OS Version: 5.1.2600 ServicePack: 3.0 15:24:26.0156 0912 Product type: Workstation 15:24:26.0156 0912 ComputerName: PRELOAD 15:24:26.0156 0912 UserName: admin 15:24:26.0156 0912 Windows directory: C:\WINDOWS 15:24:26.0156 0912 System windows directory: C:\WINDOWS 15:24:26.0156 0912 Processor architecture: Intel x86 15:24:26.0156 0912 Number of processors: 2 15:24:26.0156 0912 Page size: 0x1000 15:24:26.0156 0912 Boot type: Normal boot 15:24:26.0156 0912 ============================================================ 15:24:29.0421 0912 Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:24:29.0500 0912 Drive \Device\Harddisk1\DR3 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 15:24:29.0500 0912 ============================================================ 15:24:29.0500 0912 \Device\Harddisk0\DR0: 15:24:29.0546 0912 MBR partitions: 15:24:29.0546 0912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559 15:24:29.0562 0912 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x1869E5D7, BlocksNum 0x4CE519C 15:24:29.0562 0912 \Device\Harddisk1\DR3: 15:24:29.0562 0912 MBR partitions: 15:24:29.0562 0912 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E938000 15:24:29.0562 0912 ============================================================ 15:24:29.0656 0912 C: <-> \Device\Harddisk0\DR0\Partition1 15:24:29.0656 0912 D: <-> \Device\Harddisk0\DR0\Partition2 15:24:30.0218 0912 H: <-> \Device\Harddisk1\DR3\Partition1 15:24:30.0250 0912 ============================================================ 15:24:30.0250 0912 Initialize success 15:24:30.0250 0912 ============================================================ 15:25:32.0328 0624 ============================================================ 15:25:32.0328 0624 Scan started 15:25:32.0328 0624 Mode: Manual; SigCheck; TDLFS; 15:25:32.0328 0624 ============================================================ 15:25:36.0562 0624 ================ Scan services ============================= 15:25:36.0687 0624 Abiosdsk - ok 15:25:36.0703 0624 abp480n5 - ok 15:25:36.0750 0624 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:25:40.0296 0624 ACPI - ok 15:25:40.0343 0624 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 15:25:40.0500 0624 ACPIEC - ok 15:25:40.0656 0624 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe 15:25:40.0750 0624 Ad-Aware Service - ok 15:25:40.0859 0624 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 15:25:40.0921 0624 AdobeFlashPlayerUpdateSvc - ok 15:25:40.0937 0624 adpu160m - ok 15:25:40.0968 0624 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 15:25:41.0109 0624 aec - ok 15:25:41.0140 0624 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 15:25:41.0234 0624 AFD - ok 15:25:41.0250 0624 Aha154x - ok 15:25:41.0250 0624 aic78u2 - ok 15:25:41.0265 0624 aic78xx - ok 15:25:41.0296 0624 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll 15:25:41.0453 0624 Alerter - ok 15:25:41.0468 0624 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe 15:25:41.0593 0624 ALG - ok 15:25:41.0609 0624 AliIde - ok 15:25:41.0609 0624 amsint - ok 15:25:41.0718 0624 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:25:41.0734 0624 Apple Mobile Device - ok 15:25:41.0734 0624 AppMgmt - ok 15:25:41.0750 0624 asc - ok 15:25:41.0750 0624 asc3350p - ok 15:25:41.0765 0624 asc3550 - ok 15:25:41.0890 0624 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:25:41.0937 0624 aspnet_state - ok 15:25:41.0984 0624 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:25:42.0109 0624 AsyncMac - ok 15:25:42.0156 0624 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 15:25:42.0406 0624 atapi - ok 15:25:42.0406 0624 Atdisk - ok 15:25:42.0453 0624 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:25:42.0609 0624 Atmarpc - ok 15:25:42.0781 0624 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 15:25:42.0921 0624 AudioSrv - ok 15:25:43.0031 0624 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 15:25:43.0218 0624 audstub - ok 15:25:43.0265 0624 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 15:25:43.0421 0624 Beep - ok 15:25:43.0453 0624 [ 71489FA2C4A238F178E30AE6E4449013 ] bgsvcgen C:\WINDOWS\system32\bgsvcgen.exe 15:25:43.0484 0624 bgsvcgen ( UnsignedFile.Multi.Generic ) - warning 15:25:43.0484 0624 bgsvcgen - detected UnsignedFile.Multi.Generic (1) 15:25:43.0671 0624 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys 15:25:43.0781 0624 BHDrvx86 - ok 15:25:43.0828 0624 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll 15:25:44.0218 0624 BITS - ok 15:25:44.0250 0624 [ 5FF9A3F3476D726AE62DA82D5DA94C36 ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys 15:25:44.0281 0624 BlueletAudio - ok 15:25:44.0312 0624 [ BD91AFC523FD59F881E1763C38FB772F ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys 15:25:44.0343 0624 BlueletSCOAudio - ok 15:25:44.0421 0624 [ E460DBC78B9162A569C6CE3B7D31216D ] BlueSoleil Hid Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe 15:25:44.0437 0624 BlueSoleil Hid Service - ok 15:25:44.0484 0624 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 15:25:44.0515 0624 Bonjour Service - ok 15:25:44.0578 0624 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll 15:25:44.0703 0624 Browser - ok 15:25:44.0734 0624 [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys 15:25:44.0750 0624 BT - ok 15:25:44.0796 0624 [ FB2ABC6D08D9F8D5ED8E02CBD18B39BB ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys 15:25:44.0812 0624 Btcsrusb - ok 15:25:44.0843 0624 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys 15:25:45.0156 0624 BthEnum - ok 15:25:45.0187 0624 [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum C:\WINDOWS\system32\Drivers\vbtenum.sys 15:25:45.0234 0624 BTHidEnum - ok 15:25:45.0234 0624 [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr C:\WINDOWS\system32\Drivers\BTHidMgr.sys 15:25:45.0250 0624 BTHidMgr - ok 15:25:45.0265 0624 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys 15:25:45.0406 0624 BTHMODEM - ok 15:25:45.0406 0624 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys 15:25:45.0578 0624 BthPan - ok 15:25:45.0609 0624 [ 29FF6A865782D0F5B8E7FA1FFAB4182B ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys 15:25:45.0703 0624 BTHPORT - ok 15:25:45.0750 0624 [ 530494EF38B7EEA798FAC9B87ECD5284 ] BthServ C:\WINDOWS\System32\bthserv.dll 15:25:45.0906 0624 BthServ - ok 15:25:45.0937 0624 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys 15:25:46.0093 0624 BTHUSB - ok 15:25:46.0109 0624 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 15:25:46.0296 0624 cbidf2k - ok 15:25:46.0375 0624 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1309000.009\ccSetx86.sys 15:25:46.0406 0624 ccSet_NIS - ok 15:25:46.0421 0624 cd20xrnt - ok 15:25:46.0437 0624 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 15:25:46.0578 0624 Cdaudio - ok 15:25:46.0593 0624 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 15:25:46.0718 0624 Cdfs - ok 15:25:46.0750 0624 [ 248349293CA42EE5DB61DC1FD85A2F49 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys 15:25:46.0765 0624 cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning 15:25:46.0765 0624 cdrbsdrv - detected UnsignedFile.Multi.Generic (1) 15:25:46.0781 0624 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:25:46.0921 0624 Cdrom - ok 15:25:46.0921 0624 Changer - ok 15:25:46.0984 0624 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe 15:25:47.0109 0624 CiSvc - ok 15:25:47.0140 0624 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 15:25:47.0484 0624 ClipSrv - ok 15:25:47.0515 0624 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:25:47.0562 0624 clr_optimization_v2.0.50727_32 - ok 15:25:47.0562 0624 CmdIde - ok 15:25:47.0578 0624 COMSysApp - ok 15:25:47.0593 0624 Cpqarray - ok 15:25:47.0609 0624 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 15:25:47.0765 0624 CryptSvc - ok 15:25:47.0781 0624 dac2w2k - ok 15:25:47.0781 0624 dac960nt - ok 15:25:47.0828 0624 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 15:25:48.0125 0624 DcomLaunch - ok 15:25:48.0203 0624 [ 770471DE2550820FEEB7E5D24BF2E273 ] DgiVecp C:\WINDOWS\system32\Drivers\DgiVecp.sys 15:25:48.0234 0624 DgiVecp ( UnsignedFile.Multi.Generic ) - warning 15:25:48.0234 0624 DgiVecp - detected UnsignedFile.Multi.Generic (1) 15:25:48.0281 0624 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 15:25:48.0421 0624 Dhcp - ok 15:25:48.0437 0624 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 15:25:48.0578 0624 Disk - ok 15:25:48.0593 0624 dmadmin - ok 15:25:48.0671 0624 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 15:25:48.0859 0624 dmboot - ok 15:25:48.0859 0624 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys 15:25:49.0031 0624 dmio - ok 15:25:49.0062 0624 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 15:25:49.0187 0624 dmload - ok 15:25:49.0218 0624 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll 15:25:49.0359 0624 dmserver - ok 15:25:49.0390 0624 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 15:25:49.0515 0624 DMusic - ok 15:25:49.0546 0624 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 15:25:49.0734 0624 Dnscache - ok 15:25:49.0781 0624 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 15:25:50.0078 0624 Dot3svc - ok 15:25:50.0093 0624 dpti2o - ok 15:25:50.0125 0624 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 15:25:50.0312 0624 drmkaud - ok 15:25:50.0375 0624 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll 15:25:50.0531 0624 EapHost - ok 15:25:50.0625 0624 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 15:25:50.0687 0624 eeCtrl - ok 15:25:50.0750 0624 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 15:25:50.0781 0624 EraserUtilRebootDrv - ok 15:25:50.0812 0624 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll 15:25:50.0953 0624 ERSvc - ok 15:25:51.0015 0624 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe 15:25:51.0046 0624 Eventlog - ok 15:25:51.0078 0624 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll 15:25:51.0140 0624 EventSystem - ok 15:25:51.0171 0624 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 15:25:51.0312 0624 Fastfat - ok 15:25:51.0359 0624 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 15:25:51.0468 0624 FastUserSwitchingCompatibility - ok 15:25:51.0515 0624 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 15:25:51.0625 0624 Fdc - ok 15:25:51.0671 0624 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 15:25:51.0781 0624 Fips - ok 15:25:51.0796 0624 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 15:25:51.0921 0624 Flpydisk - ok 15:25:52.0015 0624 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 15:25:52.0187 0624 FltMgr - ok 15:25:52.0281 0624 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:25:52.0359 0624 FontCache3.0.0.0 - ok 15:25:52.0359 0624 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:25:52.0515 0624 Fs_Rec - ok 15:25:52.0531 0624 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:25:52.0671 0624 Ftdisk - ok 15:25:52.0718 0624 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 15:25:52.0734 0624 GEARAspiWDM - ok 15:25:52.0765 0624 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys 15:25:52.0796 0624 gfibto - ok 15:25:52.0843 0624 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:25:52.0984 0624 Gpc - ok 15:25:53.0062 0624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 15:25:53.0093 0624 gupdate - ok 15:25:53.0109 0624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 15:25:53.0125 0624 gupdatem - ok 15:25:53.0140 0624 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:25:53.0296 0624 HDAudBus - ok 15:25:53.0375 0624 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:25:53.0515 0624 helpsvc - ok 15:25:53.0515 0624 HidServ - ok 15:25:53.0562 0624 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 15:25:53.0718 0624 hkmsvc - ok 15:25:53.0718 0624 hpn - ok 15:25:53.0765 0624 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 15:25:53.0828 0624 HTTP - ok 15:25:53.0843 0624 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 15:25:53.0984 0624 HTTPFilter - ok 15:25:53.0984 0624 i2omgmt - ok 15:25:54.0000 0624 i2omp - ok 15:25:54.0031 0624 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:25:54.0140 0624 i8042prt - ok 15:25:54.0234 0624 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 15:25:54.0421 0624 ialm - ok 15:25:54.0515 0624 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:25:54.0593 0624 idsvc - ok 15:25:54.0718 0624 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130124.001\IDSxpx86.sys 15:25:54.0781 0624 IDSxpx86 - ok 15:25:54.0812 0624 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 15:25:54.0937 0624 Imapi - ok 15:25:55.0000 0624 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe 15:25:55.0140 0624 ImapiService - ok 15:25:55.0156 0624 ini910u - ok 15:25:55.0328 0624 [ 71AE838A88B07268D732F596FC17CED5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 15:25:55.0671 0624 IntcAzAudAddService - ok 15:25:55.0703 0624 [ 72C63AD984D427D34BD5B9DB838D88EB ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 15:25:55.0828 0624 IntelIde - ok 15:25:55.0875 0624 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 15:25:56.0046 0624 intelppm - ok 15:25:56.0062 0624 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 15:25:56.0203 0624 Ip6Fw - ok 15:25:56.0234 0624 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:25:56.0390 0624 IpFilterDriver - ok 15:25:56.0421 0624 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:25:56.0546 0624 IpInIp - ok 15:25:56.0578 0624 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:25:56.0718 0624 IpNat - ok 15:25:56.0781 0624 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 15:25:56.0828 0624 iPod Service - ok 15:25:56.0859 0624 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:25:57.0015 0624 IPSec - ok 15:25:57.0031 0624 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 15:25:57.0140 0624 IRENUM - ok 15:25:57.0187 0624 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:25:57.0312 0624 isapnp - ok 15:25:57.0343 0624 [ 8F1BA487B35F0C8F637E05113AA815F8 ] itchfltr C:\WINDOWS\system32\DRIVERS\itchfltr.sys 15:25:57.0390 0624 itchfltr - ok 15:25:57.0515 0624 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 15:25:57.0531 0624 JavaQuickStarterService - ok 15:25:57.0546 0624 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:25:57.0671 0624 Kbdclass - ok 15:25:57.0703 0624 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 15:25:57.0828 0624 kmixer - ok 15:25:57.0859 0624 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 15:25:58.0031 0624 KSecDD - ok 15:25:58.0078 0624 [ 0F8B7BF7097D1E8D78F2F52A2BEA03CD ] L8042pr2 C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys 15:25:58.0125 0624 L8042pr2 - ok 15:25:58.0187 0624 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 15:25:58.0250 0624 lanmanserver - ok 15:25:58.0281 0624 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 15:25:58.0343 0624 lanmanworkstation - ok 15:25:58.0359 0624 Lbd - ok 15:25:58.0359 0624 lbrtfdc - ok 15:25:58.0437 0624 [ C12476DE1AFFB1BBA1A48A459CEB3D39 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 15:25:58.0437 0624 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 15:25:58.0437 0624 LightScribeService - detected UnsignedFile.Multi.Generic (1) 15:25:58.0484 0624 [ C837D17DE0B349539AA527EE750EBE2A ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe 15:25:58.0531 0624 LiveUpdate Notice Service - ok 15:25:58.0562 0624 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 15:25:58.0703 0624 LmHosts - ok 15:25:58.0750 0624 [ AEF09673376A4D93C09E8341854F1BF4 ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys 15:25:58.0765 0624 LMouFlt2 - ok 15:25:58.0812 0624 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 15:25:58.0828 0624 MBAMProtector - ok 15:25:58.0890 0624 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 15:25:58.0953 0624 MBAMScheduler - ok 15:25:59.0046 0624 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 15:25:59.0156 0624 MBAMService - ok 15:25:59.0171 0624 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll 15:25:59.0312 0624 Messenger - ok 15:25:59.0359 0624 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 15:25:59.0500 0624 mnmdd - ok 15:25:59.0531 0624 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 15:25:59.0640 0624 mnmsrvc - ok 15:25:59.0687 0624 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys 15:25:59.0796 0624 Modem - ok 15:25:59.0812 0624 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:25:59.0937 0624 Mouclass - ok 15:26:00.0078 0624 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 15:26:00.0234 0624 MountMgr - ok 15:26:00.0234 0624 mraid35x - ok 15:26:00.0265 0624 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:26:00.0390 0624 MRxDAV - ok 15:26:00.0421 0624 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:26:00.0562 0624 MRxSmb - ok 15:26:00.0578 0624 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe 15:26:00.0718 0624 MSDTC - ok 15:26:00.0734 0624 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 15:26:00.0890 0624 Msfs - ok 15:26:00.0890 0624 MSIServer - ok 15:26:00.0906 0624 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:26:01.0078 0624 MSKSSRV - ok 15:26:01.0109 0624 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:26:01.0234 0624 MSPCLOCK - ok 15:26:01.0234 0624 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 15:26:01.0375 0624 MSPQM - ok 15:26:01.0437 0624 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:26:01.0531 0624 mssmbios - ok 15:26:01.0578 0624 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 15:26:01.0640 0624 Mup - ok 15:26:01.0718 0624 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll 15:26:01.0875 0624 napagent - ok 15:26:02.0031 0624 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130125.023\NAVENG.SYS 15:26:02.0062 0624 NAVENG - ok 15:26:02.0125 0624 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130125.023\NAVEX15.SYS 15:26:02.0250 0624 NAVEX15 - ok 15:26:02.0343 0624 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 15:26:02.0500 0624 NDIS - ok 15:26:02.0546 0624 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:26:02.0625 0624 NdisTapi - ok 15:26:02.0671 0624 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:26:02.0796 0624 Ndisuio - ok 15:26:02.0843 0624 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:26:02.0968 0624 NdisWan - ok 15:26:03.0000 0624 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 15:26:03.0078 0624 NDProxy - ok 15:26:03.0093 0624 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 15:26:03.0203 0624 NetBIOS - ok 15:26:03.0234 0624 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 15:26:03.0359 0624 NetBT - ok 15:26:03.0390 0624 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe 15:26:03.0546 0624 NetDDE - ok 15:26:03.0546 0624 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 15:26:03.0671 0624 NetDDEdsdm - ok 15:26:03.0687 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe 15:26:03.0812 0624 Netlogon - ok 15:26:03.0843 0624 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll 15:26:03.0984 0624 Netman - ok 15:26:04.0046 0624 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:26:04.0078 0624 NetTcpPortSharing - ok 15:26:04.0156 0624 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe 15:26:04.0187 0624 NIS - ok 15:26:04.0250 0624 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll 15:26:04.0281 0624 Nla - ok 15:26:04.0312 0624 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 15:26:04.0437 0624 Npfs - ok 15:26:04.0468 0624 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 15:26:04.0640 0624 Ntfs - ok 15:26:04.0656 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 15:26:04.0765 0624 NtLmSsp - ok 15:26:04.0828 0624 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 15:26:05.0328 0624 NtmsSvc - ok 15:26:05.0359 0624 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 15:26:05.0500 0624 Null - ok 15:26:05.0531 0624 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:26:05.0656 0624 NwlnkFlt - ok 15:26:05.0671 0624 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:26:05.0843 0624 NwlnkFwd - ok 15:26:05.0875 0624 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 15:26:06.0000 0624 Parport - ok 15:26:06.0031 0624 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 15:26:06.0140 0624 PartMgr - ok 15:26:06.0187 0624 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 15:26:06.0312 0624 ParVdm - ok 15:26:06.0328 0624 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 15:26:06.0453 0624 PCI - ok 15:26:06.0468 0624 PCIDump - ok 15:26:06.0468 0624 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 15:26:06.0609 0624 PCIIde - ok 15:26:06.0671 0624 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 15:26:06.0796 0624 Pcmcia - ok 15:26:06.0812 0624 PDCOMP - ok 15:26:06.0812 0624 PDFRAME - ok 15:26:06.0828 0624 PDRELI - ok 15:26:06.0828 0624 PDRFRAME - ok 15:26:06.0843 0624 perc2 - ok 15:26:06.0859 0624 perc2hib - ok 15:26:06.0921 0624 Planner voor Automatische LiveUpdate - ok 15:26:06.0953 0624 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe 15:26:06.0984 0624 PlugPlay - ok 15:26:07.0000 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 15:26:07.0125 0624 PolicyAgent - ok 15:26:07.0156 0624 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:26:07.0265 0624 PptpMiniport - ok 15:26:07.0281 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 15:26:07.0390 0624 ProtectedStorage - ok 15:26:07.0406 0624 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 15:26:07.0531 0624 PSched - ok 15:26:07.0546 0624 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:26:07.0687 0624 Ptilink - ok 15:26:07.0718 0624 [ 7C81AE3C9B82BA2DA437ED4D31BC56CF ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 15:26:07.0750 0624 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning 15:26:07.0750 0624 PxHelp20 - detected UnsignedFile.Multi.Generic (1) 15:26:07.0750 0624 ql1080 - ok 15:26:07.0765 0624 Ql10wnt - ok 15:26:07.0765 0624 ql12160 - ok 15:26:07.0781 0624 ql1240 - ok 15:26:07.0781 0624 ql1280 - ok 15:26:07.0812 0624 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:26:07.0921 0624 RasAcd - ok 15:26:08.0000 0624 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll 15:26:08.0140 0624 RasAuto - ok 15:26:08.0156 0624 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:26:08.0296 0624 Rasl2tp - ok 15:26:08.0343 0624 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll 15:26:08.0468 0624 RasMan - ok 15:26:08.0484 0624 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:26:08.0593 0624 RasPppoe - ok 15:26:08.0609 0624 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 15:26:08.0734 0624 Raspti - ok 15:26:08.0750 0624 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:26:08.0875 0624 Rdbss - ok 15:26:08.0953 0624 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:26:09.0078 0624 RDPCDD - ok 15:26:09.0125 0624 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 15:26:09.0218 0624 RDPWD - ok 15:26:09.0250 0624 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 15:26:09.0406 0624 RDSessMgr - ok 15:26:09.0421 0624 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 15:26:09.0531 0624 redbook - ok 15:26:09.0578 0624 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 15:26:09.0718 0624 RemoteAccess - ok 15:26:09.0750 0624 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys 15:26:09.0906 0624 RFCOMM - ok 15:26:09.0937 0624 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys 15:26:10.0078 0624 ROOTMODEM - ok 15:26:10.0125 0624 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe 15:26:10.0234 0624 RpcLocator - ok 15:26:10.0265 0624 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll 15:26:10.0296 0624 RpcSs - ok 15:26:10.0312 0624 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe 15:26:10.0468 0624 RSVP - ok 15:26:10.0515 0624 [ D6E1B1BD04FAD422AF17FC4B810CB9AF ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 15:26:10.0546 0624 RTL8023xp - ok 15:26:10.0562 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe 15:26:10.0671 0624 SamSs - ok 15:26:10.0828 0624 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe 15:26:11.0234 0624 SBAMSvc - ok 15:26:11.0296 0624 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 15:26:11.0421 0624 SCardSvr - ok 15:26:11.0453 0624 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll 15:26:11.0609 0624 Schedule - ok 15:26:11.0656 0624 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:26:11.0828 0624 Secdrv - ok 15:26:11.0859 0624 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll 15:26:11.0968 0624 seclogon - ok 15:26:12.0015 0624 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll 15:26:12.0125 0624 SENS - ok 15:26:12.0156 0624 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 15:26:12.0281 0624 serenum - ok 15:26:12.0312 0624 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 15:26:12.0437 0624 Serial - ok 15:26:12.0453 0624 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 15:26:12.0593 0624 Sfloppy - ok 15:26:12.0640 0624 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 15:26:12.0828 0624 SharedAccess - ok 15:26:12.0859 0624 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 15:26:12.0875 0624 ShellHWDetection - ok 15:26:12.0890 0624 Simbad - ok 15:26:12.0906 0624 Sparrow - ok 15:26:12.0953 0624 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 15:26:13.0078 0624 splitter - ok 15:26:13.0125 0624 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 15:26:13.0187 0624 Spooler - ok 15:26:13.0218 0624 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 15:26:13.0328 0624 sr - ok 15:26:13.0375 0624 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll 15:26:13.0578 0624 srservice - ok 15:26:13.0734 0624 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1309000.009\SRTSP.SYS 15:26:14.0046 0624 SRTSP - ok 15:26:14.0078 0624 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1309000.009\SRTSPX.SYS 15:26:14.0109 0624 SRTSPX - ok 15:26:14.0156 0624 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 15:26:14.0296 0624 Srv - ok 15:26:14.0328 0624 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 15:26:14.0453 0624 SSDPSRV - ok 15:26:14.0468 0624 SSPORT - ok 15:26:14.0500 0624 [ 9D1A8732718438DC8C472D4D7762DE5F ] Start BT in service C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe 15:26:14.0515 0624 Start BT in service - ok 15:26:14.0562 0624 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll 15:26:14.0718 0624 stisvc - ok 15:26:14.0750 0624 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 15:26:14.0890 0624 swenum - ok 15:26:14.0968 0624 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 15:26:15.0078 0624 swmidi - ok 15:26:15.0093 0624 SwPrv - ok 15:26:15.0093 0624 symc810 - ok 15:26:15.0109 0624 symc8xx - ok 15:26:15.0156 0624 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMDS.SYS 15:26:15.0234 0624 SymDS - ok 15:26:15.0296 0624 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMEFA.SYS 15:26:15.0375 0624 SymEFA - ok 15:26:15.0421 0624 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 15:26:15.0453 0624 SymEvent - ok 15:26:15.0468 0624 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1309000.009\Ironx86.SYS 15:26:15.0500 0624 SymIRON - ok 15:26:15.0531 0624 [ 508BD882040F9CB12319E3A4FC78EDB9 ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS 15:26:15.0562 0624 SYMTDI - ok 15:26:15.0578 0624 sym_hi - ok 15:26:15.0593 0624 sym_u3 - ok 15:26:15.0609 0624 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 15:26:15.0734 0624 sysaudio - ok 15:26:15.0765 0624 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 15:26:15.0890 0624 SysmonLog - ok 15:26:15.0953 0624 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 15:26:16.0093 0624 TapiSrv - ok 15:26:16.0140 0624 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:26:16.0218 0624 Tcpip - ok 15:26:16.0250 0624 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 15:26:16.0375 0624 TDPIPE - ok 15:26:16.0390 0624 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 15:26:16.0500 0624 TDTCP - ok 15:26:16.0531 0624 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 15:26:16.0671 0624 TermDD - ok 15:26:16.0703 0624 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll 15:26:16.0828 0624 TermService - ok 15:26:16.0859 0624 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll 15:26:16.0890 0624 Themes - ok 15:26:16.0890 0624 TosIde - ok 15:26:16.0953 0624 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll 15:26:17.0140 0624 TrkWks - ok 15:26:17.0203 0624 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 15:26:17.0500 0624 Udfs - ok 15:26:17.0515 0624 ultra - ok 15:26:17.0562 0624 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 15:26:17.0750 0624 Update - ok 15:26:17.0781 0624 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll 15:26:17.0906 0624 upnphost - ok 15:26:17.0953 0624 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe 15:26:18.0093 0624 UPS - ok 15:26:18.0140 0624 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:26:18.0265 0624 usbccgp - ok 15:26:18.0281 0624 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:26:18.0406 0624 usbehci - ok 15:26:18.0437 0624 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:26:18.0562 0624 usbhub - ok 15:26:18.0578 0624 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:26:18.0718 0624 usbprint - ok 15:26:18.0750 0624 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:26:18.0859 0624 usbscan - ok 15:26:18.0968 0624 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:26:19.0078 0624 USBSTOR - ok 15:26:19.0093 0624 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 15:26:19.0218 0624 usbuhci - ok 15:26:19.0265 0624 [ 51750B0539986186C6931FC40D171521 ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys 15:26:19.0281 0624 VComm - ok 15:26:19.0296 0624 [ 6D9C891C0A761AFED1F3609C2E56F2B9 ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys 15:26:19.0312 0624 VcommMgr - ok 15:26:19.0343 0624 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 15:26:19.0453 0624 VgaSave - ok 15:26:19.0453 0624 ViaIde - ok 15:26:19.0500 0624 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 15:26:19.0625 0624 VolSnap - ok 15:26:19.0671 0624 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe 15:26:19.0812 0624 VSS - ok 15:26:19.0843 0624 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll 15:26:19.0968 0624 W32Time - ok 15:26:20.0000 0624 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:26:20.0125 0624 Wanarp - ok 15:26:20.0140 0624 WDICA - ok 15:26:20.0156 0624 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 15:26:20.0265 0624 wdmaud - ok 15:26:20.0312 0624 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll 15:26:20.0453 0624 WebClient - ok 15:26:20.0515 0624 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe 15:26:20.0546 0624 WinDefend - ok 15:26:20.0656 0624 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 15:26:20.0781 0624 winmgmt - ok 15:26:20.0828 0624 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 15:26:21.0078 0624 WmdmPmSN - ok 15:26:21.0109 0624 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 15:26:21.0250 0624 WmiApSrv - ok 15:26:21.0359 0624 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 15:26:21.0421 0624 WMPNetworkSvc - ok 15:26:21.0453 0624 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 15:26:21.0578 0624 wscsvc - ok 15:26:21.0593 0624 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 15:26:21.0734 0624 wuauserv - ok 15:26:21.0765 0624 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 15:26:21.0812 0624 WudfPf - ok 15:26:21.0828 0624 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 15:26:21.0875 0624 WudfRd - ok 15:26:21.0890 0624 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 15:26:21.0984 0624 WudfSvc - ok 15:26:22.0015 0624 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 15:26:22.0156 0624 WZCSVC - ok 15:26:22.0187 0624 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 15:26:22.0359 0624 xmlprov - ok 15:26:22.0359 0624 ================ Scan global =============================== 15:26:22.0406 0624 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll 15:26:22.0421 0624 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll 15:26:22.0468 0624 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll 15:26:22.0484 0624 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe 15:26:22.0484 0624 [Global] - ok 15:26:22.0484 0624 ================ Scan MBR ================================== 15:26:22.0515 0624 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0 15:26:22.0734 0624 \Device\Harddisk0\DR0 - ok 15:26:23.0078 0624 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR3 15:26:23.0218 0624 \Device\Harddisk1\DR3 - ok 15:26:23.0218 0624 ================ Scan VBR ================================== 15:26:23.0234 0624 [ C4C46FC3AB50F112270E26B5D8D32770 ] \Device\Harddisk0\DR0\Partition1 15:26:23.0234 0624 \Device\Harddisk0\DR0\Partition1 - ok 15:26:23.0234 0624 [ 2877D21307F0A6B40F296B4C8642ED3C ] \Device\Harddisk0\DR0\Partition2 15:26:23.0234 0624 \Device\Harddisk0\DR0\Partition2 - ok 15:26:23.0281 0624 [ 6491C57FD83D23B470881022F0ACBBC4 ] \Device\Harddisk1\DR3\Partition1 15:26:23.0281 0624 \Device\Harddisk1\DR3\Partition1 - ok 15:26:23.0281 0624 ============================================================ 15:26:23.0281 0624 Scan finished 15:26:23.0281 0624 ============================================================ 15:26:23.0421 0568 Detected object count: 5 15:26:23.0421 0568 Actual detected object count: 5 15:29:58.0468 0568 bgsvcgen ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 bgsvcgen ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip