Dannyjs

Ja, het komt niet meer voor. De iconen op het bureaublad heb ik ook terug (aangevinkt in de rechtermuismenu onder 'beeld') Bedankt hiervoor Zal mijn malwarebeveiliging ook moeten bekijken. Danny

# AdwCleaner v3.018 - Report created 28/01/2014 at 20:26:34 # Updated 28/01/2014 by Xplode # Operating System : Windows 8 (64 bits) # Username : Admin - HP-THUISPC # Running from : C:\Users\Admin\Downloads\adwcleaner (1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\InstallCore ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 -\\ Google Chrome v32.0.1700.76 [ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1169 octets] - [28/01/2014 20:23:19] AdwCleaner[s0].txt - [1000 octets] - [28/01/2014 20:26:34] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1060 octets] ##########

Hoi, Ze zeggen mij juist dat de computer vandaag nog gebruikt geweest is. Waaronder ook opslag op een USB stick. Ik weet niet of dit gevolgen heeft voor het verdere verloop. Danny

Zoek.exe v5.0.0.0 Updated 25-January-2014 Tool run by Admin on ma 27/01/2014 at 20:17:22,80. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Admin\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-27-170417.log 16026 bytes ==== Deleting Files \ Folders ====================== C:\Users\Admin\Downloads\infrarecorder [1] not found C:\Program Files (x86)\RightSurf not found C:\Users\Admin\AppData\Roaming\InfraRecorder deleted C:\Program Files (x86)\InfraRecorder deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=106 folders=19 18250677 bytes) ==== EOF on ma 27/01/2014 at 20:18:34,29 ======================

[ATTACH]30060[/ATTACH] zoek-results.log

log.txt downloaden

Hallo Sinds vandaag heb ik geen enkel icoon meer op het bureaublad staan. Op internetpagina (IE) komt er langs rechts een inschuifbalk tevoorschijn met titel 'Related Searches' en soms een pop-upvenster aan de onderkant. Volgens ik kon vinden zou het om malware gaan. Gisteren heb ik het programma 'InfraRecorder' (om een iso-bestand op een DVD te branden)gedownload en ook het iso-bestand van linuxmint. Wat kan ik doen om dit te verwijderen? Alvast bedankt voor de reactie Danny Hieronder het RSIT log (kan het RSIT niet meesturen. Bijlage bijvoegen gaat niet. In het venster om het bestand te kiezen komt de inschuifbalk en de knop van bestand kiezen valt uit het venster. Ook het bijplakken bij het bericht gaat niet)

Nogmaals bedankt

Het ziet er goed uit. Alle zoekopdrachten komen goed terecht.

HitmanPro 3.7.1.186 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : PRELOAD Windows . . . . . . . : 5.1.3.2600.X86/2 User name . . . . . . : PRELOAD\admin License . . . . . . . : Free Scan date . . . . . . : 2013-01-30 22:54:09 Scan mode . . . . . . : Normal Scan duration . . . . : 3m 22s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 437 Objects scanned . . . : 769.615 Files scanned . . . . : 47.704 Remnants scanned . . : 203.244 files / 518.667 keys Malware _____________________________________________________________________ C:\WINDOWS\system32\Lffpx73.dll Size . . . . . . . : 102.400 bytes Age . . . . . . . : 74.0 days (2012-11-17 21:59:42) Entropy . . . . . : 5.6 SHA-256 . . . . . : 1E087D3C0FC91739763FEB9575B484DE80DBFBB9252E63FD44089C7800559343 > G Data . . . . . . : Gen:Variant.Symmi.8356 (Engine A) > Ikarus . . . . . . : Trojan.Crypt!IK Fuzzy . . . . . . : 115.0 Startup C:\WINDOWS\Tasks\UQNAEBM.job Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) HKU\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\AskTB5.6 (AskBar) Cookies _____________________________________________________________________ C:\Documents and Settings\admin\Cookies\0F5G68ZE.txt C:\Documents and Settings\admin\Cookies\0HBO3BQJ.txt C:\Documents and Settings\admin\Cookies\0IHHOCIA.txt C:\Documents and Settings\admin\Cookies\0IMG9AIT.txt C:\Documents and Settings\admin\Cookies\0K3E0D60.txt C:\Documents and Settings\admin\Cookies\0KLBPFMT.txt C:\Documents and Settings\admin\Cookies\0QFCJ3VZ.txt C:\Documents and Settings\admin\Cookies\0QW6J1F1.txt C:\Documents and Settings\admin\Cookies\0ZN1D40R.txt C:\Documents and Settings\admin\Cookies\1332G3JE.txt C:\Documents and Settings\admin\Cookies\14SXFHKF.txt C:\Documents and Settings\admin\Cookies\1YNKHADZ.txt C:\Documents and Settings\admin\Cookies\1ZW5D6BT.txt C:\Documents and Settings\admin\Cookies\21TK81TT.txt C:\Documents and Settings\admin\Cookies\24H6U99U.txt C:\Documents and Settings\admin\Cookies\2F9J15P2.txt C:\Documents and Settings\admin\Cookies\2JB1V3SZ.txt C:\Documents and Settings\admin\Cookies\2JIHKVB2.txt C:\Documents and Settings\admin\Cookies\2NFX8W90.txt C:\Documents and Settings\admin\Cookies\2X1Y3ZZ9.txt C:\Documents and Settings\admin\Cookies\2Z6AOSUA.txt C:\Documents and Settings\admin\Cookies\30EYXN5M.txt C:\Documents and Settings\admin\Cookies\32GKW5V3.txt C:\Documents and Settings\admin\Cookies\331PD0BN.txt C:\Documents and Settings\admin\Cookies\33D7BJFP.txt C:\Documents and Settings\admin\Cookies\34X5DRCL.txt C:\Documents and Settings\admin\Cookies\3A2AN1XV.txt C:\Documents and Settings\admin\Cookies\3EM4BX2Q.txt C:\Documents and Settings\admin\Cookies\3PCSTTQU.txt C:\Documents and Settings\admin\Cookies\3SYOFN73.txt C:\Documents and Settings\admin\Cookies\3T0D2BGR.txt C:\Documents and Settings\admin\Cookies\3XJD6BQI.txt C:\Documents and Settings\admin\Cookies\44XTH6ZU.txt C:\Documents and Settings\admin\Cookies\478QO8LI.txt C:\Documents and Settings\admin\Cookies\4A6CAMRV.txt C:\Documents and Settings\admin\Cookies\4CPGU5Q2.txt C:\Documents and Settings\admin\Cookies\4D2RFAIK.txt C:\Documents and Settings\admin\Cookies\4PLDXU5H.txt C:\Documents and Settings\admin\Cookies\4RMF54GH.txt C:\Documents and Settings\admin\Cookies\4YDYWYMQ.txt C:\Documents and Settings\admin\Cookies\4ZRF4TSF.txt C:\Documents and Settings\admin\Cookies\52LA36E5.txt C:\Documents and Settings\admin\Cookies\54L9J4OQ.txt C:\Documents and Settings\admin\Cookies\568MFU0K.txt C:\Documents and Settings\admin\Cookies\5IMB4UHT.txt C:\Documents and Settings\admin\Cookies\5NOT817W.txt C:\Documents and Settings\admin\Cookies\5Q2DZD7F.txt C:\Documents and Settings\admin\Cookies\5UFXL1I1.txt C:\Documents and Settings\admin\Cookies\5XTCLQXC.txt C:\Documents and Settings\admin\Cookies\61WFF17C.txt C:\Documents and Settings\admin\Cookies\6295681U.txt C:\Documents and Settings\admin\Cookies\66OT5BP1.txt C:\Documents and Settings\admin\Cookies\69JP87TC.txt C:\Documents and Settings\admin\Cookies\6BRTRPD3.txt C:\Documents and Settings\admin\Cookies\6G0UY828.txt C:\Documents and Settings\admin\Cookies\6MLPX44T.txt C:\Documents and Settings\admin\Cookies\6ONFSX62.txt C:\Documents and Settings\admin\Cookies\6PS4EAD0.txt C:\Documents and Settings\admin\Cookies\6UMLE6SH.txt C:\Documents and Settings\admin\Cookies\6W1OHV1Q.txt C:\Documents and Settings\admin\Cookies\70I04ZJW.txt C:\Documents and Settings\admin\Cookies\71A6WGHI.txt C:\Documents and Settings\admin\Cookies\72F4YH4X.txt C:\Documents and Settings\admin\Cookies\72VMEDSO.txt C:\Documents and Settings\admin\Cookies\743AZO9W.txt C:\Documents and Settings\admin\Cookies\76LHOWL9.txt C:\Documents and Settings\admin\Cookies\77Z0E8QV.txt C:\Documents and Settings\admin\Cookies\78NUWD51.txt C:\Documents and Settings\admin\Cookies\7FFI3HVI.txt C:\Documents and Settings\admin\Cookies\7FG4VZUZ.txt C:\Documents and Settings\admin\Cookies\7GJWKQMJ.txt C:\Documents and Settings\admin\Cookies\7VDKAKS4.txt C:\Documents and Settings\admin\Cookies\7YMEA3MK.txt C:\Documents and Settings\admin\Cookies\84N0PA10.txt C:\Documents and Settings\admin\Cookies\856E1888.txt C:\Documents and Settings\admin\Cookies\88SHPJFC.txt C:\Documents and Settings\admin\Cookies\8FLM1RBF.txt C:\Documents and Settings\admin\Cookies\8JU61BRX.txt C:\Documents and Settings\admin\Cookies\8MQT2LGU.txt C:\Documents and Settings\admin\Cookies\8RU5JU3O.txt C:\Documents and Settings\admin\Cookies\91JTUWFR.txt C:\Documents and Settings\admin\Cookies\951E2XSK.txt C:\Documents and Settings\admin\Cookies\9735UGXB.txt C:\Documents and Settings\admin\Cookies\976Q4SC3.txt C:\Documents and Settings\admin\Cookies\98AHS3WS.txt C:\Documents and Settings\admin\Cookies\99M66J1F.txt C:\Documents and Settings\admin\Cookies\9KC2JZEA.txt C:\Documents and Settings\admin\Cookies\9L4D33KZ.txt C:\Documents and Settings\admin\Cookies\9Q8477HY.txt C:\Documents and Settings\admin\Cookies\9RJ827PU.txt C:\Documents and Settings\admin\Cookies\9V9FDHEY.txt C:\Documents and Settings\admin\Cookies\A0KBMLB2.txt C:\Documents and Settings\admin\Cookies\A62DS91O.txt C:\Documents and Settings\admin\Cookies\admin@2hot****[2].txt C:\Documents and Settings\admin\Cookies\admin@ad.adocean[1].txt C:\Documents and Settings\admin\Cookies\admin@ad.caradisiac[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.adtop[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.adultpopunders[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.asp[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.belcenter[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.bnmedia[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.carbu[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.carocean.co[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.christianpost[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.columbusmagazine[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.eisma[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.elkspel[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.emesa[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.friendlyjerk[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.kookjij[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.myjizztube[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.neudesicmediagroup[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.nmv[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.o2[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.oneclicktube[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.****ostiefn[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.postimees[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.raasnet[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.routeyou[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.songteksten[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.stockverkoopadressen[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.supplyframe[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.traffikings[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.watchmygf[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.adremedy[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver.bluestar-interactive[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver.deinternetregie[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.ignitad[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.ikiosk[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.qplaygames[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.yopi[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver2.spele[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver3.spele[2].txt C:\Documents and Settings\admin\Cookies\admin@advertentie.zoekwekker[1].txt C:\Documents and Settings\admin\Cookies\admin@adverteren-gratis[2].txt C:\Documents and Settings\admin\Cookies\admin@advertising.studioemma[1].txt C:\Documents and Settings\admin\Cookies\admin@am1.activemeter[2].txt C:\Documents and Settings\admin\Cookies\admin@amateursexpert[2].txt C:\Documents and Settings\admin\Cookies\admin@auth.livejasmin[2].txt C:\Documents and Settings\admin\Cookies\admin@banners.facebookofsex[1].txt C:\Documents and Settings\admin\Cookies\admin@crazy****7[2].txt C:\Documents and Settings\admin\Cookies\admin@delivery.adyea[2].txt C:\Documents and Settings\admin\Cookies\admin@dicksgeilesexxxpagina[1].txt C:\Documents and Settings\admin\Cookies\admin@dumpa****[2].txt C:\Documents and Settings\admin\Cookies\admin@facebookofsex[1].txt C:\Documents and Settings\admin\Cookies\admin@free.****dirt[2].txt C:\Documents and Settings\admin\Cookies\admin@freezingsex[1].txt C:\Documents and Settings\admin\Cookies\admin@fuck-tube[1].txt C:\Documents and Settings\admin\Cookies\admin@fuck-vids[1].txt C:\Documents and Settings\admin\Cookies\admin@fuckinghard[1].txt C:\Documents and Settings\admin\Cookies\admin@gratis-****o-filmpjes[2].txt C:\Documents and Settings\admin\Cookies\admin@gratis****ofilmpje[2].txt C:\Documents and Settings\admin\Cookies\admin@hornymatches[1].txt C:\Documents and Settings\admin\Cookies\admin@idfact.adservinginternational[1].txt C:\Documents and Settings\admin\Cookies\admin@in.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@justmakeitsexy[1].txt C:\Documents and Settings\admin\Cookies\admin@m.mystats[2].txt C:\Documents and Settings\admin\Cookies\admin@m2.sexgarantie[2].txt C:\Documents and Settings\admin\Cookies\admin@m2.sexgarantie[3].txt C:\Documents and Settings\admin\Cookies\admin@mature-amateur-sex[2].txt C:\Documents and Settings\admin\Cookies\admin@naked[2].txt C:\Documents and Settings\admin\Cookies\admin@noobfuck[2].txt C:\Documents and Settings\admin\Cookies\admin@novo****[2].txt C:\Documents and Settings\admin\Cookies\admin@onetwo****[2].txt C:\Documents and Settings\admin\Cookies\admin@****oland.x0[1].txt C:\Documents and Settings\admin\Cookies\admin@****omedia[1].txt C:\Documents and Settings\admin\Cookies\admin@****toob[1].txt C:\Documents and Settings\admin\Cookies\admin@****visit[1].txt C:\Documents and Settings\admin\Cookies\admin@****ycom[1].txt C:\Documents and Settings\admin\Cookies\admin@privesexopname[1].txt C:\Documents and Settings\admin\Cookies\admin@ptrfc[1].txt C:\Documents and Settings\admin\Cookies\admin@realhomesex[1].txt C:\Documents and Settings\admin\Cookies\admin@rts.doublepimp[1].txt C:\Documents and Settings\admin\Cookies\admin@rts.lj.doublepimp[1].txt C:\Documents and Settings\admin\Cookies\admin@sexdategezocht[1].txt C:\Documents and Settings\admin\Cookies\admin@sexfilm[1].txt C:\Documents and Settings\admin\Cookies\admin@sexkanjer[1].txt C:\Documents and Settings\admin\Cookies\admin@sexprofielen[1].txt C:\Documents and Settings\admin\Cookies\admin@sexvideoshub[2].txt C:\Documents and Settings\admin\Cookies\admin@sexxxtoob[2].txt C:\Documents and Settings\admin\Cookies\admin@sexy-bitches[2].txt C:\Documents and Settings\admin\Cookies\admin@sexyclips[1].txt C:\Documents and Settings\admin\Cookies\admin@sexyclips[2].txt C:\Documents and Settings\admin\Cookies\admin@sexyfunpics[2].txt C:\Documents and Settings\admin\Cookies\admin@sexytimez[2].txt C:\Documents and Settings\admin\Cookies\admin@simpel.adservinginternational[2].txt C:\Documents and Settings\admin\Cookies\admin@sparkle.adservinginternational[1].txt C:\Documents and Settings\admin\Cookies\admin@static.freewebs.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.belgacom[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.belgacomtv[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.edgevertising[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.n3po[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.n3po[3].txt C:\Documents and Settings\admin\Cookies\admin@stats.searchtrack[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.velleman[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.yours[2].txt C:\Documents and Settings\admin\Cookies\admin@t4.trackalyzer[1].txt C:\Documents and Settings\admin\Cookies\admin@teensexcraze[2].txt C:\Documents and Settings\admin\Cookies\admin@thuisexperimenteren[2].txt C:\Documents and Settings\admin\Cookies\admin@topamateur****[1].txt C:\Documents and Settings\admin\Cookies\admin@track.monitis[2].txt C:\Documents and Settings\admin\Cookies\admin@trackalyzer[1].txt C:\Documents and Settings\admin\Cookies\admin@tsprotraffic[1].txt C:\Documents and Settings\admin\Cookies\admin@twofuckers[1].txt C:\Documents and Settings\admin\Cookies\admin@videos****o[1].txt C:\Documents and Settings\admin\Cookies\admin@watchgf****[1].txt C:\Documents and Settings\admin\Cookies\admin@webanalytics.crownpeak.com.re.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@www.amateursexpert[1].txt C:\Documents and Settings\admin\Cookies\admin@www.dicksgeilesexxxpagina[2].txt C:\Documents and Settings\admin\Cookies\admin@www.fuck-tube[2].txt C:\Documents and Settings\admin\Cookies\admin@www.fuck-vids[1].txt C:\Documents and Settings\admin\Cookies\admin@www.fuckinghard[1].txt C:\Documents and Settings\admin\Cookies\admin@www.fucksexxx[1].txt C:\Documents and Settings\admin\Cookies\admin@www.gratis-****o-filmpjes[1].txt C:\Documents and Settings\admin\Cookies\admin@www.gratissexfilmpjes[2].txt C:\Documents and Settings\admin\Cookies\admin@www.gratissexfilmpjes[3].txt C:\Documents and Settings\admin\Cookies\admin@www.homesexdaily[1].txt C:\Documents and Settings\admin\Cookies\admin@www.justmakeitsexy[1].txt C:\Documents and Settings\admin\Cookies\admin@www.keiharde****o[1].txt C:\Documents and Settings\admin\Cookies\admin@www.keiharde****o[3].txt C:\Documents and Settings\admin\Cookies\admin@www.mystats[1].txt C:\Documents and Settings\admin\Cookies\admin@www.onetwo****[2].txt C:\Documents and Settings\admin\Cookies\admin@www.****-paradise[1].txt C:\Documents and Settings\admin\Cookies\admin@www.****ycom[1].txt C:\Documents and Settings\admin\Cookies\admin@www.realitykings[3].txt C:\Documents and Settings\admin\Cookies\admin@www.sexprofielen[1].txt C:\Documents and Settings\admin\Cookies\admin@www.sexvideoshub[2].txt C:\Documents and Settings\admin\Cookies\admin@www.sexyclips[2].txt C:\Documents and Settings\admin\Cookies\admin@www.sexytimez[1].txt C:\Documents and Settings\admin\Cookies\admin@www.teensexcraze[1].txt C:\Documents and Settings\admin\Cookies\admin@www.the****clips[2].txt C:\Documents and Settings\admin\Cookies\admin@www.tini****[1].txt C:\Documents and Settings\admin\Cookies\admin@www.xxxmofo[1].txt C:\Documents and Settings\admin\Cookies\admin@www.xxx****[2].txt C:\Documents and Settings\admin\Cookies\admin@xxxmofo[3].txt C:\Documents and Settings\admin\Cookies\admin@xxx****x[1].txt C:\Documents and Settings\admin\Cookies\admin@xxxprivates[1].txt C:\Documents and Settings\admin\Cookies\ALRAV6JC.txt C:\Documents and Settings\admin\Cookies\ANG4V927.txt C:\Documents and Settings\admin\Cookies\ASQ026VM.txt C:\Documents and Settings\admin\Cookies\AWP9VJSV.txt C:\Documents and Settings\admin\Cookies\AXCPWM7S.txt C:\Documents and Settings\admin\Cookies\B4L3GZBH.txt C:\Documents and Settings\admin\Cookies\B93SG5M1.txt C:\Documents and Settings\admin\Cookies\BG506ERF.txt C:\Documents and Settings\admin\Cookies\BGH9C169.txt C:\Documents and Settings\admin\Cookies\BHCSKTQ9.txt C:\Documents and Settings\admin\Cookies\BNH2CS5R.txt C:\Documents and Settings\admin\Cookies\C3S1G3JO.txt C:\Documents and Settings\admin\Cookies\C6E1Y9P7.txt C:\Documents and Settings\admin\Cookies\C8VEKI1W.txt C:\Documents and Settings\admin\Cookies\CDT2ZI6M.txt C:\Documents and Settings\admin\Cookies\CE1SS5M8.txt C:\Documents and Settings\admin\Cookies\CENFUHDB.txt C:\Documents and Settings\admin\Cookies\CH8MHPMK.txt C:\Documents and Settings\admin\Cookies\CJGEBJ1S.txt C:\Documents and Settings\admin\Cookies\CQHK3LE3.txt C:\Documents and Settings\admin\Cookies\D0VSOP6E.txt C:\Documents and Settings\admin\Cookies\D4574B6D.txt C:\Documents and Settings\admin\Cookies\D7BE316S.txt C:\Documents and Settings\admin\Cookies\D7DBBZDB.txt C:\Documents and Settings\admin\Cookies\D7GLE6VV.txt C:\Documents and Settings\admin\Cookies\DGTJAZMG.txt C:\Documents and Settings\admin\Cookies\DH89861S.txt C:\Documents and Settings\admin\Cookies\DMDH8QRL.txt C:\Documents and Settings\admin\Cookies\DOPEWJY4.txt C:\Documents and Settings\admin\Cookies\DRJ136FU.txt C:\Documents and Settings\admin\Cookies\DZV9O5K6.txt C:\Documents and Settings\admin\Cookies\E1UIGJI6.txt C:\Documents and Settings\admin\Cookies\E63Y83VH.txt C:\Documents and Settings\admin\Cookies\EB9MF6NT.txt C:\Documents and Settings\admin\Cookies\EIUABBCT.txt C:\Documents and Settings\admin\Cookies\F0WEL552.txt C:\Documents and Settings\admin\Cookies\F2D1PMIM.txt C:\Documents and Settings\admin\Cookies\FABEW3B7.txt C:\Documents and Settings\admin\Cookies\FQ5471DM.txt C:\Documents and Settings\admin\Cookies\FS0NRAOS.txt C:\Documents and Settings\admin\Cookies\FXH6TJDL.txt C:\Documents and Settings\admin\Cookies\G28KSAAY.txt C:\Documents and Settings\admin\Cookies\G2GW3VOH.txt C:\Documents and Settings\admin\Cookies\GGTMNGN0.txt C:\Documents and Settings\admin\Cookies\GOFCKGCA.txt C:\Documents and Settings\admin\Cookies\GYQKO3K6.txt C:\Documents and Settings\admin\Cookies\GZMG0BC5.txt C:\Documents and Settings\admin\Cookies\H15R3QHJ.txt C:\Documents and Settings\admin\Cookies\H1B1E1RB.txt C:\Documents and Settings\admin\Cookies\H2PDRCOB.txt C:\Documents and Settings\admin\Cookies\H8X299OL.txt C:\Documents and Settings\admin\Cookies\HBK60RPY.txt C:\Documents and Settings\admin\Cookies\HE4HR27Q.txt C:\Documents and Settings\admin\Cookies\HF5M3FQL.txt C:\Documents and Settings\admin\Cookies\HKCHQU29.txt C:\Documents and Settings\admin\Cookies\HL2C4YL7.txt C:\Documents and Settings\admin\Cookies\HV3N6N7P.txt C:\Documents and Settings\admin\Cookies\I0ADO2KO.txt C:\Documents and Settings\admin\Cookies\I97W983F.txt C:\Documents and Settings\admin\Cookies\I9JREUDA.txt C:\Documents and Settings\admin\Cookies\IC3TJE5O.txt C:\Documents and Settings\admin\Cookies\IEIYAH4B.txt C:\Documents and Settings\admin\Cookies\IMOIMCTD.txt C:\Documents and Settings\admin\Cookies\IRE3MEZS.txt C:\Documents and Settings\admin\Cookies\IX7IOR8I.txt C:\Documents and Settings\admin\Cookies\J13Y9LBI.txt C:\Documents and Settings\admin\Cookies\J22KZ5PB.txt C:\Documents and Settings\admin\Cookies\J9004GUH.txt C:\Documents and Settings\admin\Cookies\JHPA7JIR.txt C:\Documents and Settings\admin\Cookies\JIWY2TDV.txt C:\Documents and Settings\admin\Cookies\JPM1M8MH.txt C:\Documents and Settings\admin\Cookies\JSQLK705.txt C:\Documents and Settings\admin\Cookies\JT27J99Q.txt C:\Documents and Settings\admin\Cookies\JXFNH5F6.txt C:\Documents and Settings\admin\Cookies\K0TIDSD5.txt C:\Documents and Settings\admin\Cookies\KGXY57ZR.txt C:\Documents and Settings\admin\Cookies\KIGURJSS.txt C:\Documents and Settings\admin\Cookies\KM54RE9P.txt C:\Documents and Settings\admin\Cookies\KOOOAPOT.txt C:\Documents and Settings\admin\Cookies\KP31QQ1Q.txt C:\Documents and Settings\admin\Cookies\KXYNK9BY.txt C:\Documents and Settings\admin\Cookies\KYXIZB5O.txt C:\Documents and Settings\admin\Cookies\LEFW36NL.txt C:\Documents and Settings\admin\Cookies\LJAHX2W8.txt C:\Documents and Settings\admin\Cookies\LK67GXFC.txt C:\Documents and Settings\admin\Cookies\LQ2ZKONA.txt C:\Documents and Settings\admin\Cookies\LXC7164S.txt C:\Documents and Settings\admin\Cookies\MHA716L4.txt C:\Documents and Settings\admin\Cookies\MHGPNG1R.txt C:\Documents and Settings\admin\Cookies\MS7TCD1Y.txt C:\Documents and Settings\admin\Cookies\MU5RM44B.txt C:\Documents and Settings\admin\Cookies\MUDKG9AX.txt C:\Documents and Settings\admin\Cookies\MZZSJZCF.txt C:\Documents and Settings\admin\Cookies\N17J1E3U.txt C:\Documents and Settings\admin\Cookies\N2S9P93U.txt C:\Documents and Settings\admin\Cookies\N54ZJ91K.txt C:\Documents and Settings\admin\Cookies\N9YLAH7L.txt C:\Documents and Settings\admin\Cookies\NAOPMOCS.txt C:\Documents and Settings\admin\Cookies\NB78BRUN.txt C:\Documents and Settings\admin\Cookies\NDCN8SAE.txt C:\Documents and Settings\admin\Cookies\NEEC3YD5.txt C:\Documents and Settings\admin\Cookies\NHEV3L32.txt C:\Documents and Settings\admin\Cookies\NQDHQJGY.txt C:\Documents and Settings\admin\Cookies\NUSU85P6.txt C:\Documents and Settings\admin\Cookies\NVLZA1QS.txt C:\Documents and Settings\admin\Cookies\NXV0Z6X6.txt C:\Documents and Settings\admin\Cookies\NY6UBFFN.txt C:\Documents and Settings\admin\Cookies\NZJIJSOK.txt C:\Documents and Settings\admin\Cookies\NZRJ25XR.txt C:\Documents and Settings\admin\Cookies\O07P8WTM.txt C:\Documents and Settings\admin\Cookies\O11540TT.txt C:\Documents and Settings\admin\Cookies\O3PR9YNE.txt C:\Documents and Settings\admin\Cookies\O4Z3S92J.txt C:\Documents and Settings\admin\Cookies\O8ZEU0LL.txt C:\Documents and Settings\admin\Cookies\OACWCKCO.txt C:\Documents and Settings\admin\Cookies\OD4MSB9Z.txt C:\Documents and Settings\admin\Cookies\OMGTHXT4.txt C:\Documents and Settings\admin\Cookies\OO8TAIH1.txt C:\Documents and Settings\admin\Cookies\OQAAY7AZ.txt C:\Documents and Settings\admin\Cookies\OTUXEJ9K.txt C:\Documents and Settings\admin\Cookies\OU2FNY2V.txt C:\Documents and Settings\admin\Cookies\OV8AAE7Q.txt C:\Documents and Settings\admin\Cookies\OVYBI1PK.txt C:\Documents and Settings\admin\Cookies\OYBC66BO.txt C:\Documents and Settings\admin\Cookies\P72IIBIX.txt C:\Documents and Settings\admin\Cookies\PFDEBL4C.txt C:\Documents and Settings\admin\Cookies\PNYMXQWS.txt C:\Documents and Settings\admin\Cookies\PQ1KKW5S.txt C:\Documents and Settings\admin\Cookies\PSTBW6FP.txt C:\Documents and Settings\admin\Cookies\Q4VKZTRN.txt C:\Documents and Settings\admin\Cookies\QD59KWLR.txt C:\Documents and Settings\admin\Cookies\QW749JL4.txt C:\Documents and Settings\admin\Cookies\QX2OX261.txt C:\Documents and Settings\admin\Cookies\R1YNANQK.txt C:\Documents and Settings\admin\Cookies\R826OW0Z.txt C:\Documents and Settings\admin\Cookies\REDDAJ74.txt C:\Documents and Settings\admin\Cookies\RKB81BF7.txt C:\Documents and Settings\admin\Cookies\RU5FKP27.txt C:\Documents and Settings\admin\Cookies\RZ32GSZI.txt C:\Documents and Settings\admin\Cookies\S7F7NSWN.txt C:\Documents and Settings\admin\Cookies\SCXO5H1D.txt C:\Documents and Settings\admin\Cookies\SFTOOVX7.txt C:\Documents and Settings\admin\Cookies\SMLX4NKC.txt C:\Documents and Settings\admin\Cookies\SSRZRMRY.txt C:\Documents and Settings\admin\Cookies\T21MPCJT.txt C:\Documents and Settings\admin\Cookies\T2U71KAG.txt C:\Documents and Settings\admin\Cookies\T4ZKVCSF.txt C:\Documents and Settings\admin\Cookies\TGPLLALP.txt C:\Documents and Settings\admin\Cookies\TUARRBX8.txt C:\Documents and Settings\admin\Cookies\U3ZA49RL.txt C:\Documents and Settings\admin\Cookies\U4SMRJPG.txt C:\Documents and Settings\admin\Cookies\U5VODR8M.txt C:\Documents and Settings\admin\Cookies\UD5OT3F1.txt C:\Documents and Settings\admin\Cookies\UEM6UCQY.txt C:\Documents and Settings\admin\Cookies\UGPM8J17.txt C:\Documents and Settings\admin\Cookies\UGZC6570.txt C:\Documents and Settings\admin\Cookies\UN4HE5WO.txt C:\Documents and Settings\admin\Cookies\UVID54MN.txt C:\Documents and Settings\admin\Cookies\UWEEHDGL.txt C:\Documents and Settings\admin\Cookies\UZ5058I5.txt C:\Documents and Settings\admin\Cookies\UZIGPRTI.txt C:\Documents and Settings\admin\Cookies\UZOSWSLZ.txt C:\Documents and Settings\admin\Cookies\V3JLW0IS.txt C:\Documents and Settings\admin\Cookies\V5KZ5USI.txt C:\Documents and Settings\admin\Cookies\V6QW35HB.txt C:\Documents and Settings\admin\Cookies\V7EN0ZT3.txt C:\Documents and Settings\admin\Cookies\VI0G5PRL.txt C:\Documents and Settings\admin\Cookies\VI8UTUEP.txt C:\Documents and Settings\admin\Cookies\WCGC26TR.txt C:\Documents and Settings\admin\Cookies\WG0HCKX1.txt C:\Documents and Settings\admin\Cookies\WJKMUH1W.txt C:\Documents and Settings\admin\Cookies\WSUVKYPQ.txt C:\Documents and Settings\admin\Cookies\WT8LQMC7.txt C:\Documents and Settings\admin\Cookies\X181HP80.txt C:\Documents and Settings\admin\Cookies\X2BZXTW5.txt C:\Documents and Settings\admin\Cookies\X6EAU0OR.txt C:\Documents and Settings\admin\Cookies\X6OJG04H.txt C:\Documents and Settings\admin\Cookies\XC0SOSUD.txt C:\Documents and Settings\admin\Cookies\XC1NNCGD.txt C:\Documents and Settings\admin\Cookies\XC48G65B.txt C:\Documents and Settings\admin\Cookies\XD5WQZ1Q.txt C:\Documents and Settings\admin\Cookies\XYUF30Z1.txt C:\Documents and Settings\admin\Cookies\YCURW1WG.txt C:\Documents and Settings\admin\Cookies\YFWM2RQV.txt C:\Documents and Settings\admin\Cookies\YICAPPMA.txt C:\Documents and Settings\admin\Cookies\YTWDLJ5W.txt C:\Documents and Settings\admin\Cookies\YWGY6G1K.txt C:\Documents and Settings\admin\Cookies\YWSC9UQH.txt C:\Documents and Settings\admin\Cookies\Z3DTRECR.txt C:\Documents and Settings\admin\Cookies\Z8KA1DJN.txt C:\Documents and Settings\admin\Cookies\ZC705S2K.txt C:\Documents and Settings\admin\Cookies\ZD439BWK.txt C:\Documents and Settings\admin\Cookies\ZDQ9NQNJ.txt C:\Documents and Settings\admin\Cookies\ZE2ML63O.txt C:\Documents and Settings\admin\Cookies\ZH261RSS.txt C:\Documents and Settings\admin\Cookies\ZPD4OYAX.txt

OTL Extras logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Nero Software AG) "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.) "C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch-software "{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp "{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes "{13356EC0-FF25-44e8-ADD8-6316F1242834}" = CameraDrivers "{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack "{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver "{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload "{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1 "{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print "{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus "{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1 "{3BA4A5B0-09B7-4baf-977D-9883A6D00A7F}" = CameraUserGuides "{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap "{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm "{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan "{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig "{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1 "{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder "{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{91EBCCB9-A539-4306-AC5A-F372E0D6092B}" = OpenOffice.org 3.3 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1043-7B44-A71000000002}" = Adobe Reader 7.1.0 - Nederlands "{AE8BF750-EC1C-45d0-94F1-57895DADDEAC}" = HP Photosmart-camera's 6.0 "{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER "{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317 "{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support "{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant "{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML "{FD04987D-96A6-4FE1-813B-82B77B8B809C}" = EPSON PRINT Image Framer Tool "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection "Adobe ActiveShare" = Adobe ActiveShare 1.3 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "BlockCAD3.19_is1" = BlockCAD 3.19 "Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0 "EDUROM Tafeltrainer" = EDUROM Tafeltrainer "EPSON Printer and Utilities" = EPSON-printersoftware "ESPR340 Gebruikershandleiding" = ESPR340 Gebruikershandleiding "HP Imaging Device Functions" = HP Imaging Device Functions 6.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.0 "HP PrecisionScan LTX" = HP PrecisionScan LTX "HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0 "HTRDIKey" = Huggly's Schildpadden Speurtocht "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Ik zie Fantasie" = Ik zie Fantasie "Ik zie, ik zie in het spookhuis" = Ik zie, ik zie in het spookhuis "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "Junior Interactif" = Junior Interactif "Lucky luke - De zingende draad-Dutch" = Lucky luke - De zingende draad "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MuseScore" = MuseScore 1.0 MuseScore score typesetter "NeroMultiInstaller!UninstallKey" = Nero Suite "NIS" = Norton Internet Security "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Overhoor_is1" = Overhoor voor Windows 4.5.1 "Partituur Expert" = Partituur Expert 2005 "PrintMaster 7.00" = PrintMaster 7.00 "QSuite_is1" = QSuite Ver2.1 "QuickTime" = QuickTime "Recuva" = Recuva "Samsung ML-1640 Series" = Samsung ML-1640 Series "SlowView" = SlowView "SpellenSpektakel" = Disney’s SpellenSpektakel "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4 "Teach2000.7 XP - The Troolean Edition_is1" = Teach2000 8.42 "TimeCalendar_is1" = TimeCalendar 1.6.7 "Trellix2DeinstKey9" = Trellix Web "VLC media player" = VLC media player 1.1.11 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1" = Albelli.be Fotoboeken "Dropbox" = Dropbox "FREEDOM SceneView" = FREEDOM SceneView "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 17/01/2013 19:07:49 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 14:09:05 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 17:26:06 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:35:25 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:01 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:04 | Computer Name = PRELOAD | Source = Application Hang | ID = 1001 Description = Fout-bucket 02337167. Error - 26/01/2013 7:41:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:41:58 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:42:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 29/01/2013 17:37:02 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. [ System Events ] Error - 28/01/2013 15:54:46 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7023 Description = De Application Management-service is gestopt met de volgende foutcode: %%126. Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd < End of report >

OTL logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\admin\Bureaublad\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) PRC - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.) PRC - C:\Program Files\TimeCalendar\TC.exe (RScience) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () MOD - C:\WINDOWS\system32\ssp2ml3.dll () ========== Services (SafeList) ========== SRV - (Planner voor Automatische LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Ad-Aware Service) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SBAMSvc) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe (Symantec Corporation) SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () SRV - (Start BT in service) -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVENG.SYS (Symantec Corporation) DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys (Symantec Corporation) DRV - (gfibto) -- C:\WINDOWS\system32\drivers\gfibto.sys (GFI Software) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130126.002\IDSXpx86.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtspx.sys (Symantec Corporation) DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccsetx86.sys (Symantec Corporation) DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symtdi.sys (Symantec Corporation) DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ironx86.sys (Symantec Corporation) DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys (Symantec Corporation) DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.) DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.) DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.) DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.) DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.) DRV - (BTHidMgr) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys (IVT Corporation.) DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys (IVT Corporation.) DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.) DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation) DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.) DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.) DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Belgian Athletics - Calendar - Results - Rankings - Athletes IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{3A4F4D88-B593-47C7-89B2-4AD73260F074}: "URL" = {searchTerms} - Bing IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/10/03 22:28:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/01/29 07:33:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\VideoBar@meep.com: C:\Program Files\Meep\FF\ [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2013/01/24 20:50:56 | 000,582,262 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost #[iPv6] O1 - Hosts: 127.0.0.1 fr.a2dfp.net O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 abcstats.com O1 - Hosts: 127.0.0.1 a.abv.bg O1 - Hosts: 127.0.0.1 adserver.abv.bg O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 ca.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 achmedia.com O1 - Hosts: 127.0.0.1 aconti.net O1 - Hosts: 127.0.0.1 secure.aconti.net O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti] O1 - Hosts: 127.0.0.1 csh.actiondesk.com O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 ads.activepower.net O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 cms.ad2click.nl O1 - Hosts: 15666 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) O4 - HKCU..\Run: [TimeCalendar] C:\Program Files\TimeCalendar\TC.exe (RScience) O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30F776CA-CAB3-4AE9-8448-D3C936EA91BC}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/08/29 16:02:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell\AutoRun\command - "" = I:\DPFMate.exe O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/01/29 22:46:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/26 14:06:04 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/26 13:11:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/01/24 20:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\host [2013/01/23 21:30:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programma's\HiJackThis [2013/01/13 22:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus [2013/01/13 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\LavasoftStatistics [2013/01/13 22:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Ad-Aware Antivirus [2013/01/13 22:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [2013/01/13 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations [2013/01/13 22:16:58 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:58 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 22:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp [2013/01/13 22:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection [2013/01/13 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner [2013/01/07 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics [2013/01/07 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Windows PowerShell 1.0 [2013/01/07 14:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2013/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2013/01/07 12:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013/01/07 12:46:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2013/01/07 12:44:57 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2013/01/07 12:44:57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2013/01/07 12:44:57 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2013/01/07 12:44:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/29 22:50:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/01/29 22:46:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/29 22:01:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/01/29 19:01:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/01/29 07:34:52 | 000,012,710 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/01/29 07:34:14 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/29 07:33:23 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\UQNAEBM.job [2013/01/29 07:33:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/01/26 17:01:55 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk [2013/01/26 17:01:24 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Dropbox.lnk [2013/01/26 14:06:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/25 01:36:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2013/01/24 20:50:56 | 000,582,262 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS [2013/01/24 20:27:08 | 000,024,666 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/23 21:10:16 | 001,249,549 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 09:53:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2013/01/21 23:35:37 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:47:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013/01/21 20:30:39 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:56 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/20 12:00:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/18 19:21:34 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\spider.sav [2013/01/15 03:18:31 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:16:55 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:55 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 10:52:58 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG [2013/01/10 02:35:34 | 000,509,332 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat [2013/01/10 02:35:34 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/01/10 02:35:34 | 000,091,008 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat [2013/01/10 02:35:34 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/01/10 02:27:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/01/09 09:55:12 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2013/01/09 09:55:12 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2013/01/09 00:06:43 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2013/01/08 20:52:33 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/01/08 20:52:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/01/07 13:03:00 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/01/06 06:33:58 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2012/12/31 13:33:22 | 000,009,160 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/23 21:10:10 | 001,249,549 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 16:12:05 | 000,024,666 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/21 23:35:33 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:30:39 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:46 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/15 03:18:31 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:49:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/13 22:21:49 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/09 00:06:43 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2012/12/31 13:33:20 | 000,009,160 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [2012/11/17 21:59:42 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\Lffpx73.dll [2012/09/17 21:07:07 | 000,028,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/08/17 16:40:41 | 000,000,375 | ---- | C] () -- C:\WINDOWS\Disney.ini [2012/06/10 20:29:08 | 000,000,996 | ---- | C] () -- C:\WINDOWS\wininit.ini [2012/05/09 18:40:02 | 000,000,076 | ---- | C] () -- C:\WINDOWS\rack32a.ini [2012/02/16 08:23:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/05 16:01:22 | 021,073,936 | ---- | C] () -- C:\Program Files\vlc-1.1.11-win32.exe [2011/09/26 17:48:39 | 000,000,354 | ---- | C] () -- C:\WINDOWS\hegames.ini [2011/07/20 08:12:58 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/07/20 08:12:58 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2009/03/30 13:26:37 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\admin\jagex_runescape_preferences.dat [2007/09/26 19:57:59 | 000,009,773 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate [2007/03/01 21:22:15 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/10/08 19:59:39 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat [2006/09/27 19:23:02 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\admin\default.pls ========== ZeroAccess Check ========== [2006/10/08 19:36:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:02:39 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:02:44 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 < End of report > - - - Updated - - - OTL logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\admin\Bureaublad\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) PRC - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () PRC - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.) PRC - C:\Program Files\TimeCalendar\TC.exe (RScience) ========== Modules (No Company Name) ========== MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () MOD - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () MOD - C:\WINDOWS\system32\ssp2ml3.dll () ========== Services (SafeList) ========== SRV - (Planner voor Automatische LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Ad-Aware Service) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SBAMSvc) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software) SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe (Symantec Corporation) SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe () SRV - (Start BT in service) -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe () SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVENG.SYS (Symantec Corporation) DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys (Symantec Corporation) DRV - (gfibto) -- C:\WINDOWS\system32\drivers\gfibto.sys (GFI Software) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130126.002\IDSXpx86.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtspx.sys (Symantec Corporation) DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccsetx86.sys (Symantec Corporation) DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symtdi.sys (Symantec Corporation) DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ironx86.sys (Symantec Corporation) DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys (Symantec Corporation) DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.) DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.) DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.) DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.) DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.) DRV - (BTHidMgr) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys (IVT Corporation.) DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys (IVT Corporation.) DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.) DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation) DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.) DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.) DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atletiekinfo.be/ IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{3A4F4D88-B593-47C7-89B2-4AD73260F074}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/10/03 22:28:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/01/29 07:33:41 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\VideoBar@meep.com: C:\Program Files\Meep\FF\ [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions [2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2013/01/24 20:50:56 | 000,582,262 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost #[iPv6] O1 - Hosts: 127.0.0.1 fr.a2dfp.net O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 abcstats.com O1 - Hosts: 127.0.0.1 a.abv.bg O1 - Hosts: 127.0.0.1 adserver.abv.bg O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 ca.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 achmedia.com O1 - Hosts: 127.0.0.1 aconti.net O1 - Hosts: 127.0.0.1 secure.aconti.net O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti] O1 - Hosts: 127.0.0.1 csh.actiondesk.com O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 ads.activepower.net O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie] O1 - Hosts: 127.0.0.1 cms.ad2click.nl O1 - Hosts: 15666 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.) O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.) O4 - HKCU..\Run: [TimeCalendar] C:\Program Files\TimeCalendar\TC.exe (RScience) O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30F776CA-CAB3-4AE9-8448-D3C936EA91BC}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/08/29 16:02:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell\AutoRun\command - "" = I:\DPFMate.exe O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell - "" = AutoRun O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/01/29 22:46:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/26 14:06:04 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/26 13:11:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013/01/24 20:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\host [2013/01/23 21:30:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programma's\HiJackThis [2013/01/13 22:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus [2013/01/13 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\LavasoftStatistics [2013/01/13 22:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Ad-Aware Antivirus [2013/01/13 22:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus [2013/01/13 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations [2013/01/13 22:16:58 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:58 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 22:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp [2013/01/13 22:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection [2013/01/13 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner [2013/01/07 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics [2013/01/07 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Windows PowerShell 1.0 [2013/01/07 14:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2013/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2013/01/07 12:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013/01/07 12:46:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2013/01/07 12:44:57 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2013/01/07 12:44:57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2013/01/07 12:44:57 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2013/01/07 12:44:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/29 22:50:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/01/29 22:46:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe [2013/01/29 22:01:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013/01/29 19:01:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013/01/29 07:34:52 | 000,012,710 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/01/29 07:34:14 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/29 07:33:23 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\UQNAEBM.job [2013/01/29 07:33:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/01/26 17:01:55 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk [2013/01/26 17:01:24 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Dropbox.lnk [2013/01/26 14:06:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe [2013/01/25 01:36:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2013/01/24 20:50:56 | 000,582,262 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS [2013/01/24 20:27:08 | 000,024,666 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/23 21:10:16 | 001,249,549 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 09:53:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2013/01/21 23:35:37 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:47:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk [2013/01/21 20:30:39 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:56 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/20 12:00:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/18 19:21:34 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\spider.sav [2013/01/15 03:18:31 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:16:55 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe [2013/01/13 22:16:55 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys [2013/01/13 10:52:58 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG [2013/01/10 02:35:34 | 000,509,332 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat [2013/01/10 02:35:34 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/01/10 02:35:34 | 000,091,008 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat [2013/01/10 02:35:34 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/01/10 02:27:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/01/09 09:55:12 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2013/01/09 09:55:12 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2013/01/09 00:06:43 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2013/01/08 20:52:33 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/01/08 20:52:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/01/07 13:03:00 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/01/06 06:33:58 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2012/12/31 13:33:22 | 000,009,160 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/23 21:10:10 | 001,249,549 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe [2013/01/23 16:12:05 | 000,024,666 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt [2013/01/21 23:35:33 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe [2013/01/21 20:30:39 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk [2013/01/20 13:07:46 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi [2013/01/15 03:18:31 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml [2013/01/13 22:49:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job [2013/01/13 22:21:49 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk [2013/01/09 00:06:43 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url [2012/12/31 13:33:20 | 000,009,160 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt [2012/11/17 21:59:42 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\Lffpx73.dll [2012/09/17 21:07:07 | 000,028,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/08/17 16:40:41 | 000,000,375 | ---- | C] () -- C:\WINDOWS\Disney.ini [2012/06/10 20:29:08 | 000,000,996 | ---- | C] () -- C:\WINDOWS\wininit.ini [2012/05/09 18:40:02 | 000,000,076 | ---- | C] () -- C:\WINDOWS\rack32a.ini [2012/02/16 08:23:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012/02/05 16:01:22 | 021,073,936 | ---- | C] () -- C:\Program Files\vlc-1.1.11-win32.exe [2011/09/26 17:48:39 | 000,000,354 | ---- | C] () -- C:\WINDOWS\hegames.ini [2011/07/20 08:12:58 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/07/20 08:12:58 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2009/03/30 13:26:37 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\admin\jagex_runescape_preferences.dat [2007/09/26 19:57:59 | 000,009,773 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate [2007/03/01 21:22:15 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006/10/08 19:59:39 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat [2006/09/27 19:23:02 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\admin\default.pls ========== ZeroAccess Check ========== [2006/10/08 19:36:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:02:39 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:02:44 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 < End of report > - - - Updated - - - OTL Extras logfile created on: 29/01/2013 22:48:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free 2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32 Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS Computer Name: PRELOAD | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Nero Software AG) "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.) "C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch-software "{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp "{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes "{13356EC0-FF25-44e8-ADD8-6316F1242834}" = CameraDrivers "{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack "{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver "{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload "{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1 "{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22 "{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print "{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus "{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1 "{3BA4A5B0-09B7-4baf-977D-9883A6D00A7F}" = CameraUserGuides "{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap "{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm "{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan "{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig "{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1 "{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder "{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver "{91EBCCB9-A539-4306-AC5A-F372E0D6092B}" = OpenOffice.org 3.3 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour "{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1043-7B44-A71000000002}" = Adobe Reader 7.1.0 - Nederlands "{AE8BF750-EC1C-45d0-94F1-57895DADDEAC}" = HP Photosmart-camera's 6.0 "{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER "{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317 "{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support "{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation) "{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant "{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML "{FD04987D-96A6-4FE1-813B-82B77B8B809C}" = EPSON PRINT Image Framer Tool "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update "{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection "Adobe ActiveShare" = Adobe ActiveShare 1.3 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "BlockCAD3.19_is1" = BlockCAD 3.19 "Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0 "EDUROM Tafeltrainer" = EDUROM Tafeltrainer "EPSON Printer and Utilities" = EPSON-printersoftware "ESPR340 Gebruikershandleiding" = ESPR340 Gebruikershandleiding "HP Imaging Device Functions" = HP Imaging Device Functions 6.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.0 "HP PrecisionScan LTX" = HP PrecisionScan LTX "HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0 "HTRDIKey" = Huggly's Schildpadden Speurtocht "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Ik zie Fantasie" = Ik zie Fantasie "Ik zie, ik zie in het spookhuis" = Ik zie, ik zie in het spookhuis "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master "Junior Interactif" = Junior Interactif "Lucky luke - De zingende draad-Dutch" = Lucky luke - De zingende draad "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MuseScore" = MuseScore 1.0 MuseScore score typesetter "NeroMultiInstaller!UninstallKey" = Nero Suite "NIS" = Norton Internet Security "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Overhoor_is1" = Overhoor voor Windows 4.5.1 "Partituur Expert" = Partituur Expert 2005 "PrintMaster 7.00" = PrintMaster 7.00 "QSuite_is1" = QSuite Ver2.1 "QuickTime" = QuickTime "Recuva" = Recuva "Samsung ML-1640 Series" = Samsung ML-1640 Series "SlowView" = SlowView "SpellenSpektakel" = Disney’s SpellenSpektakel "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4 "Teach2000.7 XP - The Troolean Edition_is1" = Teach2000 8.42 "TimeCalendar_is1" = TimeCalendar 1.6.7 "Trellix2DeinstKey9" = Trellix Web "VLC media player" = VLC media player 1.1.11 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1" = Albelli.be Fotoboeken "Dropbox" = Dropbox "FREEDOM SceneView" = FREEDOM SceneView "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 17/01/2013 19:07:49 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 14:09:05 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 19/01/2013 17:26:06 | Computer Name = PRELOAD | Source = Application Error | ID = 1000 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:35:25 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:01 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:36:04 | Computer Name = PRELOAD | Source = Application Hang | ID = 1001 Description = Fout-bucket 02337167. Error - 26/01/2013 7:41:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:41:58 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 26/01/2013 7:42:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. Error - 29/01/2013 17:37:02 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002 Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000. [ System Events ] Error - 28/01/2013 15:54:46 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7023 Description = De Application Management-service is gestopt met de volgende foutcode: %%126. Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende fout niet worden gestart: %%3 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000 Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart: %%2 Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026 Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd < End of report >

Alles verwijdert alsook zylom en 3d collapse. Terug opgestart maar het probleem blijft.

Alle zoekopdrachten worden nog algeleid naar de site van de zoekmachine zelf. Zowel google als bing. Een lege pagina is het resultaat

15:24:25.0203 0912 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 15:24:26.0156 0912 ============================================================ 15:24:26.0156 0912 Current date / time: 2013/01/26 15:24:26.0156 15:24:26.0156 0912 SystemInfo: 15:24:26.0156 0912 15:24:26.0156 0912 OS Version: 5.1.2600 ServicePack: 3.0 15:24:26.0156 0912 Product type: Workstation 15:24:26.0156 0912 ComputerName: PRELOAD 15:24:26.0156 0912 UserName: admin 15:24:26.0156 0912 Windows directory: C:\WINDOWS 15:24:26.0156 0912 System windows directory: C:\WINDOWS 15:24:26.0156 0912 Processor architecture: Intel x86 15:24:26.0156 0912 Number of processors: 2 15:24:26.0156 0912 Page size: 0x1000 15:24:26.0156 0912 Boot type: Normal boot 15:24:26.0156 0912 ============================================================ 15:24:29.0421 0912 Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 15:24:29.0500 0912 Drive \Device\Harddisk1\DR3 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 15:24:29.0500 0912 ============================================================ 15:24:29.0500 0912 \Device\Harddisk0\DR0: 15:24:29.0546 0912 MBR partitions: 15:24:29.0546 0912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559 15:24:29.0562 0912 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x1869E5D7, BlocksNum 0x4CE519C 15:24:29.0562 0912 \Device\Harddisk1\DR3: 15:24:29.0562 0912 MBR partitions: 15:24:29.0562 0912 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E938000 15:24:29.0562 0912 ============================================================ 15:24:29.0656 0912 C: <-> \Device\Harddisk0\DR0\Partition1 15:24:29.0656 0912 D: <-> \Device\Harddisk0\DR0\Partition2 15:24:30.0218 0912 H: <-> \Device\Harddisk1\DR3\Partition1 15:24:30.0250 0912 ============================================================ 15:24:30.0250 0912 Initialize success 15:24:30.0250 0912 ============================================================ 15:25:32.0328 0624 ============================================================ 15:25:32.0328 0624 Scan started 15:25:32.0328 0624 Mode: Manual; SigCheck; TDLFS; 15:25:32.0328 0624 ============================================================ 15:25:36.0562 0624 ================ Scan services ============================= 15:25:36.0687 0624 Abiosdsk - ok 15:25:36.0703 0624 abp480n5 - ok 15:25:36.0750 0624 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:25:40.0296 0624 ACPI - ok 15:25:40.0343 0624 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 15:25:40.0500 0624 ACPIEC - ok 15:25:40.0656 0624 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe 15:25:40.0750 0624 Ad-Aware Service - ok 15:25:40.0859 0624 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 15:25:40.0921 0624 AdobeFlashPlayerUpdateSvc - ok 15:25:40.0937 0624 adpu160m - ok 15:25:40.0968 0624 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 15:25:41.0109 0624 aec - ok 15:25:41.0140 0624 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 15:25:41.0234 0624 AFD - ok 15:25:41.0250 0624 Aha154x - ok 15:25:41.0250 0624 aic78u2 - ok 15:25:41.0265 0624 aic78xx - ok 15:25:41.0296 0624 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll 15:25:41.0453 0624 Alerter - ok 15:25:41.0468 0624 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe 15:25:41.0593 0624 ALG - ok 15:25:41.0609 0624 AliIde - ok 15:25:41.0609 0624 amsint - ok 15:25:41.0718 0624 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:25:41.0734 0624 Apple Mobile Device - ok 15:25:41.0734 0624 AppMgmt - ok 15:25:41.0750 0624 asc - ok 15:25:41.0750 0624 asc3350p - ok 15:25:41.0765 0624 asc3550 - ok 15:25:41.0890 0624 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:25:41.0937 0624 aspnet_state - ok 15:25:41.0984 0624 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:25:42.0109 0624 AsyncMac - ok 15:25:42.0156 0624 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 15:25:42.0406 0624 atapi - ok 15:25:42.0406 0624 Atdisk - ok 15:25:42.0453 0624 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:25:42.0609 0624 Atmarpc - ok 15:25:42.0781 0624 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 15:25:42.0921 0624 AudioSrv - ok 15:25:43.0031 0624 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 15:25:43.0218 0624 audstub - ok 15:25:43.0265 0624 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 15:25:43.0421 0624 Beep - ok 15:25:43.0453 0624 [ 71489FA2C4A238F178E30AE6E4449013 ] bgsvcgen C:\WINDOWS\system32\bgsvcgen.exe 15:25:43.0484 0624 bgsvcgen ( UnsignedFile.Multi.Generic ) - warning 15:25:43.0484 0624 bgsvcgen - detected UnsignedFile.Multi.Generic (1) 15:25:43.0671 0624 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys 15:25:43.0781 0624 BHDrvx86 - ok 15:25:43.0828 0624 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll 15:25:44.0218 0624 BITS - ok 15:25:44.0250 0624 [ 5FF9A3F3476D726AE62DA82D5DA94C36 ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys 15:25:44.0281 0624 BlueletAudio - ok 15:25:44.0312 0624 [ BD91AFC523FD59F881E1763C38FB772F ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys 15:25:44.0343 0624 BlueletSCOAudio - ok 15:25:44.0421 0624 [ E460DBC78B9162A569C6CE3B7D31216D ] BlueSoleil Hid Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe 15:25:44.0437 0624 BlueSoleil Hid Service - ok 15:25:44.0484 0624 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 15:25:44.0515 0624 Bonjour Service - ok 15:25:44.0578 0624 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll 15:25:44.0703 0624 Browser - ok 15:25:44.0734 0624 [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys 15:25:44.0750 0624 BT - ok 15:25:44.0796 0624 [ FB2ABC6D08D9F8D5ED8E02CBD18B39BB ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys 15:25:44.0812 0624 Btcsrusb - ok 15:25:44.0843 0624 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys 15:25:45.0156 0624 BthEnum - ok 15:25:45.0187 0624 [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum C:\WINDOWS\system32\Drivers\vbtenum.sys 15:25:45.0234 0624 BTHidEnum - ok 15:25:45.0234 0624 [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr C:\WINDOWS\system32\Drivers\BTHidMgr.sys 15:25:45.0250 0624 BTHidMgr - ok 15:25:45.0265 0624 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys 15:25:45.0406 0624 BTHMODEM - ok 15:25:45.0406 0624 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys 15:25:45.0578 0624 BthPan - ok 15:25:45.0609 0624 [ 29FF6A865782D0F5B8E7FA1FFAB4182B ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys 15:25:45.0703 0624 BTHPORT - ok 15:25:45.0750 0624 [ 530494EF38B7EEA798FAC9B87ECD5284 ] BthServ C:\WINDOWS\System32\bthserv.dll 15:25:45.0906 0624 BthServ - ok 15:25:45.0937 0624 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys 15:25:46.0093 0624 BTHUSB - ok 15:25:46.0109 0624 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 15:25:46.0296 0624 cbidf2k - ok 15:25:46.0375 0624 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1309000.009\ccSetx86.sys 15:25:46.0406 0624 ccSet_NIS - ok 15:25:46.0421 0624 cd20xrnt - ok 15:25:46.0437 0624 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 15:25:46.0578 0624 Cdaudio - ok 15:25:46.0593 0624 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 15:25:46.0718 0624 Cdfs - ok 15:25:46.0750 0624 [ 248349293CA42EE5DB61DC1FD85A2F49 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys 15:25:46.0765 0624 cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning 15:25:46.0765 0624 cdrbsdrv - detected UnsignedFile.Multi.Generic (1) 15:25:46.0781 0624 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:25:46.0921 0624 Cdrom - ok 15:25:46.0921 0624 Changer - ok 15:25:46.0984 0624 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe 15:25:47.0109 0624 CiSvc - ok 15:25:47.0140 0624 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 15:25:47.0484 0624 ClipSrv - ok 15:25:47.0515 0624 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:25:47.0562 0624 clr_optimization_v2.0.50727_32 - ok 15:25:47.0562 0624 CmdIde - ok 15:25:47.0578 0624 COMSysApp - ok 15:25:47.0593 0624 Cpqarray - ok 15:25:47.0609 0624 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 15:25:47.0765 0624 CryptSvc - ok 15:25:47.0781 0624 dac2w2k - ok 15:25:47.0781 0624 dac960nt - ok 15:25:47.0828 0624 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 15:25:48.0125 0624 DcomLaunch - ok 15:25:48.0203 0624 [ 770471DE2550820FEEB7E5D24BF2E273 ] DgiVecp C:\WINDOWS\system32\Drivers\DgiVecp.sys 15:25:48.0234 0624 DgiVecp ( UnsignedFile.Multi.Generic ) - warning 15:25:48.0234 0624 DgiVecp - detected UnsignedFile.Multi.Generic (1) 15:25:48.0281 0624 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 15:25:48.0421 0624 Dhcp - ok 15:25:48.0437 0624 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 15:25:48.0578 0624 Disk - ok 15:25:48.0593 0624 dmadmin - ok 15:25:48.0671 0624 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 15:25:48.0859 0624 dmboot - ok 15:25:48.0859 0624 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys 15:25:49.0031 0624 dmio - ok 15:25:49.0062 0624 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 15:25:49.0187 0624 dmload - ok 15:25:49.0218 0624 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll 15:25:49.0359 0624 dmserver - ok 15:25:49.0390 0624 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 15:25:49.0515 0624 DMusic - ok 15:25:49.0546 0624 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 15:25:49.0734 0624 Dnscache - ok 15:25:49.0781 0624 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 15:25:50.0078 0624 Dot3svc - ok 15:25:50.0093 0624 dpti2o - ok 15:25:50.0125 0624 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 15:25:50.0312 0624 drmkaud - ok 15:25:50.0375 0624 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll 15:25:50.0531 0624 EapHost - ok 15:25:50.0625 0624 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 15:25:50.0687 0624 eeCtrl - ok 15:25:50.0750 0624 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 15:25:50.0781 0624 EraserUtilRebootDrv - ok 15:25:50.0812 0624 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll 15:25:50.0953 0624 ERSvc - ok 15:25:51.0015 0624 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe 15:25:51.0046 0624 Eventlog - ok 15:25:51.0078 0624 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll 15:25:51.0140 0624 EventSystem - ok 15:25:51.0171 0624 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 15:25:51.0312 0624 Fastfat - ok 15:25:51.0359 0624 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 15:25:51.0468 0624 FastUserSwitchingCompatibility - ok 15:25:51.0515 0624 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 15:25:51.0625 0624 Fdc - ok 15:25:51.0671 0624 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 15:25:51.0781 0624 Fips - ok 15:25:51.0796 0624 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 15:25:51.0921 0624 Flpydisk - ok 15:25:52.0015 0624 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 15:25:52.0187 0624 FltMgr - ok 15:25:52.0281 0624 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 15:25:52.0359 0624 FontCache3.0.0.0 - ok 15:25:52.0359 0624 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:25:52.0515 0624 Fs_Rec - ok 15:25:52.0531 0624 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:25:52.0671 0624 Ftdisk - ok 15:25:52.0718 0624 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 15:25:52.0734 0624 GEARAspiWDM - ok 15:25:52.0765 0624 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys 15:25:52.0796 0624 gfibto - ok 15:25:52.0843 0624 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:25:52.0984 0624 Gpc - ok 15:25:53.0062 0624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 15:25:53.0093 0624 gupdate - ok 15:25:53.0109 0624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 15:25:53.0125 0624 gupdatem - ok 15:25:53.0140 0624 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:25:53.0296 0624 HDAudBus - ok 15:25:53.0375 0624 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 15:25:53.0515 0624 helpsvc - ok 15:25:53.0515 0624 HidServ - ok 15:25:53.0562 0624 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 15:25:53.0718 0624 hkmsvc - ok 15:25:53.0718 0624 hpn - ok 15:25:53.0765 0624 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 15:25:53.0828 0624 HTTP - ok 15:25:53.0843 0624 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 15:25:53.0984 0624 HTTPFilter - ok 15:25:53.0984 0624 i2omgmt - ok 15:25:54.0000 0624 i2omp - ok 15:25:54.0031 0624 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:25:54.0140 0624 i8042prt - ok 15:25:54.0234 0624 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 15:25:54.0421 0624 ialm - ok 15:25:54.0515 0624 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:25:54.0593 0624 idsvc - ok 15:25:54.0718 0624 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130124.001\IDSxpx86.sys 15:25:54.0781 0624 IDSxpx86 - ok 15:25:54.0812 0624 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 15:25:54.0937 0624 Imapi - ok 15:25:55.0000 0624 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe 15:25:55.0140 0624 ImapiService - ok 15:25:55.0156 0624 ini910u - ok 15:25:55.0328 0624 [ 71AE838A88B07268D732F596FC17CED5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 15:25:55.0671 0624 IntcAzAudAddService - ok 15:25:55.0703 0624 [ 72C63AD984D427D34BD5B9DB838D88EB ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 15:25:55.0828 0624 IntelIde - ok 15:25:55.0875 0624 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 15:25:56.0046 0624 intelppm - ok 15:25:56.0062 0624 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 15:25:56.0203 0624 Ip6Fw - ok 15:25:56.0234 0624 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:25:56.0390 0624 IpFilterDriver - ok 15:25:56.0421 0624 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:25:56.0546 0624 IpInIp - ok 15:25:56.0578 0624 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:25:56.0718 0624 IpNat - ok 15:25:56.0781 0624 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 15:25:56.0828 0624 iPod Service - ok 15:25:56.0859 0624 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:25:57.0015 0624 IPSec - ok 15:25:57.0031 0624 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 15:25:57.0140 0624 IRENUM - ok 15:25:57.0187 0624 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:25:57.0312 0624 isapnp - ok 15:25:57.0343 0624 [ 8F1BA487B35F0C8F637E05113AA815F8 ] itchfltr C:\WINDOWS\system32\DRIVERS\itchfltr.sys 15:25:57.0390 0624 itchfltr - ok 15:25:57.0515 0624 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 15:25:57.0531 0624 JavaQuickStarterService - ok 15:25:57.0546 0624 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:25:57.0671 0624 Kbdclass - ok 15:25:57.0703 0624 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 15:25:57.0828 0624 kmixer - ok 15:25:57.0859 0624 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 15:25:58.0031 0624 KSecDD - ok 15:25:58.0078 0624 [ 0F8B7BF7097D1E8D78F2F52A2BEA03CD ] L8042pr2 C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys 15:25:58.0125 0624 L8042pr2 - ok 15:25:58.0187 0624 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 15:25:58.0250 0624 lanmanserver - ok 15:25:58.0281 0624 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 15:25:58.0343 0624 lanmanworkstation - ok 15:25:58.0359 0624 Lbd - ok 15:25:58.0359 0624 lbrtfdc - ok 15:25:58.0437 0624 [ C12476DE1AFFB1BBA1A48A459CEB3D39 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 15:25:58.0437 0624 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 15:25:58.0437 0624 LightScribeService - detected UnsignedFile.Multi.Generic (1) 15:25:58.0484 0624 [ C837D17DE0B349539AA527EE750EBE2A ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe 15:25:58.0531 0624 LiveUpdate Notice Service - ok 15:25:58.0562 0624 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 15:25:58.0703 0624 LmHosts - ok 15:25:58.0750 0624 [ AEF09673376A4D93C09E8341854F1BF4 ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys 15:25:58.0765 0624 LMouFlt2 - ok 15:25:58.0812 0624 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 15:25:58.0828 0624 MBAMProtector - ok 15:25:58.0890 0624 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 15:25:58.0953 0624 MBAMScheduler - ok 15:25:59.0046 0624 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 15:25:59.0156 0624 MBAMService - ok 15:25:59.0171 0624 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll 15:25:59.0312 0624 Messenger - ok 15:25:59.0359 0624 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 15:25:59.0500 0624 mnmdd - ok 15:25:59.0531 0624 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 15:25:59.0640 0624 mnmsrvc - ok 15:25:59.0687 0624 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys 15:25:59.0796 0624 Modem - ok 15:25:59.0812 0624 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:25:59.0937 0624 Mouclass - ok 15:26:00.0078 0624 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 15:26:00.0234 0624 MountMgr - ok 15:26:00.0234 0624 mraid35x - ok 15:26:00.0265 0624 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:26:00.0390 0624 MRxDAV - ok 15:26:00.0421 0624 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:26:00.0562 0624 MRxSmb - ok 15:26:00.0578 0624 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe 15:26:00.0718 0624 MSDTC - ok 15:26:00.0734 0624 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 15:26:00.0890 0624 Msfs - ok 15:26:00.0890 0624 MSIServer - ok 15:26:00.0906 0624 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:26:01.0078 0624 MSKSSRV - ok 15:26:01.0109 0624 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:26:01.0234 0624 MSPCLOCK - ok 15:26:01.0234 0624 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 15:26:01.0375 0624 MSPQM - ok 15:26:01.0437 0624 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:26:01.0531 0624 mssmbios - ok 15:26:01.0578 0624 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 15:26:01.0640 0624 Mup - ok 15:26:01.0718 0624 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll 15:26:01.0875 0624 napagent - ok 15:26:02.0031 0624 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130125.023\NAVENG.SYS 15:26:02.0062 0624 NAVENG - ok 15:26:02.0125 0624 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130125.023\NAVEX15.SYS 15:26:02.0250 0624 NAVEX15 - ok 15:26:02.0343 0624 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 15:26:02.0500 0624 NDIS - ok 15:26:02.0546 0624 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:26:02.0625 0624 NdisTapi - ok 15:26:02.0671 0624 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:26:02.0796 0624 Ndisuio - ok 15:26:02.0843 0624 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:26:02.0968 0624 NdisWan - ok 15:26:03.0000 0624 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 15:26:03.0078 0624 NDProxy - ok 15:26:03.0093 0624 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 15:26:03.0203 0624 NetBIOS - ok 15:26:03.0234 0624 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 15:26:03.0359 0624 NetBT - ok 15:26:03.0390 0624 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe 15:26:03.0546 0624 NetDDE - ok 15:26:03.0546 0624 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 15:26:03.0671 0624 NetDDEdsdm - ok 15:26:03.0687 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe 15:26:03.0812 0624 Netlogon - ok 15:26:03.0843 0624 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll 15:26:03.0984 0624 Netman - ok 15:26:04.0046 0624 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:26:04.0078 0624 NetTcpPortSharing - ok 15:26:04.0156 0624 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe 15:26:04.0187 0624 NIS - ok 15:26:04.0250 0624 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll 15:26:04.0281 0624 Nla - ok 15:26:04.0312 0624 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 15:26:04.0437 0624 Npfs - ok 15:26:04.0468 0624 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 15:26:04.0640 0624 Ntfs - ok 15:26:04.0656 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 15:26:04.0765 0624 NtLmSsp - ok 15:26:04.0828 0624 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 15:26:05.0328 0624 NtmsSvc - ok 15:26:05.0359 0624 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 15:26:05.0500 0624 Null - ok 15:26:05.0531 0624 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:26:05.0656 0624 NwlnkFlt - ok 15:26:05.0671 0624 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:26:05.0843 0624 NwlnkFwd - ok 15:26:05.0875 0624 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 15:26:06.0000 0624 Parport - ok 15:26:06.0031 0624 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 15:26:06.0140 0624 PartMgr - ok 15:26:06.0187 0624 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 15:26:06.0312 0624 ParVdm - ok 15:26:06.0328 0624 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 15:26:06.0453 0624 PCI - ok 15:26:06.0468 0624 PCIDump - ok 15:26:06.0468 0624 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 15:26:06.0609 0624 PCIIde - ok 15:26:06.0671 0624 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 15:26:06.0796 0624 Pcmcia - ok 15:26:06.0812 0624 PDCOMP - ok 15:26:06.0812 0624 PDFRAME - ok 15:26:06.0828 0624 PDRELI - ok 15:26:06.0828 0624 PDRFRAME - ok 15:26:06.0843 0624 perc2 - ok 15:26:06.0859 0624 perc2hib - ok 15:26:06.0921 0624 Planner voor Automatische LiveUpdate - ok 15:26:06.0953 0624 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe 15:26:06.0984 0624 PlugPlay - ok 15:26:07.0000 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 15:26:07.0125 0624 PolicyAgent - ok 15:26:07.0156 0624 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:26:07.0265 0624 PptpMiniport - ok 15:26:07.0281 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 15:26:07.0390 0624 ProtectedStorage - ok 15:26:07.0406 0624 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 15:26:07.0531 0624 PSched - ok 15:26:07.0546 0624 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:26:07.0687 0624 Ptilink - ok 15:26:07.0718 0624 [ 7C81AE3C9B82BA2DA437ED4D31BC56CF ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 15:26:07.0750 0624 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning 15:26:07.0750 0624 PxHelp20 - detected UnsignedFile.Multi.Generic (1) 15:26:07.0750 0624 ql1080 - ok 15:26:07.0765 0624 Ql10wnt - ok 15:26:07.0765 0624 ql12160 - ok 15:26:07.0781 0624 ql1240 - ok 15:26:07.0781 0624 ql1280 - ok 15:26:07.0812 0624 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:26:07.0921 0624 RasAcd - ok 15:26:08.0000 0624 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll 15:26:08.0140 0624 RasAuto - ok 15:26:08.0156 0624 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:26:08.0296 0624 Rasl2tp - ok 15:26:08.0343 0624 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll 15:26:08.0468 0624 RasMan - ok 15:26:08.0484 0624 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:26:08.0593 0624 RasPppoe - ok 15:26:08.0609 0624 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 15:26:08.0734 0624 Raspti - ok 15:26:08.0750 0624 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:26:08.0875 0624 Rdbss - ok 15:26:08.0953 0624 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:26:09.0078 0624 RDPCDD - ok 15:26:09.0125 0624 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 15:26:09.0218 0624 RDPWD - ok 15:26:09.0250 0624 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 15:26:09.0406 0624 RDSessMgr - ok 15:26:09.0421 0624 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 15:26:09.0531 0624 redbook - ok 15:26:09.0578 0624 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 15:26:09.0718 0624 RemoteAccess - ok 15:26:09.0750 0624 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys 15:26:09.0906 0624 RFCOMM - ok 15:26:09.0937 0624 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys 15:26:10.0078 0624 ROOTMODEM - ok 15:26:10.0125 0624 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe 15:26:10.0234 0624 RpcLocator - ok 15:26:10.0265 0624 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll 15:26:10.0296 0624 RpcSs - ok 15:26:10.0312 0624 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe 15:26:10.0468 0624 RSVP - ok 15:26:10.0515 0624 [ D6E1B1BD04FAD422AF17FC4B810CB9AF ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 15:26:10.0546 0624 RTL8023xp - ok 15:26:10.0562 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe 15:26:10.0671 0624 SamSs - ok 15:26:10.0828 0624 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe 15:26:11.0234 0624 SBAMSvc - ok 15:26:11.0296 0624 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 15:26:11.0421 0624 SCardSvr - ok 15:26:11.0453 0624 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll 15:26:11.0609 0624 Schedule - ok 15:26:11.0656 0624 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:26:11.0828 0624 Secdrv - ok 15:26:11.0859 0624 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll 15:26:11.0968 0624 seclogon - ok 15:26:12.0015 0624 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll 15:26:12.0125 0624 SENS - ok 15:26:12.0156 0624 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 15:26:12.0281 0624 serenum - ok 15:26:12.0312 0624 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 15:26:12.0437 0624 Serial - ok 15:26:12.0453 0624 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 15:26:12.0593 0624 Sfloppy - ok 15:26:12.0640 0624 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 15:26:12.0828 0624 SharedAccess - ok 15:26:12.0859 0624 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 15:26:12.0875 0624 ShellHWDetection - ok 15:26:12.0890 0624 Simbad - ok 15:26:12.0906 0624 Sparrow - ok 15:26:12.0953 0624 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 15:26:13.0078 0624 splitter - ok 15:26:13.0125 0624 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 15:26:13.0187 0624 Spooler - ok 15:26:13.0218 0624 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 15:26:13.0328 0624 sr - ok 15:26:13.0375 0624 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll 15:26:13.0578 0624 srservice - ok 15:26:13.0734 0624 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1309000.009\SRTSP.SYS 15:26:14.0046 0624 SRTSP - ok 15:26:14.0078 0624 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1309000.009\SRTSPX.SYS 15:26:14.0109 0624 SRTSPX - ok 15:26:14.0156 0624 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 15:26:14.0296 0624 Srv - ok 15:26:14.0328 0624 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 15:26:14.0453 0624 SSDPSRV - ok 15:26:14.0468 0624 SSPORT - ok 15:26:14.0500 0624 [ 9D1A8732718438DC8C472D4D7762DE5F ] Start BT in service C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe 15:26:14.0515 0624 Start BT in service - ok 15:26:14.0562 0624 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll 15:26:14.0718 0624 stisvc - ok 15:26:14.0750 0624 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 15:26:14.0890 0624 swenum - ok 15:26:14.0968 0624 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 15:26:15.0078 0624 swmidi - ok 15:26:15.0093 0624 SwPrv - ok 15:26:15.0093 0624 symc810 - ok 15:26:15.0109 0624 symc8xx - ok 15:26:15.0156 0624 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMDS.SYS 15:26:15.0234 0624 SymDS - ok 15:26:15.0296 0624 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMEFA.SYS 15:26:15.0375 0624 SymEFA - ok 15:26:15.0421 0624 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 15:26:15.0453 0624 SymEvent - ok 15:26:15.0468 0624 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1309000.009\Ironx86.SYS 15:26:15.0500 0624 SymIRON - ok 15:26:15.0531 0624 [ 508BD882040F9CB12319E3A4FC78EDB9 ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS 15:26:15.0562 0624 SYMTDI - ok 15:26:15.0578 0624 sym_hi - ok 15:26:15.0593 0624 sym_u3 - ok 15:26:15.0609 0624 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 15:26:15.0734 0624 sysaudio - ok 15:26:15.0765 0624 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 15:26:15.0890 0624 SysmonLog - ok 15:26:15.0953 0624 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 15:26:16.0093 0624 TapiSrv - ok 15:26:16.0140 0624 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:26:16.0218 0624 Tcpip - ok 15:26:16.0250 0624 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 15:26:16.0375 0624 TDPIPE - ok 15:26:16.0390 0624 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 15:26:16.0500 0624 TDTCP - ok 15:26:16.0531 0624 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 15:26:16.0671 0624 TermDD - ok 15:26:16.0703 0624 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll 15:26:16.0828 0624 TermService - ok 15:26:16.0859 0624 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll 15:26:16.0890 0624 Themes - ok 15:26:16.0890 0624 TosIde - ok 15:26:16.0953 0624 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll 15:26:17.0140 0624 TrkWks - ok 15:26:17.0203 0624 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 15:26:17.0500 0624 Udfs - ok 15:26:17.0515 0624 ultra - ok 15:26:17.0562 0624 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 15:26:17.0750 0624 Update - ok 15:26:17.0781 0624 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll 15:26:17.0906 0624 upnphost - ok 15:26:17.0953 0624 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe 15:26:18.0093 0624 UPS - ok 15:26:18.0140 0624 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:26:18.0265 0624 usbccgp - ok 15:26:18.0281 0624 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:26:18.0406 0624 usbehci - ok 15:26:18.0437 0624 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:26:18.0562 0624 usbhub - ok 15:26:18.0578 0624 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:26:18.0718 0624 usbprint - ok 15:26:18.0750 0624 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:26:18.0859 0624 usbscan - ok 15:26:18.0968 0624 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:26:19.0078 0624 USBSTOR - ok 15:26:19.0093 0624 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 15:26:19.0218 0624 usbuhci - ok 15:26:19.0265 0624 [ 51750B0539986186C6931FC40D171521 ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys 15:26:19.0281 0624 VComm - ok 15:26:19.0296 0624 [ 6D9C891C0A761AFED1F3609C2E56F2B9 ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys 15:26:19.0312 0624 VcommMgr - ok 15:26:19.0343 0624 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 15:26:19.0453 0624 VgaSave - ok 15:26:19.0453 0624 ViaIde - ok 15:26:19.0500 0624 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 15:26:19.0625 0624 VolSnap - ok 15:26:19.0671 0624 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe 15:26:19.0812 0624 VSS - ok 15:26:19.0843 0624 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll 15:26:19.0968 0624 W32Time - ok 15:26:20.0000 0624 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:26:20.0125 0624 Wanarp - ok 15:26:20.0140 0624 WDICA - ok 15:26:20.0156 0624 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 15:26:20.0265 0624 wdmaud - ok 15:26:20.0312 0624 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll 15:26:20.0453 0624 WebClient - ok 15:26:20.0515 0624 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe 15:26:20.0546 0624 WinDefend - ok 15:26:20.0656 0624 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 15:26:20.0781 0624 winmgmt - ok 15:26:20.0828 0624 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 15:26:21.0078 0624 WmdmPmSN - ok 15:26:21.0109 0624 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 15:26:21.0250 0624 WmiApSrv - ok 15:26:21.0359 0624 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 15:26:21.0421 0624 WMPNetworkSvc - ok 15:26:21.0453 0624 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 15:26:21.0578 0624 wscsvc - ok 15:26:21.0593 0624 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 15:26:21.0734 0624 wuauserv - ok 15:26:21.0765 0624 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 15:26:21.0812 0624 WudfPf - ok 15:26:21.0828 0624 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 15:26:21.0875 0624 WudfRd - ok 15:26:21.0890 0624 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 15:26:21.0984 0624 WudfSvc - ok 15:26:22.0015 0624 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 15:26:22.0156 0624 WZCSVC - ok 15:26:22.0187 0624 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 15:26:22.0359 0624 xmlprov - ok 15:26:22.0359 0624 ================ Scan global =============================== 15:26:22.0406 0624 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll 15:26:22.0421 0624 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll 15:26:22.0468 0624 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll 15:26:22.0484 0624 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe 15:26:22.0484 0624 [Global] - ok 15:26:22.0484 0624 ================ Scan MBR ================================== 15:26:22.0515 0624 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0 15:26:22.0734 0624 \Device\Harddisk0\DR0 - ok 15:26:23.0078 0624 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR3 15:26:23.0218 0624 \Device\Harddisk1\DR3 - ok 15:26:23.0218 0624 ================ Scan VBR ================================== 15:26:23.0234 0624 [ C4C46FC3AB50F112270E26B5D8D32770 ] \Device\Harddisk0\DR0\Partition1 15:26:23.0234 0624 \Device\Harddisk0\DR0\Partition1 - ok 15:26:23.0234 0624 [ 2877D21307F0A6B40F296B4C8642ED3C ] \Device\Harddisk0\DR0\Partition2 15:26:23.0234 0624 \Device\Harddisk0\DR0\Partition2 - ok 15:26:23.0281 0624 [ 6491C57FD83D23B470881022F0ACBBC4 ] \Device\Harddisk1\DR3\Partition1 15:26:23.0281 0624 \Device\Harddisk1\DR3\Partition1 - ok 15:26:23.0281 0624 ============================================================ 15:26:23.0281 0624 Scan finished 15:26:23.0281 0624 ============================================================ 15:26:23.0421 0568 Detected object count: 5 15:26:23.0421 0568 Actual detected object count: 5 15:29:58.0468 0568 bgsvcgen ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 bgsvcgen ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:29:58.0468 0568 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user 15:29:58.0468 0568 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Juist iets stom ontdekt, ik had vorige week Ad-aware laten lopen, een snelle scan, niets gedetecteerd. Daags nadien een full scan. Ik had aan mijn vrouw gevraagd of er iets gemeld was (zij had de computer afgezet) Nee was het antwoord. Ik ben er ook niet meer gaan naar kijken. Nu wou ik malwareprogramma's uitzetten, blijkt dat Ad-Aware toch 2 bedreigingen had gevonden. 1 een heel serie cookies 2 een trojan virus nl Trojan.Win32.Generic.Pak! Cobra Als actie is daar dus niets mee gebeurt (aanbevolen actie cookies -delete en trojan - quarantaine) Moet ik dit eerst doen of eerst de tdsskiller

Nog een paar keer omgeleid, maar de meeste zoekopdrachten kwamen goed terecht. Zal straks nog eens proberen

Zoek.exe Version 4.0.0.1 Updated 24-January-2013 Tool run by admin on vr 25/01/2013 at 22:44:08,04. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Internet Explorer\SearchScopes\{D1736352-4B14-4E0F-8D03-459870CFB33B} deleted successfully ==== Deleting CLSID Registry Values ======================

Zoek.exe Version 4.0.0.1 Updated 24-January-2013 Tool run by admin on do 24/01/2013 at 23:44:16,48. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="" [-KEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk] ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\All Users\Bureaublad\sample_20132301_2114.zip" deleted

Word nu omgeleid naar google.com bij elke site die ik ook probeer na een zoekopdracht. Bij het telkens terugklikken gaat het geheugengebruik de hoogte in. Het geheugenniveau zakt terug bij het verlaten van IE

Bing is verdwenen als zoekmachine, google staat er terug als standaard zoekmachine.(was al gewijzigd voor de uitvoering van vorige opdracht) Geheugengebruik is weer normaal. In google word ik omgeleid naar google.be (blanco pag) na een paar keer heen en weer klikken kom ik op de juiste pag. Ofwel googleadservices.com , ook na een aantal keren klikken kom ik niet op gewenste pag. Omleiden gebeurt niet altijd.

In Bing ben ik ook omgeleid (naar Bing zelf lege pag) Hierbij het "zoek"log Zoek.exe Version 4.0.0.1 Updated 21-January-2013 Tool run by admin on wo 23/01/2013 at 21:11:38,71. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Creating Sample_20132301_2114.zip ====================== Process iexplore.exe killed Process rundll32.exe killed Copied file C:\Documents and Settings\admin\OOo_3.3.0_Win_x86_install-wJRE_nl.exe to sample sample\OOo_3.3.0_Win_x86_install-wJRE_nl.exe renamed to 0CB8FD56BDDA393762B50F6701ECD916 C:\Documents and Settings\All Users\Bureaublad\sample_20132301_2114.zip created successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Installed Programs ====================== Ad-Aware Antivirus Ad-Aware Browsing Protection Adobe ActiveShare 1.3 Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 7.1.0 - Nederlands Adobe Shockwave Player 11.5 Albelli.be Fotoboeken Apple Application Support Apple Mobile Device Support Apple Software Update Beveiligingsupdate for Windows Media Player 10 (KB917734) Beveiligingsupdate for Windows XP (KB923689) Beveiligingsupdate for Windows XP (KB941569) Beveiligingsupdate voor Microsoft Windows (KB2564958) Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090) Beveiligingsupdate voor Windows Internet Explorer 7 (KB929969) Beveiligingsupdate voor Windows Internet Explorer 7 (KB931768) Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566) Beveiligingsupdate voor Windows Internet Explorer 7 (KB937143) Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127) Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653) Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615) Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533) Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759) Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838) Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390) Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215) Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714) Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2416400) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465) Beveiligingsupdate voor Windows Internet Explorer 8 (KB969897) Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961) Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260) Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455) Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325) Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207) Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332) Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) Beveiligingsupdate voor Windows Media Player (KB2378111) Beveiligingsupdate voor Windows Media Player (KB911564) Beveiligingsupdate voor Windows Media Player (KB952069) Beveiligingsupdate voor Windows Media Player (KB954155) Beveiligingsupdate voor Windows Media Player (KB968816) Beveiligingsupdate voor Windows Media Player (KB973540) Beveiligingsupdate voor Windows Media Player (KB975558) Beveiligingsupdate voor Windows Media Player (KB978695) Beveiligingsupdate voor Windows Media Player 11 (KB936782) Beveiligingsupdate voor Windows Media Player 11 (KB954154) Beveiligingsupdate voor Windows Media Player 6.4 (KB925398) Beveiligingsupdate voor Windows Media Player 9 (KB917734) Beveiligingsupdate voor Windows XP (KB2079403) Beveiligingsupdate voor Windows XP (KB2115168) Beveiligingsupdate voor Windows XP (KB2121546) Beveiligingsupdate voor Windows XP (KB2160329) Beveiligingsupdate voor Windows XP (KB2229593) Beveiligingsupdate voor Windows XP (KB2259922) Beveiligingsupdate voor Windows XP (KB2279986) Beveiligingsupdate voor Windows XP (KB2286198) Beveiligingsupdate voor Windows XP (KB2296011) Beveiligingsupdate voor Windows XP (KB2296199) Beveiligingsupdate voor Windows XP (KB2347290) Beveiligingsupdate voor Windows XP (KB2360937) Beveiligingsupdate voor Windows XP (KB2387149) Beveiligingsupdate voor Windows XP (KB2393802) Beveiligingsupdate voor Windows XP (KB2412687) Beveiligingsupdate voor Windows XP (KB2419632) Beveiligingsupdate voor Windows XP (KB2423089) Beveiligingsupdate voor Windows XP (KB2436673) Beveiligingsupdate voor Windows XP (KB2440591) Beveiligingsupdate voor Windows XP (KB2443105) Beveiligingsupdate voor Windows XP (KB2476490) Beveiligingsupdate voor Windows XP (KB2476687) Beveiligingsupdate voor Windows XP (KB2478960) Beveiligingsupdate voor Windows XP (KB2478971) Beveiligingsupdate voor Windows XP (KB2479628) Beveiligingsupdate voor Windows XP (KB2479943) Beveiligingsupdate voor Windows XP (KB2481109) Beveiligingsupdate voor Windows XP (KB2483185) Beveiligingsupdate voor Windows XP (KB2485376) Beveiligingsupdate voor Windows XP (KB2485663) Beveiligingsupdate voor Windows XP (KB2503658) Beveiligingsupdate voor Windows XP (KB2503665) Beveiligingsupdate voor Windows XP (KB2506212) Beveiligingsupdate voor Windows XP (KB2506223) Beveiligingsupdate voor Windows XP (KB2507618) Beveiligingsupdate voor Windows XP (KB2507938) Beveiligingsupdate voor Windows XP (KB2508272) Beveiligingsupdate voor Windows XP (KB2508429) Beveiligingsupdate voor Windows XP (KB2509553) Beveiligingsupdate voor Windows XP (KB2511455) Beveiligingsupdate voor Windows XP (KB2524375) Beveiligingsupdate voor Windows XP (KB2535512) Beveiligingsupdate voor Windows XP (KB2536276-v2) Beveiligingsupdate voor Windows XP (KB2536276) Beveiligingsupdate voor Windows XP (KB2544893-v2) Beveiligingsupdate voor Windows XP (KB2544893) Beveiligingsupdate voor Windows XP (KB2555917) Beveiligingsupdate voor Windows XP (KB2562937) Beveiligingsupdate voor Windows XP (KB2566454) Beveiligingsupdate voor Windows XP (KB2567053) Beveiligingsupdate voor Windows XP (KB2567680) Beveiligingsupdate voor Windows XP (KB2570222) Beveiligingsupdate voor Windows XP (KB2570947) Beveiligingsupdate voor Windows XP (KB2584146) Beveiligingsupdate voor Windows XP (KB2585542) Beveiligingsupdate voor Windows XP (KB2592799) Beveiligingsupdate voor Windows XP (KB2598479) Beveiligingsupdate voor Windows XP (KB2603381) Beveiligingsupdate voor Windows XP (KB2618451) Beveiligingsupdate voor Windows XP (KB2619339) Beveiligingsupdate voor Windows XP (KB2620712) Beveiligingsupdate voor Windows XP (KB2621440) Beveiligingsupdate voor Windows XP (KB2624667) Beveiligingsupdate voor Windows XP (KB2631813) Beveiligingsupdate voor Windows XP (KB2633171) Beveiligingsupdate voor Windows XP (KB2639417) Beveiligingsupdate voor Windows XP (KB2641653) Beveiligingsupdate voor Windows XP (KB2646524) Beveiligingsupdate voor Windows XP (KB2647518) Beveiligingsupdate voor Windows XP (KB2653956) Beveiligingsupdate voor Windows XP (KB2655992) Beveiligingsupdate voor Windows XP (KB2659262) Beveiligingsupdate voor Windows XP (KB2660465) Beveiligingsupdate voor Windows XP (KB2661637) Beveiligingsupdate voor Windows XP (KB2676562) Beveiligingsupdate voor Windows XP (KB2685939) Beveiligingsupdate voor Windows XP (KB2686509) Beveiligingsupdate voor Windows XP (KB2691442) Beveiligingsupdate voor Windows XP (KB2695962) Beveiligingsupdate voor Windows XP (KB2698365) Beveiligingsupdate voor Windows XP (KB2705219) Beveiligingsupdate voor Windows XP (KB2707511) Beveiligingsupdate voor Windows XP (KB2709162) Beveiligingsupdate voor Windows XP (KB2712808) Beveiligingsupdate voor Windows XP (KB2718523) Beveiligingsupdate voor Windows XP (KB2719985) Beveiligingsupdate voor Windows XP (KB2723135) Beveiligingsupdate voor Windows XP (KB2724197) Beveiligingsupdate voor Windows XP (KB2727528) Beveiligingsupdate voor Windows XP (KB2731847) Beveiligingsupdate voor Windows XP (KB2753842-v2) Beveiligingsupdate voor Windows XP (KB2753842) Beveiligingsupdate voor Windows XP (KB2757638) Beveiligingsupdate voor Windows XP (KB2758857) Beveiligingsupdate voor Windows XP (KB2761226) Beveiligingsupdate voor Windows XP (KB2770660) Beveiligingsupdate voor Windows XP (KB2779030) Beveiligingsupdate voor Windows XP (KB913433) Beveiligingsupdate voor Windows XP (KB923561) Beveiligingsupdate voor Windows XP (KB938464-v2) Beveiligingsupdate voor Windows XP (KB938464) Beveiligingsupdate voor Windows XP (KB946648) Beveiligingsupdate voor Windows XP (KB950760) Beveiligingsupdate voor Windows XP (KB950762) Beveiligingsupdate voor Windows XP (KB950974) Beveiligingsupdate voor Windows XP (KB951066) Beveiligingsupdate voor Windows XP (KB951376-v2) Beveiligingsupdate voor Windows XP (KB951376) Beveiligingsupdate voor Windows XP (KB951698) Beveiligingsupdate voor Windows XP (KB951748) Beveiligingsupdate voor Windows XP (KB952004) Beveiligingsupdate voor Windows XP (KB952954) Beveiligingsupdate voor Windows XP (KB953839) Beveiligingsupdate voor Windows XP (KB954211) Beveiligingsupdate voor Windows XP (KB954459) Beveiligingsupdate voor Windows XP (KB954600) Beveiligingsupdate voor Windows XP (KB955069) Beveiligingsupdate voor Windows XP (KB956391) Beveiligingsupdate voor Windows XP (KB956572) Beveiligingsupdate voor Windows XP (KB956744) Beveiligingsupdate voor Windows XP (KB956802) Beveiligingsupdate voor Windows XP (KB956803) Beveiligingsupdate voor Windows XP (KB956841) Beveiligingsupdate voor Windows XP (KB956844) Beveiligingsupdate voor Windows XP (KB957095) Beveiligingsupdate voor Windows XP (KB957097) Beveiligingsupdate voor Windows XP (KB958644) Beveiligingsupdate voor Windows XP (KB958687) Beveiligingsupdate voor Windows XP (KB958690) Beveiligingsupdate voor Windows XP (KB958869) Beveiligingsupdate voor Windows XP (KB959426) Beveiligingsupdate voor Windows XP (KB960225) Beveiligingsupdate voor Windows XP (KB960715) Beveiligingsupdate voor Windows XP (KB960803) Beveiligingsupdate voor Windows XP (KB960859) Beveiligingsupdate voor Windows XP (KB961371) Beveiligingsupdate voor Windows XP (KB961373) Beveiligingsupdate voor Windows XP (KB961501) Beveiligingsupdate voor Windows XP (KB968537) Beveiligingsupdate voor Windows XP (KB969059) Beveiligingsupdate voor Windows XP (KB969898) Beveiligingsupdate voor Windows XP (KB969947) Beveiligingsupdate voor Windows XP (KB970238) Beveiligingsupdate voor Windows XP (KB970430) Beveiligingsupdate voor Windows XP (KB971468) Beveiligingsupdate voor Windows XP (KB971486) Beveiligingsupdate voor Windows XP (KB971557) Beveiligingsupdate voor Windows XP (KB971633) Beveiligingsupdate voor Windows XP (KB971657) Beveiligingsupdate voor Windows XP (KB972270) Beveiligingsupdate voor Windows XP (KB973346) Beveiligingsupdate voor Windows XP (KB973354) Beveiligingsupdate voor Windows XP (KB973507) Beveiligingsupdate voor Windows XP (KB973525) Beveiligingsupdate voor Windows XP (KB973869) Beveiligingsupdate voor Windows XP (KB973904) Beveiligingsupdate voor Windows XP (KB974112) Beveiligingsupdate voor Windows XP (KB974318) Beveiligingsupdate voor Windows XP (KB974392) Beveiligingsupdate voor Windows XP (KB974571) Beveiligingsupdate voor Windows XP (KB975025) Beveiligingsupdate voor Windows XP (KB975467) Beveiligingsupdate voor Windows XP (KB975560) Beveiligingsupdate voor Windows XP (KB975561) Beveiligingsupdate voor Windows XP (KB975562) Beveiligingsupdate voor Windows XP (KB975713) Beveiligingsupdate voor Windows XP (KB977165) Beveiligingsupdate voor Windows XP (KB977816) Beveiligingsupdate voor Windows XP (KB977914) Beveiligingsupdate voor Windows XP (KB978037) Beveiligingsupdate voor Windows XP (KB978251) Beveiligingsupdate voor Windows XP (KB978262) Beveiligingsupdate voor Windows XP (KB978338) Beveiligingsupdate voor Windows XP (KB978542) Beveiligingsupdate voor Windows XP (KB978601) Beveiligingsupdate voor Windows XP (KB978706) Beveiligingsupdate voor Windows XP (KB979309) Beveiligingsupdate voor Windows XP (KB979482) Beveiligingsupdate voor Windows XP (KB979559) Beveiligingsupdate voor Windows XP (KB979683) Beveiligingsupdate voor Windows XP (KB979687) Beveiligingsupdate voor Windows XP (KB980195) Beveiligingsupdate voor Windows XP (KB980218) Beveiligingsupdate voor Windows XP (KB980232) Beveiligingsupdate voor Windows XP (KB980436) Beveiligingsupdate voor Windows XP (KB981322) Beveiligingsupdate voor Windows XP (KB981852) Beveiligingsupdate voor Windows XP (KB981957) Beveiligingsupdate voor Windows XP (KB981997) Beveiligingsupdate voor Windows XP (KB982132) Beveiligingsupdate voor Windows XP (KB982214) Beveiligingsupdate voor Windows XP (KB982665) Beveiligingsupdate voor Windows XP (KB982802) BlockCAD 3.19 Bluesoleil2.7.0.35 VoIP Release 080317 Bonjour BufferChm CameraDrivers CameraUserGuides Codec Pack - All In 1 6.0.3.0 CP_AtenaShokunin1Config CP_CalendarTemplates1 cp_OnlineProjectsConfig CP_Package_Basic1 CP_Panorama1Config cp_PosterPrintConfig CueTour Destinations DeviceFunctionQFolder DeviceManagementQFolder Disney's SpellenSpektakel DriveImage XML Dropbox dword:00000000 EDUROM Tafeltrainer EPSON-printersoftware EPSON Attach To Email EPSON Easy Photo Print EPSON File Manager EPSON Print CD EPSON PRINT Image Framer Tool EPSON Scan Assistant EPSON Web-To-Page ESPR340 Gebruikershandleiding Essenti‰le update voor Windows Media Player 11 (KB959772) eSupportQFolder FREEDOM SceneView FullDPAppQFolder Google Update Helper High Definition Audio Driver Package - KB888111 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix voor Windows Internet Explorer 7 (KB947864) Hotfix voor Windows Media Player 11 (KB939683) Hotfix voor Windows XP (KB2158563) Hotfix voor Windows XP (KB2443685) Hotfix voor Windows XP (KB2570791) Hotfix voor Windows XP (KB2633952) Hotfix voor Windows XP (KB2756822) Hotfix voor Windows XP (KB2779562) Hotfix voor Windows XP (KB952287) Hotfix voor Windows XP (KB961118) Hotfix voor Windows XP (KB970653-v3) Hotfix voor Windows XP (KB976098-v2) Hotfix voor Windows XP (KB979306) Hotfix voor Windows XP (KB981793) HP Imaging Device Functions 6.0 HP Photosmart-camera's 6.0 HP Photosmart Premier Software 6.0 HP PrecisionScan LTX HP Product Assistant HP Solution Center and Imaging Support Tools 6.0 HP Update hpiCamDrvQFolder HPProductAssistant Huggly's Schildpadden Speurtocht Ik zie Fantasie Ik zie, ik zie in het spookhuis IKEA Home Planner ImageMixer VCD/DVD2 for OLYMPUS InstantShareDevices Intel® Graphics Media Accelerator Driver iTunes Java Auto Updater Java 6 Update 22 Java 6 Update 24 Junior Interactif LightScribe 1.4.44.1 LiveUpdate Notice (Symantec Corporation) Logitech iTouch-software Logitech MouseWare 9.79.1 Lucky luke - De zingende draad Malwarebytes Anti-Malware versie 1.70.0.1100 Meep Media Downloader Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MuseScore 1.0 MuseScore score typesetter Nero Digital Nero OEM Nero Suite Norton Internet Security Norton Security Scan OLYMPUS Master OpenOffice.org 3.3 Overhoor voor Windows 4.5.1 PanoStandAlone Partituur Expert 2005 PhotoGallery PIF DESIGNER PrintMaster 7.00 QSuite Ver2.1 QuickTime RandMap Realtek High Definition Audio Driver REALTEK PCIE NIC Driver Recuva Samsung ML-1640 Series Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Shockwave Director 11.0 SkinsHP1 SlowView SolutionCenter Sonic_PrimoSDK Spybot - Search & Destroy Spybot - Search & Destroy 1.4 Status Super Collapse 3 Deluxe Teach2000 8.42 TimeCalendar 1.6.7 TrayApp Trellix Web Unity Web Player Unload Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update voor Windows Internet Explorer 8 (KB971930) Update voor Windows Internet Explorer 8 (KB976662) Update voor Windows Internet Explorer 8 (KB976749) Update voor Windows Internet Explorer 8 (KB980182) Update voor Windows XP (KB2141007) Update voor Windows XP (KB2345886) Update voor Windows XP (KB2467659) Update voor Windows XP (KB2541763) Update voor Windows XP (KB2607712) Update voor Windows XP (KB2616676) Update voor Windows XP (KB2641690) Update voor Windows XP (KB2661254-v2) Update voor Windows XP (KB2718704) Update voor Windows XP (KB2736233) Update voor Windows XP (KB2749655) Update voor Windows XP (KB951072-v2) Update voor Windows XP (KB951978) Update voor Windows XP (KB955759) Update voor Windows XP (KB955839) Update voor Windows XP (KB967715) Update voor Windows XP (KB968389) Update voor Windows XP (KB971029) Update voor Windows XP (KB971737) Update voor Windows XP (KB973687) Update voor Windows XP (KB973815) Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 1.1.11 WebFldrs XP WebReg Windows Defender Windows Defender Signatures Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows PowerShell 1.0 Windows XP Service Pack 3 YouTube Downloader Toolbar v4.7 YTD Video Downloader 3.9.4 Zylom Games Player Plugin ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\admin\OOo_3.3.0_Win_x86_install-wJRE_nl.exe" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\admin\LOCALS~1\Temp ==== 2013-01-13 21:14:02 4B3BA728905957A78886034A8BA86C7D 18339544 ----a-w- C:\DOCUME~1\admin\LOCALS~1\Temp\37c337b1-2919-4228-ae63-054a9f774ff5.exe 2013-01-13 21:11:54 4CAB419288A3569B7BFA2D7C03140452 3087584 ----a-w- C:\DOCUME~1\admin\LOCALS~1\Temp\6e6b6a45-6a7f-4618-b4b2-d954364165b5.exe ====== C:\WINDOWS\system32 ===== 2013-01-15 02:18:31 3EEBB957AC98AD07D06E4238A8BC7413 1190 ----a-w- C:\WINDOWS\System32\ServiceConfig.xml 2013-01-13 21:16:58 7D7A100919F0416FAC602F5345005058 44424 ----a-w- C:\WINDOWS\System32\sbbd.exe ====== C:\WINDOWS\system32\drivers ===== 2013-01-13 21:16:58 483924F92E55A5F9423201EC635E2CED 13560 ----a-w- C:\WINDOWS\System32\drivers\gfibto.sys ====== C:\WINDOWS\Tasks ====== 2013-01-13 21:49:46 AB9FAE1111E5082D96C04BBF51456413 944 ----a-w- C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-01-20 12:12:13 -------- d-----w- C:\Program Files\Trend Micro 2013-01-13 21:21:34 -------- d-----w- C:\Program Files\Ad-Aware Antivirus 2013-01-13 21:13:36 -------- d-----w- C:\Program Files\Toolbar Cleaner 2013-01-07 11:46:11 -------- d-----w- C:\Program Files\MSBuild 2013-01-07 11:46:00 -------- d-----w- C:\Program Files\Reference Assemblies ======= C: ===== 2013-01-21 22:37:14 B6E6F0FC19E3804ED48967B10D4FABB5 5783 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Documents and Settings\admin\Application Data ====== 2013-01-13 21:48:41 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus 2013-01-13 21:45:01 -------- d-----w- C:\Documents and Settings\admin\Application Data\LavasoftStatistics 2013-01-13 21:17:09 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations 2013-01-13 21:14:02 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp 2013-01-13 21:13:54 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection 2013-01-07 14:08:14 -------- d-----w- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics ====== C:\Documents and Settings\admin ====== ====== C: exe-files == 2013-01-21 22:35:33 0F76DD0978CB15119F6A8D45A0C94023 574315 ----a-w- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe === C: other files == 2013-01-23 20:15:03 3AF86A0ECF010C7E6E2E5E7D49E069AF 154712561 ----a-w- C:\Documents and Settings\All Users\Bureaublad\sample_20132301_2114.zip 2013-01-22 16:57:14 A067FD7FE78950C95CC4CD41570849D4 6970 ----a-w- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp\data\temp.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TimeCalendar"="C:\Program Files\TimeCalendar\TC.exe auto" "OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 -reboot 1" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" "Logitech Utility"="Logi_MwX.Exe" "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" "EPSON Stylus Photo R340 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE /P30 EPSON Stylus Photo R340 Series /O6 USB001 /M Stylus Photo R340" "OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" "Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" "Ad-Aware Browsing Protection"="C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "TimeCalendar"="C:\Program Files\TimeCalendar\TC.exe auto" "OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 -reboot 1" ==== Startup Folders ====================== 2012-05-15 14:44:11 1024 ----a-w- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk 2012-01-09 21:33:12 864 ----a-w- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk 2008-05-17 09:15:36 1757 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job --a------ C:\PROGRA1\AD-AWA1\AdAwareLauncher.exe [] C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [] C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/01/2013 20:52] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/01/2010 11:16] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/01/2010 11:16] C:\WINDOWS\tasks\MP Scheduled Scan.job --ah----- C:\Program Files\Windows Defender\MpCmdRun.exe [03/11/2006 18:20] C:\WINDOWS\tasks\NSSstub.job --a------ C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [23/09/2009 17:30] C:\WINDOWS\tasks\NSSstub.job --a------ downloadC:\WINDOWS\system32\Adobe\Shockwave 11\adminNSSStub exe0 [] C:\WINDOWS\tasks\NSSstub.job --a------ C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [23/09/2009 17:30] C:\WINDOWS\tasks\NSSstub.job --a------ downloadC:\WINDOWS\system32\Adobe\Shockwave 11\adminNSSStub exe0 [] C:\WINDOWS\tasks\NSSstub.job --a------ s 3C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [] C:\WINDOWS\tasks\NSSstub.job --a------ C:\WINDOWS\system32\Adobe\Shockwave 11\adminNSSStub exe0 [] C:\WINDOWS\tasks\UQNAEBM.job --a------ C:\WINDOWS\system32\rundll32.exe [14/04/2008 18:03] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\Exts\Chrome.crx[26/09/2012 04:11] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Belgian Athletics - Calendar - Results - Rankings - Athletes" "Search Bar"="Upgrade to Google Chrome" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="Bing" "Start Page"="Belgian Athletics - Calendar - Results - Rankings - Athletes" ==== All HKCU SearchScopes ====================== HKCU\*\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKCU\*\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing" HKCU\*\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" HKCU\*\SearchScopes\{D1736352-4B14-4E0F-8D03-459870CFB33B} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}" ==== Empty IE Cache ====================== C:\Documents and Settings\admin\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\admin\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

Google is uit de keuzelijst verdwenen (rechtsboven in de IE toolbar) Bij zoekopdrachten in google wordt ik nog omgeleid naar google zelf (blanco pagina) maar minder frequent. Openen van pagina's gebeurt traag. Ik denk dat ik een groter geheugengebruik heb. Meer meldingen van groot geheugengebruik, een maal zelfs de melding eerst een toepassing sluiten vooraleer verder te gaan.

# AdwCleaner v2.107 - Verslag gemaakt op 21/01/2013 om 23:37:14 # Geactualiseerd op 21/01/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : admin - PRELOAD # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job Map Verwijdert : C:\DOCUME~1\admin\LOCALS~1\Temp\AskSearch Map Verwijdert : C:\Documents and Settings\admin\Application Data\adawaretb Map Verwijdert : C:\Documents and Settings\admin\Application Data\AskToolbar Map Verwijdert : C:\Documents and Settings\admin\Local Settings\Application Data\AskToolbar Map Verwijdert : C:\Documents and Settings\All Users\Application Data\blekko toolbars Map Verwijdert : C:\Program Files\adawaretb Map Verwijdert : C:\Program Files\Ask.com Map Verwijdert : C:\Program Files\YouTube Downloader Toolbar Map Verwijdert : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\AppDataLow\AskToolbarInfo Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Search Settings Sleutel Verwijdert : HKCU\Software\Ask.com Sleutel Verwijdert : HKCU\Software\AskToolbar Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\Software\Search Settings Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Waarde Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [] ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [5654 octets] - [21/01/2013 23:37:14] ########## EOF - C:\AdwCleaner[s1].txt - [5714 octets] ##########

Mako, Ask (toolbar) kon ik niet deinstaleren (stond niet in de lijst, ook niet als keuze van toolbars in IE) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:41:03, on 21/01/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\QuickTime\qttask.exe C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TimeCalendar\TC.exe C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\AD-AWA~1\AdAware.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe c:\program files\internet explorer\iexplore.exe c:\program files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Belgian Athletics - Calendar - Results - Rankings - Athletes R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE /P30 "EPSON Stylus Photo R340 Series" /O6 "USB001" /M "Stylus Photo R340" O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TimeCalendar] "C:\Program Files\TimeCalendar\TC.exe" auto O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- End of file - 10129 bytes Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.01.21.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 admin :: PRELOAD [administrator] 21/01/2013 20:59:57 mbam-log-2013-01-21 (20-59-57).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 242650 Verstreken tijd: 20 minuut/minuten, 57 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)