Dannyjs
-
Items
26 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Dannyjs
-
-
# AdwCleaner v3.018 - Report created 28/01/2014 at 20:26:34
# Updated 28/01/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Admin - HP-THUISPC
# Running from : C:\Users\Admin\Downloads\adwcleaner (1).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\InstallCore
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1169 octets] - [28/01/2014 20:23:19]
AdwCleaner[s0].txt - [1000 octets] - [28/01/2014 20:26:34]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1060 octets] ##########
-
Hoi,
Ze zeggen mij juist dat de computer vandaag nog gebruikt geweest is. Waaronder ook opslag op een USB stick.
Ik weet niet of dit gevolgen heeft voor het verdere verloop.
Danny
-
Zoek.exe v5.0.0.0 Updated 25-January-2014
Tool run by Admin on ma 27/01/2014 at 20:17:22,80.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Admin\Desktop\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2014-01-27-170417.log 16026 bytes
==== Deleting Files \ Folders ======================
C:\Users\Admin\Downloads\infrarecorder [1] not found
C:\Program Files (x86)\RightSurf not found
C:\Users\Admin\AppData\Roaming\InfraRecorder deleted
C:\Program Files (x86)\InfraRecorder deleted
==== C:\zoek_backup content ======================
C:\zoek_backup (files=106 folders=19 18250677 bytes)
==== EOF on ma 27/01/2014 at 20:18:34,29 ======================
-
[ATTACH]30060[/ATTACH]
-
-
Hallo
Sinds vandaag heb ik geen enkel icoon meer op het bureaublad staan.
Op internetpagina (IE) komt er langs rechts een inschuifbalk tevoorschijn met titel 'Related Searches' en soms een pop-upvenster aan de onderkant.
Volgens ik kon vinden zou het om malware gaan.
Gisteren heb ik het programma 'InfraRecorder' (om een iso-bestand op een DVD te branden)gedownload en ook het iso-bestand van linuxmint.
Wat kan ik doen om dit te verwijderen?
Alvast bedankt voor de reactie
Danny
Hieronder het RSIT log
(kan het RSIT niet meesturen. Bijlage bijvoegen gaat niet. In het venster om het bestand te kiezen komt de inschuifbalk en de knop van bestand kiezen valt uit het venster. Ook het bijplakken bij het bericht gaat niet)
-
Nogmaals bedankt
-
Het ziet er goed uit. Alle zoekopdrachten komen goed terecht.
-
HitmanPro 3.7.1.186 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : PRELOAD Windows . . . . . . . : 5.1.3.2600.X86/2 User name . . . . . . : PRELOAD\admin License . . . . . . . : Free Scan date . . . . . . : 2013-01-30 22:54:09 Scan mode . . . . . . : Normal Scan duration . . . . : 3m 22s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 437 Objects scanned . . . : 769.615 Files scanned . . . . : 47.704 Remnants scanned . . : 203.244 files / 518.667 keys Malware _____________________________________________________________________ C:\WINDOWS\system32\Lffpx73.dll Size . . . . . . . : 102.400 bytes Age . . . . . . . : 74.0 days (2012-11-17 21:59:42) Entropy . . . . . : 5.6 SHA-256 . . . . . : 1E087D3C0FC91739763FEB9575B484DE80DBFBB9252E63FD44089C7800559343 > G Data . . . . . . : Gen:Variant.Symmi.8356 (Engine A) > Ikarus . . . . . . : Trojan.Crypt!IK Fuzzy . . . . . . : 115.0 Startup C:\WINDOWS\Tasks\UQNAEBM.job Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) HKU\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\AskTB5.6 (AskBar) Cookies _____________________________________________________________________ C:\Documents and Settings\admin\Cookies\0F5G68ZE.txt C:\Documents and Settings\admin\Cookies\0HBO3BQJ.txt C:\Documents and Settings\admin\Cookies\0IHHOCIA.txt C:\Documents and Settings\admin\Cookies\0IMG9AIT.txt C:\Documents and Settings\admin\Cookies\0K3E0D60.txt C:\Documents and Settings\admin\Cookies\0KLBPFMT.txt C:\Documents and Settings\admin\Cookies\0QFCJ3VZ.txt C:\Documents and Settings\admin\Cookies\0QW6J1F1.txt C:\Documents and Settings\admin\Cookies\0ZN1D40R.txt C:\Documents and Settings\admin\Cookies\1332G3JE.txt C:\Documents and Settings\admin\Cookies\14SXFHKF.txt C:\Documents and Settings\admin\Cookies\1YNKHADZ.txt C:\Documents and Settings\admin\Cookies\1ZW5D6BT.txt C:\Documents and Settings\admin\Cookies\21TK81TT.txt C:\Documents and Settings\admin\Cookies\24H6U99U.txt C:\Documents and Settings\admin\Cookies\2F9J15P2.txt C:\Documents and Settings\admin\Cookies\2JB1V3SZ.txt C:\Documents and Settings\admin\Cookies\2JIHKVB2.txt C:\Documents and Settings\admin\Cookies\2NFX8W90.txt C:\Documents and Settings\admin\Cookies\2X1Y3ZZ9.txt C:\Documents and Settings\admin\Cookies\2Z6AOSUA.txt C:\Documents and Settings\admin\Cookies\30EYXN5M.txt C:\Documents and Settings\admin\Cookies\32GKW5V3.txt C:\Documents and Settings\admin\Cookies\331PD0BN.txt C:\Documents and Settings\admin\Cookies\33D7BJFP.txt C:\Documents and Settings\admin\Cookies\34X5DRCL.txt C:\Documents and Settings\admin\Cookies\3A2AN1XV.txt C:\Documents and Settings\admin\Cookies\3EM4BX2Q.txt C:\Documents and Settings\admin\Cookies\3PCSTTQU.txt C:\Documents and Settings\admin\Cookies\3SYOFN73.txt C:\Documents and Settings\admin\Cookies\3T0D2BGR.txt C:\Documents and Settings\admin\Cookies\3XJD6BQI.txt C:\Documents and Settings\admin\Cookies\44XTH6ZU.txt C:\Documents and Settings\admin\Cookies\478QO8LI.txt C:\Documents and Settings\admin\Cookies\4A6CAMRV.txt C:\Documents and Settings\admin\Cookies\4CPGU5Q2.txt C:\Documents and Settings\admin\Cookies\4D2RFAIK.txt C:\Documents and Settings\admin\Cookies\4PLDXU5H.txt C:\Documents and Settings\admin\Cookies\4RMF54GH.txt C:\Documents and Settings\admin\Cookies\4YDYWYMQ.txt C:\Documents and Settings\admin\Cookies\4ZRF4TSF.txt C:\Documents and Settings\admin\Cookies\52LA36E5.txt C:\Documents and Settings\admin\Cookies\54L9J4OQ.txt C:\Documents and Settings\admin\Cookies\568MFU0K.txt C:\Documents and Settings\admin\Cookies\5IMB4UHT.txt C:\Documents and Settings\admin\Cookies\5NOT817W.txt C:\Documents and Settings\admin\Cookies\5Q2DZD7F.txt C:\Documents and Settings\admin\Cookies\5UFXL1I1.txt C:\Documents and Settings\admin\Cookies\5XTCLQXC.txt C:\Documents and Settings\admin\Cookies\61WFF17C.txt C:\Documents and Settings\admin\Cookies\6295681U.txt C:\Documents and Settings\admin\Cookies\66OT5BP1.txt C:\Documents and Settings\admin\Cookies\69JP87TC.txt C:\Documents and Settings\admin\Cookies\6BRTRPD3.txt C:\Documents and Settings\admin\Cookies\6G0UY828.txt C:\Documents and Settings\admin\Cookies\6MLPX44T.txt C:\Documents and Settings\admin\Cookies\6ONFSX62.txt C:\Documents and Settings\admin\Cookies\6PS4EAD0.txt C:\Documents and Settings\admin\Cookies\6UMLE6SH.txt C:\Documents and Settings\admin\Cookies\6W1OHV1Q.txt C:\Documents and Settings\admin\Cookies\70I04ZJW.txt C:\Documents and Settings\admin\Cookies\71A6WGHI.txt C:\Documents and Settings\admin\Cookies\72F4YH4X.txt C:\Documents and Settings\admin\Cookies\72VMEDSO.txt C:\Documents and Settings\admin\Cookies\743AZO9W.txt C:\Documents and Settings\admin\Cookies\76LHOWL9.txt C:\Documents and Settings\admin\Cookies\77Z0E8QV.txt C:\Documents and Settings\admin\Cookies\78NUWD51.txt C:\Documents and Settings\admin\Cookies\7FFI3HVI.txt C:\Documents and Settings\admin\Cookies\7FG4VZUZ.txt C:\Documents and Settings\admin\Cookies\7GJWKQMJ.txt C:\Documents and Settings\admin\Cookies\7VDKAKS4.txt C:\Documents and Settings\admin\Cookies\7YMEA3MK.txt C:\Documents and Settings\admin\Cookies\84N0PA10.txt C:\Documents and Settings\admin\Cookies\856E1888.txt C:\Documents and Settings\admin\Cookies\88SHPJFC.txt C:\Documents and Settings\admin\Cookies\8FLM1RBF.txt C:\Documents and Settings\admin\Cookies\8JU61BRX.txt C:\Documents and Settings\admin\Cookies\8MQT2LGU.txt C:\Documents and Settings\admin\Cookies\8RU5JU3O.txt C:\Documents and Settings\admin\Cookies\91JTUWFR.txt C:\Documents and Settings\admin\Cookies\951E2XSK.txt C:\Documents and Settings\admin\Cookies\9735UGXB.txt C:\Documents and Settings\admin\Cookies\976Q4SC3.txt C:\Documents and Settings\admin\Cookies\98AHS3WS.txt C:\Documents and Settings\admin\Cookies\99M66J1F.txt C:\Documents and Settings\admin\Cookies\9KC2JZEA.txt C:\Documents and Settings\admin\Cookies\9L4D33KZ.txt C:\Documents and Settings\admin\Cookies\9Q8477HY.txt C:\Documents and Settings\admin\Cookies\9RJ827PU.txt C:\Documents and Settings\admin\Cookies\9V9FDHEY.txt C:\Documents and Settings\admin\Cookies\A0KBMLB2.txt C:\Documents and Settings\admin\Cookies\A62DS91O.txt C:\Documents and Settings\admin\Cookies\admin@2hot****[2].txt C:\Documents and Settings\admin\Cookies\admin@ad.adocean[1].txt C:\Documents and Settings\admin\Cookies\admin@ad.caradisiac[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.adtop[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.adultpopunders[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.asp[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.belcenter[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.bnmedia[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.carbu[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.carocean.co[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.christianpost[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.columbusmagazine[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.eisma[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.elkspel[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.emesa[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.friendlyjerk[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.kookjij[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.myjizztube[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.neudesicmediagroup[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.nmv[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.o2[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.oneclicktube[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.****ostiefn[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.postimees[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.raasnet[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.routeyou[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.songteksten[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.stockverkoopadressen[2].txt C:\Documents and Settings\admin\Cookies\admin@ads.supplyframe[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.traffikings[1].txt C:\Documents and Settings\admin\Cookies\admin@ads.watchmygf[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.adremedy[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver.bluestar-interactive[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver.deinternetregie[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.ignitad[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.ikiosk[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.qplaygames[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver.yopi[1].txt C:\Documents and Settings\admin\Cookies\admin@adserver2.spele[2].txt C:\Documents and Settings\admin\Cookies\admin@adserver3.spele[2].txt C:\Documents and Settings\admin\Cookies\admin@advertentie.zoekwekker[1].txt C:\Documents and Settings\admin\Cookies\admin@adverteren-gratis[2].txt C:\Documents and Settings\admin\Cookies\admin@advertising.studioemma[1].txt C:\Documents and Settings\admin\Cookies\admin@am1.activemeter[2].txt C:\Documents and Settings\admin\Cookies\admin@amateursexpert[2].txt C:\Documents and Settings\admin\Cookies\admin@auth.livejasmin[2].txt C:\Documents and Settings\admin\Cookies\admin@banners.facebookofsex[1].txt C:\Documents and Settings\admin\Cookies\admin@crazy****7[2].txt C:\Documents and Settings\admin\Cookies\admin@delivery.adyea[2].txt C:\Documents and Settings\admin\Cookies\admin@dicksgeilesexxxpagina[1].txt C:\Documents and Settings\admin\Cookies\admin@dumpa****[2].txt C:\Documents and Settings\admin\Cookies\admin@facebookofsex[1].txt C:\Documents and Settings\admin\Cookies\admin@free.****dirt[2].txt C:\Documents and Settings\admin\Cookies\admin@freezingsex[1].txt C:\Documents and Settings\admin\Cookies\admin@fuck-tube[1].txt C:\Documents and Settings\admin\Cookies\admin@fuck-vids[1].txt C:\Documents and Settings\admin\Cookies\admin@fuckinghard[1].txt C:\Documents and Settings\admin\Cookies\admin@gratis-****o-filmpjes[2].txt C:\Documents and Settings\admin\Cookies\admin@gratis****ofilmpje[2].txt C:\Documents and Settings\admin\Cookies\admin@hornymatches[1].txt C:\Documents and Settings\admin\Cookies\admin@idfact.adservinginternational[1].txt C:\Documents and Settings\admin\Cookies\admin@in.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@justmakeitsexy[1].txt C:\Documents and Settings\admin\Cookies\admin@m.mystats[2].txt C:\Documents and Settings\admin\Cookies\admin@m2.sexgarantie[2].txt C:\Documents and Settings\admin\Cookies\admin@m2.sexgarantie[3].txt C:\Documents and Settings\admin\Cookies\admin@mature-amateur-sex[2].txt C:\Documents and Settings\admin\Cookies\admin@naked[2].txt C:\Documents and Settings\admin\Cookies\admin@noobfuck[2].txt C:\Documents and Settings\admin\Cookies\admin@novo****[2].txt C:\Documents and Settings\admin\Cookies\admin@onetwo****[2].txt C:\Documents and Settings\admin\Cookies\admin@****oland.x0[1].txt C:\Documents and Settings\admin\Cookies\admin@****omedia[1].txt C:\Documents and Settings\admin\Cookies\admin@****toob[1].txt C:\Documents and Settings\admin\Cookies\admin@****visit[1].txt C:\Documents and Settings\admin\Cookies\admin@****ycom[1].txt C:\Documents and Settings\admin\Cookies\admin@privesexopname[1].txt C:\Documents and Settings\admin\Cookies\admin@ptrfc[1].txt C:\Documents and Settings\admin\Cookies\admin@realhomesex[1].txt C:\Documents and Settings\admin\Cookies\admin@rts.doublepimp[1].txt C:\Documents and Settings\admin\Cookies\admin@rts.lj.doublepimp[1].txt C:\Documents and Settings\admin\Cookies\admin@sexdategezocht[1].txt C:\Documents and Settings\admin\Cookies\admin@sexfilm[1].txt C:\Documents and Settings\admin\Cookies\admin@sexkanjer[1].txt C:\Documents and Settings\admin\Cookies\admin@sexprofielen[1].txt C:\Documents and Settings\admin\Cookies\admin@sexvideoshub[2].txt C:\Documents and Settings\admin\Cookies\admin@sexxxtoob[2].txt C:\Documents and Settings\admin\Cookies\admin@sexy-bitches[2].txt C:\Documents and Settings\admin\Cookies\admin@sexyclips[1].txt C:\Documents and Settings\admin\Cookies\admin@sexyclips[2].txt C:\Documents and Settings\admin\Cookies\admin@sexyfunpics[2].txt C:\Documents and Settings\admin\Cookies\admin@sexytimez[2].txt C:\Documents and Settings\admin\Cookies\admin@simpel.adservinginternational[2].txt C:\Documents and Settings\admin\Cookies\admin@sparkle.adservinginternational[1].txt C:\Documents and Settings\admin\Cookies\admin@static.freewebs.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.belgacom[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.belgacomtv[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.edgevertising[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.n3po[1].txt C:\Documents and Settings\admin\Cookies\admin@stats.n3po[3].txt C:\Documents and Settings\admin\Cookies\admin@stats.searchtrack[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.velleman[2].txt C:\Documents and Settings\admin\Cookies\admin@stats.yours[2].txt C:\Documents and Settings\admin\Cookies\admin@t4.trackalyzer[1].txt C:\Documents and Settings\admin\Cookies\admin@teensexcraze[2].txt C:\Documents and Settings\admin\Cookies\admin@thuisexperimenteren[2].txt C:\Documents and Settings\admin\Cookies\admin@topamateur****[1].txt C:\Documents and Settings\admin\Cookies\admin@track.monitis[2].txt C:\Documents and Settings\admin\Cookies\admin@trackalyzer[1].txt C:\Documents and Settings\admin\Cookies\admin@tsprotraffic[1].txt C:\Documents and Settings\admin\Cookies\admin@twofuckers[1].txt C:\Documents and Settings\admin\Cookies\admin@videos****o[1].txt C:\Documents and Settings\admin\Cookies\admin@watchgf****[1].txt C:\Documents and Settings\admin\Cookies\admin@webanalytics.crownpeak.com.re.getclicky[1].txt C:\Documents and Settings\admin\Cookies\admin@www.amateursexpert[1].txt C:\Documents and Settings\admin\Cookies\admin@www.dicksgeilesexxxpagina[2].txt C:\Documents and Settings\admin\Cookies\admin@www.fuck-tube[2].txt C:\Documents and Settings\admin\Cookies\admin@www.fuck-vids[1].txt C:\Documents and Settings\admin\Cookies\admin@www.fuckinghard[1].txt C:\Documents and Settings\admin\Cookies\admin@www.fucksexxx[1].txt C:\Documents and Settings\admin\Cookies\admin@www.gratis-****o-filmpjes[1].txt C:\Documents and Settings\admin\Cookies\admin@www.gratissexfilmpjes[2].txt C:\Documents and Settings\admin\Cookies\admin@www.gratissexfilmpjes[3].txt C:\Documents and Settings\admin\Cookies\admin@www.homesexdaily[1].txt C:\Documents and Settings\admin\Cookies\admin@www.justmakeitsexy[1].txt C:\Documents and Settings\admin\Cookies\admin@www.keiharde****o[1].txt C:\Documents and Settings\admin\Cookies\admin@www.keiharde****o[3].txt C:\Documents and Settings\admin\Cookies\admin@www.mystats[1].txt C:\Documents and Settings\admin\Cookies\admin@www.onetwo****[2].txt C:\Documents and Settings\admin\Cookies\admin@www.****-paradise[1].txt C:\Documents and Settings\admin\Cookies\admin@www.****ycom[1].txt C:\Documents and Settings\admin\Cookies\admin@www.realitykings[3].txt C:\Documents and Settings\admin\Cookies\admin@www.sexprofielen[1].txt C:\Documents and Settings\admin\Cookies\admin@www.sexvideoshub[2].txt C:\Documents and Settings\admin\Cookies\admin@www.sexyclips[2].txt C:\Documents and Settings\admin\Cookies\admin@www.sexytimez[1].txt C:\Documents and Settings\admin\Cookies\admin@www.teensexcraze[1].txt C:\Documents and Settings\admin\Cookies\admin@www.the****clips[2].txt C:\Documents and Settings\admin\Cookies\admin@www.tini****[1].txt C:\Documents and Settings\admin\Cookies\admin@www.xxxmofo[1].txt C:\Documents and Settings\admin\Cookies\admin@www.xxx****[2].txt C:\Documents and Settings\admin\Cookies\admin@xxxmofo[3].txt C:\Documents and Settings\admin\Cookies\admin@xxx****x[1].txt C:\Documents and Settings\admin\Cookies\admin@xxxprivates[1].txt C:\Documents and Settings\admin\Cookies\ALRAV6JC.txt C:\Documents and Settings\admin\Cookies\ANG4V927.txt C:\Documents and Settings\admin\Cookies\ASQ026VM.txt C:\Documents and Settings\admin\Cookies\AWP9VJSV.txt C:\Documents and Settings\admin\Cookies\AXCPWM7S.txt C:\Documents and Settings\admin\Cookies\B4L3GZBH.txt C:\Documents and Settings\admin\Cookies\B93SG5M1.txt C:\Documents and Settings\admin\Cookies\BG506ERF.txt C:\Documents and Settings\admin\Cookies\BGH9C169.txt C:\Documents and Settings\admin\Cookies\BHCSKTQ9.txt C:\Documents and Settings\admin\Cookies\BNH2CS5R.txt C:\Documents and Settings\admin\Cookies\C3S1G3JO.txt C:\Documents and Settings\admin\Cookies\C6E1Y9P7.txt C:\Documents and Settings\admin\Cookies\C8VEKI1W.txt C:\Documents and Settings\admin\Cookies\CDT2ZI6M.txt C:\Documents and Settings\admin\Cookies\CE1SS5M8.txt C:\Documents and Settings\admin\Cookies\CENFUHDB.txt C:\Documents and Settings\admin\Cookies\CH8MHPMK.txt C:\Documents and Settings\admin\Cookies\CJGEBJ1S.txt C:\Documents and Settings\admin\Cookies\CQHK3LE3.txt C:\Documents and Settings\admin\Cookies\D0VSOP6E.txt C:\Documents and Settings\admin\Cookies\D4574B6D.txt C:\Documents and Settings\admin\Cookies\D7BE316S.txt C:\Documents and Settings\admin\Cookies\D7DBBZDB.txt C:\Documents and Settings\admin\Cookies\D7GLE6VV.txt C:\Documents and Settings\admin\Cookies\DGTJAZMG.txt C:\Documents and Settings\admin\Cookies\DH89861S.txt C:\Documents and Settings\admin\Cookies\DMDH8QRL.txt C:\Documents and Settings\admin\Cookies\DOPEWJY4.txt C:\Documents and Settings\admin\Cookies\DRJ136FU.txt C:\Documents and Settings\admin\Cookies\DZV9O5K6.txt C:\Documents and Settings\admin\Cookies\E1UIGJI6.txt C:\Documents and Settings\admin\Cookies\E63Y83VH.txt C:\Documents and Settings\admin\Cookies\EB9MF6NT.txt C:\Documents and Settings\admin\Cookies\EIUABBCT.txt C:\Documents and Settings\admin\Cookies\F0WEL552.txt C:\Documents and Settings\admin\Cookies\F2D1PMIM.txt C:\Documents and Settings\admin\Cookies\FABEW3B7.txt C:\Documents and Settings\admin\Cookies\FQ5471DM.txt C:\Documents and Settings\admin\Cookies\FS0NRAOS.txt C:\Documents and Settings\admin\Cookies\FXH6TJDL.txt C:\Documents and Settings\admin\Cookies\G28KSAAY.txt C:\Documents and Settings\admin\Cookies\G2GW3VOH.txt C:\Documents and Settings\admin\Cookies\GGTMNGN0.txt C:\Documents and Settings\admin\Cookies\GOFCKGCA.txt C:\Documents and Settings\admin\Cookies\GYQKO3K6.txt C:\Documents and Settings\admin\Cookies\GZMG0BC5.txt C:\Documents and Settings\admin\Cookies\H15R3QHJ.txt C:\Documents and Settings\admin\Cookies\H1B1E1RB.txt C:\Documents and Settings\admin\Cookies\H2PDRCOB.txt C:\Documents and Settings\admin\Cookies\H8X299OL.txt C:\Documents and Settings\admin\Cookies\HBK60RPY.txt C:\Documents and Settings\admin\Cookies\HE4HR27Q.txt C:\Documents and Settings\admin\Cookies\HF5M3FQL.txt C:\Documents and Settings\admin\Cookies\HKCHQU29.txt C:\Documents and Settings\admin\Cookies\HL2C4YL7.txt C:\Documents and Settings\admin\Cookies\HV3N6N7P.txt C:\Documents and Settings\admin\Cookies\I0ADO2KO.txt C:\Documents and Settings\admin\Cookies\I97W983F.txt C:\Documents and Settings\admin\Cookies\I9JREUDA.txt C:\Documents and Settings\admin\Cookies\IC3TJE5O.txt C:\Documents and Settings\admin\Cookies\IEIYAH4B.txt C:\Documents and Settings\admin\Cookies\IMOIMCTD.txt C:\Documents and Settings\admin\Cookies\IRE3MEZS.txt C:\Documents and Settings\admin\Cookies\IX7IOR8I.txt C:\Documents and Settings\admin\Cookies\J13Y9LBI.txt C:\Documents and Settings\admin\Cookies\J22KZ5PB.txt C:\Documents and Settings\admin\Cookies\J9004GUH.txt C:\Documents and Settings\admin\Cookies\JHPA7JIR.txt C:\Documents and Settings\admin\Cookies\JIWY2TDV.txt C:\Documents and Settings\admin\Cookies\JPM1M8MH.txt C:\Documents and Settings\admin\Cookies\JSQLK705.txt C:\Documents and Settings\admin\Cookies\JT27J99Q.txt C:\Documents and Settings\admin\Cookies\JXFNH5F6.txt C:\Documents and Settings\admin\Cookies\K0TIDSD5.txt C:\Documents and Settings\admin\Cookies\KGXY57ZR.txt C:\Documents and Settings\admin\Cookies\KIGURJSS.txt C:\Documents and Settings\admin\Cookies\KM54RE9P.txt C:\Documents and Settings\admin\Cookies\KOOOAPOT.txt C:\Documents and Settings\admin\Cookies\KP31QQ1Q.txt C:\Documents and Settings\admin\Cookies\KXYNK9BY.txt C:\Documents and Settings\admin\Cookies\KYXIZB5O.txt C:\Documents and Settings\admin\Cookies\LEFW36NL.txt C:\Documents and Settings\admin\Cookies\LJAHX2W8.txt C:\Documents and Settings\admin\Cookies\LK67GXFC.txt C:\Documents and Settings\admin\Cookies\LQ2ZKONA.txt C:\Documents and Settings\admin\Cookies\LXC7164S.txt C:\Documents and Settings\admin\Cookies\MHA716L4.txt C:\Documents and Settings\admin\Cookies\MHGPNG1R.txt C:\Documents and Settings\admin\Cookies\MS7TCD1Y.txt C:\Documents and Settings\admin\Cookies\MU5RM44B.txt C:\Documents and Settings\admin\Cookies\MUDKG9AX.txt C:\Documents and Settings\admin\Cookies\MZZSJZCF.txt C:\Documents and Settings\admin\Cookies\N17J1E3U.txt C:\Documents and Settings\admin\Cookies\N2S9P93U.txt C:\Documents and Settings\admin\Cookies\N54ZJ91K.txt C:\Documents and Settings\admin\Cookies\N9YLAH7L.txt C:\Documents and Settings\admin\Cookies\NAOPMOCS.txt C:\Documents and Settings\admin\Cookies\NB78BRUN.txt C:\Documents and Settings\admin\Cookies\NDCN8SAE.txt C:\Documents and Settings\admin\Cookies\NEEC3YD5.txt C:\Documents and Settings\admin\Cookies\NHEV3L32.txt C:\Documents and Settings\admin\Cookies\NQDHQJGY.txt C:\Documents and Settings\admin\Cookies\NUSU85P6.txt C:\Documents and Settings\admin\Cookies\NVLZA1QS.txt C:\Documents and Settings\admin\Cookies\NXV0Z6X6.txt C:\Documents and Settings\admin\Cookies\NY6UBFFN.txt C:\Documents and Settings\admin\Cookies\NZJIJSOK.txt C:\Documents and Settings\admin\Cookies\NZRJ25XR.txt C:\Documents and Settings\admin\Cookies\O07P8WTM.txt C:\Documents and Settings\admin\Cookies\O11540TT.txt C:\Documents and Settings\admin\Cookies\O3PR9YNE.txt C:\Documents and Settings\admin\Cookies\O4Z3S92J.txt C:\Documents and Settings\admin\Cookies\O8ZEU0LL.txt C:\Documents and Settings\admin\Cookies\OACWCKCO.txt C:\Documents and Settings\admin\Cookies\OD4MSB9Z.txt C:\Documents and Settings\admin\Cookies\OMGTHXT4.txt C:\Documents and Settings\admin\Cookies\OO8TAIH1.txt C:\Documents and Settings\admin\Cookies\OQAAY7AZ.txt C:\Documents and Settings\admin\Cookies\OTUXEJ9K.txt C:\Documents and Settings\admin\Cookies\OU2FNY2V.txt C:\Documents and Settings\admin\Cookies\OV8AAE7Q.txt C:\Documents and Settings\admin\Cookies\OVYBI1PK.txt C:\Documents and Settings\admin\Cookies\OYBC66BO.txt C:\Documents and Settings\admin\Cookies\P72IIBIX.txt C:\Documents and Settings\admin\Cookies\PFDEBL4C.txt C:\Documents and Settings\admin\Cookies\PNYMXQWS.txt C:\Documents and Settings\admin\Cookies\PQ1KKW5S.txt C:\Documents and Settings\admin\Cookies\PSTBW6FP.txt C:\Documents and Settings\admin\Cookies\Q4VKZTRN.txt C:\Documents and Settings\admin\Cookies\QD59KWLR.txt C:\Documents and Settings\admin\Cookies\QW749JL4.txt C:\Documents and Settings\admin\Cookies\QX2OX261.txt C:\Documents and Settings\admin\Cookies\R1YNANQK.txt C:\Documents and Settings\admin\Cookies\R826OW0Z.txt C:\Documents and Settings\admin\Cookies\REDDAJ74.txt C:\Documents and Settings\admin\Cookies\RKB81BF7.txt C:\Documents and Settings\admin\Cookies\RU5FKP27.txt C:\Documents and Settings\admin\Cookies\RZ32GSZI.txt C:\Documents and Settings\admin\Cookies\S7F7NSWN.txt C:\Documents and Settings\admin\Cookies\SCXO5H1D.txt C:\Documents and Settings\admin\Cookies\SFTOOVX7.txt C:\Documents and Settings\admin\Cookies\SMLX4NKC.txt C:\Documents and Settings\admin\Cookies\SSRZRMRY.txt C:\Documents and Settings\admin\Cookies\T21MPCJT.txt C:\Documents and Settings\admin\Cookies\T2U71KAG.txt C:\Documents and Settings\admin\Cookies\T4ZKVCSF.txt C:\Documents and Settings\admin\Cookies\TGPLLALP.txt C:\Documents and Settings\admin\Cookies\TUARRBX8.txt C:\Documents and Settings\admin\Cookies\U3ZA49RL.txt C:\Documents and Settings\admin\Cookies\U4SMRJPG.txt C:\Documents and Settings\admin\Cookies\U5VODR8M.txt C:\Documents and Settings\admin\Cookies\UD5OT3F1.txt C:\Documents and Settings\admin\Cookies\UEM6UCQY.txt C:\Documents and Settings\admin\Cookies\UGPM8J17.txt C:\Documents and Settings\admin\Cookies\UGZC6570.txt C:\Documents and Settings\admin\Cookies\UN4HE5WO.txt C:\Documents and Settings\admin\Cookies\UVID54MN.txt C:\Documents and Settings\admin\Cookies\UWEEHDGL.txt C:\Documents and Settings\admin\Cookies\UZ5058I5.txt C:\Documents and Settings\admin\Cookies\UZIGPRTI.txt C:\Documents and Settings\admin\Cookies\UZOSWSLZ.txt C:\Documents and Settings\admin\Cookies\V3JLW0IS.txt C:\Documents and Settings\admin\Cookies\V5KZ5USI.txt C:\Documents and Settings\admin\Cookies\V6QW35HB.txt C:\Documents and Settings\admin\Cookies\V7EN0ZT3.txt C:\Documents and Settings\admin\Cookies\VI0G5PRL.txt C:\Documents and Settings\admin\Cookies\VI8UTUEP.txt C:\Documents and Settings\admin\Cookies\WCGC26TR.txt C:\Documents and Settings\admin\Cookies\WG0HCKX1.txt C:\Documents and Settings\admin\Cookies\WJKMUH1W.txt C:\Documents and Settings\admin\Cookies\WSUVKYPQ.txt C:\Documents and Settings\admin\Cookies\WT8LQMC7.txt C:\Documents and Settings\admin\Cookies\X181HP80.txt C:\Documents and Settings\admin\Cookies\X2BZXTW5.txt C:\Documents and Settings\admin\Cookies\X6EAU0OR.txt C:\Documents and Settings\admin\Cookies\X6OJG04H.txt C:\Documents and Settings\admin\Cookies\XC0SOSUD.txt C:\Documents and Settings\admin\Cookies\XC1NNCGD.txt C:\Documents and Settings\admin\Cookies\XC48G65B.txt C:\Documents and Settings\admin\Cookies\XD5WQZ1Q.txt C:\Documents and Settings\admin\Cookies\XYUF30Z1.txt C:\Documents and Settings\admin\Cookies\YCURW1WG.txt C:\Documents and Settings\admin\Cookies\YFWM2RQV.txt C:\Documents and Settings\admin\Cookies\YICAPPMA.txt C:\Documents and Settings\admin\Cookies\YTWDLJ5W.txt C:\Documents and Settings\admin\Cookies\YWGY6G1K.txt C:\Documents and Settings\admin\Cookies\YWSC9UQH.txt C:\Documents and Settings\admin\Cookies\Z3DTRECR.txt C:\Documents and Settings\admin\Cookies\Z8KA1DJN.txt C:\Documents and Settings\admin\Cookies\ZC705S2K.txt C:\Documents and Settings\admin\Cookies\ZD439BWK.txt C:\Documents and Settings\admin\Cookies\ZDQ9NQNJ.txt C:\Documents and Settings\admin\Cookies\ZE2ML63O.txt C:\Documents and Settings\admin\Cookies\ZH261RSS.txt C:\Documents and Settings\admin\Cookies\ZPD4OYAX.txt -
OTL Extras logfile created on: 29/01/2013 22:48:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy
1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free
2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS
Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32
Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS
Computer Name: PRELOAD | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Nero Software AG)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch-software
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{13356EC0-FF25-44e8-ADD8-6316F1242834}" = CameraDrivers
"{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22
"{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print
"{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1
"{3BA4A5B0-09B7-4baf-977D-9883A6D00A7F}" = CameraUserGuides
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{91EBCCB9-A539-4306-AC5A-F372E0D6092B}" = OpenOffice.org 3.3
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1043-7B44-A71000000002}" = Adobe Reader 7.1.0 - Nederlands
"{AE8BF750-EC1C-45d0-94F1-57895DADDEAC}" = HP Photosmart-camera's 6.0
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML
"{FD04987D-96A6-4FE1-813B-82B77B8B809C}" = EPSON PRINT Image Framer Tool
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe ActiveShare" = Adobe ActiveShare 1.3
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BlockCAD3.19_is1" = BlockCAD 3.19
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"EDUROM Tafeltrainer" = EDUROM Tafeltrainer
"EPSON Printer and Utilities" = EPSON-printersoftware
"ESPR340 Gebruikershandleiding" = ESPR340 Gebruikershandleiding
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0
"HTRDIKey" = Huggly's Schildpadden Speurtocht
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Ik zie Fantasie" = Ik zie Fantasie
"Ik zie, ik zie in het spookhuis" = Ik zie, ik zie in het spookhuis
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"Junior Interactif" = Junior Interactif
"Lucky luke - De zingende draad-Dutch" = Lucky luke - De zingende draad
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MuseScore" = MuseScore 1.0 MuseScore score typesetter
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Overhoor_is1" = Overhoor voor Windows 4.5.1
"Partituur Expert" = Partituur Expert 2005
"PrintMaster 7.00" = PrintMaster 7.00
"QSuite_is1" = QSuite Ver2.1
"QuickTime" = QuickTime
"Recuva" = Recuva
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"SlowView" = SlowView
"SpellenSpektakel" = Disney’s SpellenSpektakel
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Teach2000.7 XP - The Troolean Edition_is1" = Teach2000 8.42
"TimeCalendar_is1" = TimeCalendar 1.6.7
"Trellix2DeinstKey9" = Trellix Web
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1" = Albelli.be Fotoboeken
"Dropbox" = Dropbox
"FREEDOM SceneView" = FREEDOM SceneView
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17/01/2013 19:07:49 | Computer Name = PRELOAD | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 19/01/2013 14:09:05 | Computer Name = PRELOAD | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 19/01/2013 17:26:06 | Computer Name = PRELOAD | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:35:25 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:36:01 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:36:04 | Computer Name = PRELOAD | Source = Application Hang | ID = 1001
Description = Fout-bucket 02337167.
Error - 26/01/2013 7:41:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:41:58 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:42:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 29/01/2013 17:37:02 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
[ System Events ]
Error - 28/01/2013 15:54:46 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7023
Description = De Application Management-service is gestopt met de volgende foutcode:
%%126.
Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende
fout niet worden gestart: %%3
Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart:
%%2
Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd
Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende
fout niet worden gestart: %%3
Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart:
%%2
Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd
Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende
fout niet worden gestart: %%3
Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart:
%%2
Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd
< End of report >
-
OTL logfile created on: 29/01/2013 22:48:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy
1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free
2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS
Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32
Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS
Computer Name: PRELOAD | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\admin\Bureaublad\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.)
PRC - C:\Program Files\TimeCalendar\TC.exe (RScience)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
MOD - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
MOD - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
MOD - C:\WINDOWS\system32\ssp2ml3.dll ()
========== Services (SafeList) ==========
SRV - (Planner voor Automatische LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SBAMSvc) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe (Symantec Corporation)
SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (Start BT in service) -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVENG.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys (Symantec Corporation)
DRV - (gfibto) -- C:\WINDOWS\system32\drivers\gfibto.sys (GFI Software)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130126.002\IDSXpx86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtspx.sys (Symantec Corporation)
DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccsetx86.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symtdi.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ironx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys (Symantec Corporation)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Belgian Athletics - Calendar - Results - Rankings - Athletes
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{3A4F4D88-B593-47C7-89B2-4AD73260F074}: "URL" = {searchTerms} - Bing
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/10/03 22:28:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/01/29 07:33:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\VideoBar@meep.com: C:\Program Files\Meep\FF\
[2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions
[2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2013/01/24 20:50:56 | 000,582,262 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[iPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 csh.actiondesk.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 15666 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [TimeCalendar] C:\Program Files\TimeCalendar\TC.exe (RScience)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30F776CA-CAB3-4AE9-8448-D3C936EA91BC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/29 16:02:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell - "" = AutoRun
O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell - "" = AutoRun
O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell\AutoRun\command - "" = I:\DPFMate.exe
O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell - "" = AutoRun
O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/01/29 22:46:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe
[2013/01/26 14:06:04 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe
[2013/01/26 13:11:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/24 20:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\host
[2013/01/23 21:30:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programma's\HiJackThis
[2013/01/13 22:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
[2013/01/13 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\LavasoftStatistics
[2013/01/13 22:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Ad-Aware Antivirus
[2013/01/13 22:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/01/13 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations
[2013/01/13 22:16:58 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/01/13 22:16:58 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/01/13 22:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp
[2013/01/13 22:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2013/01/13 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013/01/07 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics
[2013/01/07 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Windows PowerShell 1.0
[2013/01/07 14:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/01/07 12:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/01/07 12:46:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013/01/07 12:44:57 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013/01/07 12:44:57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013/01/07 12:44:57 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013/01/07 12:44:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/01/29 22:50:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/29 22:46:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe
[2013/01/29 22:01:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/29 19:01:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/29 07:34:52 | 000,012,710 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/29 07:34:14 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk
[2013/01/29 07:33:23 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\UQNAEBM.job
[2013/01/29 07:33:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/26 17:01:55 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk
[2013/01/26 17:01:24 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Dropbox.lnk
[2013/01/26 14:06:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe
[2013/01/25 01:36:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/01/24 20:50:56 | 000,582,262 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2013/01/24 20:27:08 | 000,024,666 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt
[2013/01/23 21:10:16 | 001,249,549 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe
[2013/01/23 09:53:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/01/21 23:35:37 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe
[2013/01/21 20:47:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk
[2013/01/21 20:30:39 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk
[2013/01/20 13:07:56 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi
[2013/01/20 12:00:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/01/18 19:21:34 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\spider.sav
[2013/01/15 03:18:31 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/01/13 22:16:55 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/01/13 22:16:55 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/01/13 10:52:58 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/01/10 02:35:34 | 000,509,332 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2013/01/10 02:35:34 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/10 02:35:34 | 000,091,008 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2013/01/10 02:35:34 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/10 02:27:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/09 09:55:12 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/01/09 09:55:12 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/01/09 00:06:43 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url
[2013/01/08 20:52:33 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/01/08 20:52:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/01/07 13:03:00 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/06 06:33:58 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2012/12/31 13:33:22 | 000,009,160 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/01/23 21:10:10 | 001,249,549 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe
[2013/01/23 16:12:05 | 000,024,666 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt
[2013/01/21 23:35:33 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe
[2013/01/21 20:30:39 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk
[2013/01/20 13:07:46 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi
[2013/01/15 03:18:31 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/01/13 22:49:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/01/13 22:21:49 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk
[2013/01/09 00:06:43 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url
[2012/12/31 13:33:20 | 000,009,160 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt
[2012/11/17 21:59:42 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\Lffpx73.dll
[2012/09/17 21:07:07 | 000,028,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/08/17 16:40:41 | 000,000,375 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2012/06/10 20:29:08 | 000,000,996 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/05/09 18:40:02 | 000,000,076 | ---- | C] () -- C:\WINDOWS\rack32a.ini
[2012/02/16 08:23:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/05 16:01:22 | 021,073,936 | ---- | C] () -- C:\Program Files\vlc-1.1.11-win32.exe
[2011/09/26 17:48:39 | 000,000,354 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2011/07/20 08:12:58 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/20 08:12:58 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/03/30 13:26:37 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\admin\jagex_runescape_preferences.dat
[2007/09/26 19:57:59 | 000,009,773 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2007/03/01 21:22:15 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/08 19:59:39 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat
[2006/09/27 19:23:02 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\admin\default.pls
========== ZeroAccess Check ==========
[2006/10/08 19:36:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:02:39 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:02:44 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
- - - Updated - - -
OTL logfile created on: 29/01/2013 22:48:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy
1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free
2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS
Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32
Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS
Computer Name: PRELOAD | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\admin\Bureaublad\OTL.exe (OldTimer Tools)
PRC - C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.)
PRC - C:\Program Files\TimeCalendar\TC.exe (RScience)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
MOD - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
MOD - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
MOD - C:\WINDOWS\system32\ssp2ml3.dll ()
========== Services (SafeList) ==========
SRV - (Planner voor Automatische LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SBAMSvc) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe (Symantec Corporation)
SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (Start BT in service) -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SSPORT) -- C:\WINDOWS\system32\Drivers\SSPORT.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130129.005\NAVENG.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys (Symantec Corporation)
DRV - (gfibto) -- C:\WINDOWS\system32\drivers\gfibto.sys (GFI Software)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130126.002\IDSXpx86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtspx.sys (Symantec Corporation)
DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccsetx86.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symtdi.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ironx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys (Symantec Corporation)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech, Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atletiekinfo.be/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{3A4F4D88-B593-47C7-89B2-4AD73260F074}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/10/03 22:28:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/01/29 07:33:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\VideoBar@meep.com: C:\Program Files\Meep\FF\
[2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions
[2009/02/27 18:48:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2013/01/24 20:50:56 | 000,582,262 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[iPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 csh.actiondesk.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 15666 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe (Logitech Inc.)
O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [TimeCalendar] C:\Program Files\TimeCalendar\TC.exe (RScience)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30F776CA-CAB3-4AE9-8448-D3C936EA91BC}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/29 16:02:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{163a1cf4-3840-11db-8e19-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5be98842-377e-11db-b875-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell - "" = AutoRun
O33 - MountPoints2\{681cb974-5949-11e0-86b9-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell - "" = AutoRun
O33 - MountPoints2\{7df0f3a4-144e-11e0-8657-00138fd0e061}\Shell\AutoRun\command - "" = I:\DPFMate.exe
O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{b390ef9a-383c-11db-8bf2-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell - "" = AutoRun
O33 - MountPoints2\{e949606e-0138-11dc-bf20-00138fd0e061}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/01/29 22:46:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe
[2013/01/26 14:06:04 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe
[2013/01/26 13:11:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/24 20:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\host
[2013/01/23 21:30:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/01/20 13:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Menu Start\Programma's\HiJackThis
[2013/01/13 22:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
[2013/01/13 22:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\LavasoftStatistics
[2013/01/13 22:21:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Ad-Aware Antivirus
[2013/01/13 22:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/01/13 22:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations
[2013/01/13 22:16:58 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/01/13 22:16:58 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/01/13 22:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp
[2013/01/13 22:13:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2013/01/13 22:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013/01/07 15:08:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics
[2013/01/07 14:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Windows PowerShell 1.0
[2013/01/07 14:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013/01/07 12:46:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/01/07 12:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/01/07 12:46:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/01/07 12:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013/01/07 12:44:57 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013/01/07 12:44:57 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013/01/07 12:44:57 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013/01/07 12:44:57 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013/01/07 12:44:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/01/29 22:50:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/29 22:46:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Bureaublad\OTL.exe
[2013/01/29 22:01:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/29 19:01:00 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/29 07:34:52 | 000,012,710 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/29 07:34:14 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk
[2013/01/29 07:33:23 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\UQNAEBM.job
[2013/01/29 07:33:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/26 17:01:55 | 000,001,024 | ---- | M] () -- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk
[2013/01/26 17:01:24 | 000,001,008 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Dropbox.lnk
[2013/01/26 14:06:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\admin\Bureaublad\tdsskiller.exe
[2013/01/25 01:36:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/01/24 20:50:56 | 000,582,262 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2013/01/24 20:27:08 | 000,024,666 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt
[2013/01/23 21:10:16 | 001,249,549 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe
[2013/01/23 09:53:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2013/01/21 23:35:37 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe
[2013/01/21 20:47:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk
[2013/01/21 20:30:39 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk
[2013/01/20 13:07:56 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi
[2013/01/20 12:00:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/01/18 19:21:34 | 000,000,452 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\spider.sav
[2013/01/15 03:18:31 | 000,001,190 | ---- | M] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/01/13 22:16:55 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/01/13 22:16:55 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/01/13 10:52:58 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/01/10 02:35:34 | 000,509,332 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2013/01/10 02:35:34 | 000,441,546 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/10 02:35:34 | 000,091,008 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2013/01/10 02:35:34 | 000,071,482 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/10 02:27:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/09 09:55:12 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/01/09 09:55:12 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/01/09 00:06:43 | 000,000,049 | ---- | M] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url
[2013/01/08 20:52:33 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/01/08 20:52:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/01/07 13:03:00 | 000,154,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/06 06:33:58 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2012/12/31 13:33:22 | 000,009,160 | ---- | M] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt
[28 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/01/23 21:10:10 | 001,249,549 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\zoek.exe
[2013/01/23 16:12:05 | 000,024,666 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\Speken-Krantenartikel voorstellen.odt
[2013/01/21 23:35:33 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe
[2013/01/21 20:30:39 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\Snelkoppeling naar HiJackThis.exe.lnk
[2013/01/20 13:07:46 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\HiJackThis.msi
[2013/01/15 03:18:31 | 000,001,190 | ---- | C] () -- C:\WINDOWS\System32\ServiceConfig.xml
[2013/01/13 22:49:46 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/01/13 22:21:49 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Ad-Aware Antivirus.lnk
[2013/01/09 00:06:43 | 000,000,049 | ---- | C] () -- C:\Documents and Settings\admin\Bureaublad\AnviSoft.url
[2012/12/31 13:33:20 | 000,009,160 | ---- | C] () -- C:\Documents and Settings\admin\Mijn documenten\nieuwjaarsbrief Stef 2013.odt
[2012/11/17 21:59:42 | 000,102,400 | RHS- | C] () -- C:\WINDOWS\System32\Lffpx73.dll
[2012/09/17 21:07:07 | 000,028,140 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/08/17 16:40:41 | 000,000,375 | ---- | C] () -- C:\WINDOWS\Disney.ini
[2012/06/10 20:29:08 | 000,000,996 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/05/09 18:40:02 | 000,000,076 | ---- | C] () -- C:\WINDOWS\rack32a.ini
[2012/02/16 08:23:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/05 16:01:22 | 021,073,936 | ---- | C] () -- C:\Program Files\vlc-1.1.11-win32.exe
[2011/09/26 17:48:39 | 000,000,354 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2011/07/20 08:12:58 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/20 08:12:58 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/03/30 13:26:37 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\admin\jagex_runescape_preferences.dat
[2007/09/26 19:57:59 | 000,009,773 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2007/03/01 21:22:15 | 000,076,288 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/08 19:59:39 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat
[2006/09/27 19:23:02 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\admin\default.pls
========== ZeroAccess Check ==========
[2006/10/08 19:36:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 18:02:39 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 18:02:44 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
< End of report >
- - - Updated - - -
OTL Extras logfile created on: 29/01/2013 22:48:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy
1015,23 Mb Total Physical Memory | 380,89 Mb Available Physical Memory | 37,52% Memory free
2,39 Gb Paging File | 1,69 Gb Available in Paging File | 70,92% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 195,31 Gb Total Space | 128,16 Gb Free Space | 65,62% Space Free | Partition Type: NTFS
Drive D: | 38,44 Gb Total Space | 35,29 Gb Free Space | 91,82% Space Free | Partition Type: FAT32
Drive H: | 372,61 Gb Total Space | 276,93 Gb Free Space | 74,32% Space Free | Partition Type: NTFS
Computer Name: PRELOAD | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:TCP" = 1900:TCP:LocalSubNet:Enabled:UDP 1900
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe" = C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime -- (Nero Software AG)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch-software
"{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}" = TrayApp
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{13356EC0-FF25-44e8-ADD8-6316F1242834}" = CameraDrivers
"{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack
"{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}" = REALTEK PCIE NIC Driver
"{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{1E1F1E70-14D8-4380-8652-BD1A895A7D65}" = Status
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java 6 Update 22
"{27F650A9-6FAB-41C8-8621-92FF0118B0C4}" = EPSON Easy Photo Print
"{2819e172-81d5-4113-88bd-4605b02344e0}" = Ad-Aware Antivirus
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{37C39957-B0B3-40DC-8BA4-2363241159ED}" = LightScribe 1.4.44.1
"{3BA4A5B0-09B7-4baf-977D-9883A6D00A7F}" = CameraUserGuides
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}" = SolutionCenter
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{91EBCCB9-A539-4306-AC5A-F372E0D6092B}" = OpenOffice.org 3.3
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}" = IKEA Home Planner
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1043-7B44-A71000000002}" = Adobe Reader 7.1.0 - Nederlands
"{AE8BF750-EC1C-45d0-94F1-57895DADDEAC}" = HP Photosmart-camera's 6.0
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DA1CD94B-826A-4bba-AC46-EF352F47BC81}" = InstantShareDevices
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DEBB2986-15B0-4D28-95FA-5C966A396589}" = HPProductAssistant
"{E5A1DE9A-A21C-43A1-B06D-5146BAF62033}" = PanoStandAlone
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EC2715CE-C182-483C-84CC-81D7D914CF14}" = WebReg
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML
"{FD04987D-96A6-4FE1-813B-82B77B8B809C}" = EPSON PRINT Image Framer Tool
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe ActiveShare" = Adobe ActiveShare 1.3
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BlockCAD3.19_is1" = BlockCAD 3.19
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"EDUROM Tafeltrainer" = EDUROM Tafeltrainer
"EPSON Printer and Utilities" = EPSON-printersoftware
"ESPR340 Gebruikershandleiding" = ESPR340 Gebruikershandleiding
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP Solution Center & Imaging Support Tools" = HP Solution Center and Imaging Support Tools 6.0
"HTRDIKey" = Huggly's Schildpadden Speurtocht
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Ik zie Fantasie" = Ik zie Fantasie
"Ik zie, ik zie in het spookhuis" = Ik zie, ik zie in het spookhuis
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"Junior Interactif" = Junior Interactif
"Lucky luke - De zingende draad-Dutch" = Lucky luke - De zingende draad
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MuseScore" = MuseScore 1.0 MuseScore score typesetter
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Overhoor_is1" = Overhoor voor Windows 4.5.1
"Partituur Expert" = Partituur Expert 2005
"PrintMaster 7.00" = PrintMaster 7.00
"QSuite_is1" = QSuite Ver2.1
"QuickTime" = QuickTime
"Recuva" = Recuva
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"SlowView" = SlowView
"SpellenSpektakel" = Disney’s SpellenSpektakel
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Teach2000.7 XP - The Troolean Edition_is1" = Teach2000 8.42
"TimeCalendar_is1" = TimeCalendar 1.6.7
"Trellix2DeinstKey9" = Trellix Web
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1" = Albelli.be Fotoboeken
"Dropbox" = Dropbox
"FREEDOM SceneView" = FREEDOM SceneView
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17/01/2013 19:07:49 | Computer Name = PRELOAD | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 19/01/2013 14:09:05 | Computer Name = PRELOAD | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 19/01/2013 17:26:06 | Computer Name = PRELOAD | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: unknown, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:35:25 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:36:01 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:36:04 | Computer Name = PRELOAD | Source = Application Hang | ID = 1001
Description = Fout-bucket 02337167.
Error - 26/01/2013 7:41:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:41:58 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 26/01/2013 7:42:39 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: PMW.EXE, versie: 0.0.0.0, vastgelopen module:
hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
Error - 29/01/2013 17:37:02 | Computer Name = PRELOAD | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.
[ System Events ]
Error - 28/01/2013 15:54:46 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7023
Description = De Application Management-service is gestopt met de volgende foutcode:
%%126.
Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende
fout niet worden gestart: %%3
Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart:
%%2
Error - 28/01/2013 16:01:20 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd
Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende
fout niet worden gestart: %%3
Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart:
%%2
Error - 29/01/2013 2:31:02 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd
Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De Planner voor Automatische LiveUpdate-service kan vanwege de volgende
fout niet worden gestart: %%3
Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7000
Description = De SSPORT-service kan vanwege de volgende fout niet worden gestart:
%%2
Error - 29/01/2013 2:34:44 | Computer Name = PRELOAD | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: Lbd
< End of report >
-
Alles verwijdert alsook zylom en 3d collapse.
Terug opgestart maar het probleem blijft.
-
Alle zoekopdrachten worden nog algeleid naar de site van de zoekmachine zelf. Zowel google als bing.
Een lege pagina is het resultaat
-
15:24:25.0203 0912 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:24:26.0156 0912 ============================================================
15:24:26.0156 0912 Current date / time: 2013/01/26 15:24:26.0156
15:24:26.0156 0912 SystemInfo:
15:24:26.0156 0912
15:24:26.0156 0912 OS Version: 5.1.2600 ServicePack: 3.0
15:24:26.0156 0912 Product type: Workstation
15:24:26.0156 0912 ComputerName: PRELOAD
15:24:26.0156 0912 UserName: admin
15:24:26.0156 0912 Windows directory: C:\WINDOWS
15:24:26.0156 0912 System windows directory: C:\WINDOWS
15:24:26.0156 0912 Processor architecture: Intel x86
15:24:26.0156 0912 Number of processors: 2
15:24:26.0156 0912 Page size: 0x1000
15:24:26.0156 0912 Boot type: Normal boot
15:24:26.0156 0912 ============================================================
15:24:29.0421 0912 Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:24:29.0500 0912 Drive \Device\Harddisk1\DR3 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:24:29.0500 0912 ============================================================
15:24:29.0500 0912 \Device\Harddisk0\DR0:
15:24:29.0546 0912 MBR partitions:
15:24:29.0546 0912 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
15:24:29.0562 0912 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x1869E5D7, BlocksNum 0x4CE519C
15:24:29.0562 0912 \Device\Harddisk1\DR3:
15:24:29.0562 0912 MBR partitions:
15:24:29.0562 0912 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E938000
15:24:29.0562 0912 ============================================================
15:24:29.0656 0912 C: <-> \Device\Harddisk0\DR0\Partition1
15:24:29.0656 0912 D: <-> \Device\Harddisk0\DR0\Partition2
15:24:30.0218 0912 H: <-> \Device\Harddisk1\DR3\Partition1
15:24:30.0250 0912 ============================================================
15:24:30.0250 0912 Initialize success
15:24:30.0250 0912 ============================================================
15:25:32.0328 0624 ============================================================
15:25:32.0328 0624 Scan started
15:25:32.0328 0624 Mode: Manual; SigCheck; TDLFS;
15:25:32.0328 0624 ============================================================
15:25:36.0562 0624 ================ Scan services =============================
15:25:36.0687 0624 Abiosdsk - ok
15:25:36.0703 0624 abp480n5 - ok
15:25:36.0750 0624 [ 02273A448BA21A7D447DAEB47810D40C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:25:40.0296 0624 ACPI - ok
15:25:40.0343 0624 [ 63F517B1A87DABF3F5ACB8A7952FC1D1 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:25:40.0500 0624 ACPIEC - ok
15:25:40.0656 0624 [ A09A61CFDE15E5A67701EA812CE3F43F ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
15:25:40.0750 0624 Ad-Aware Service - ok
15:25:40.0859 0624 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:25:40.0921 0624 AdobeFlashPlayerUpdateSvc - ok
15:25:40.0937 0624 adpu160m - ok
15:25:40.0968 0624 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:25:41.0109 0624 aec - ok
15:25:41.0140 0624 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:25:41.0234 0624 AFD - ok
15:25:41.0250 0624 Aha154x - ok
15:25:41.0250 0624 aic78u2 - ok
15:25:41.0265 0624 aic78xx - ok
15:25:41.0296 0624 [ 8BED67D13DCB55B3E9FF6DAC4C6D3B49 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:25:41.0453 0624 Alerter - ok
15:25:41.0468 0624 [ DAB2A89FDE5CF791161200D90C1BCB12 ] ALG C:\WINDOWS\System32\alg.exe
15:25:41.0593 0624 ALG - ok
15:25:41.0609 0624 AliIde - ok
15:25:41.0609 0624 amsint - ok
15:25:41.0718 0624 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:25:41.0734 0624 Apple Mobile Device - ok
15:25:41.0734 0624 AppMgmt - ok
15:25:41.0750 0624 asc - ok
15:25:41.0750 0624 asc3350p - ok
15:25:41.0765 0624 asc3550 - ok
15:25:41.0890 0624 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:25:41.0937 0624 aspnet_state - ok
15:25:41.0984 0624 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:25:42.0109 0624 AsyncMac - ok
15:25:42.0156 0624 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:25:42.0406 0624 atapi - ok
15:25:42.0406 0624 Atdisk - ok
15:25:42.0453 0624 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:25:42.0609 0624 Atmarpc - ok
15:25:42.0781 0624 [ F10745ED3195360E69AA4A6E7768C0E0 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:25:42.0921 0624 AudioSrv - ok
15:25:43.0031 0624 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:25:43.0218 0624 audstub - ok
15:25:43.0265 0624 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:25:43.0421 0624 Beep - ok
15:25:43.0453 0624 [ 71489FA2C4A238F178E30AE6E4449013 ] bgsvcgen C:\WINDOWS\system32\bgsvcgen.exe
15:25:43.0484 0624 bgsvcgen ( UnsignedFile.Multi.Generic ) - warning
15:25:43.0484 0624 bgsvcgen - detected UnsignedFile.Multi.Generic (1)
15:25:43.0671 0624 [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130116.013\BHDrvx86.sys
15:25:43.0781 0624 BHDrvx86 - ok
15:25:43.0828 0624 [ 5C0073A51C4873430FA8B262E92183FF ] BITS C:\WINDOWS\system32\qmgr.dll
15:25:44.0218 0624 BITS - ok
15:25:44.0250 0624 [ 5FF9A3F3476D726AE62DA82D5DA94C36 ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
15:25:44.0281 0624 BlueletAudio - ok
15:25:44.0312 0624 [ BD91AFC523FD59F881E1763C38FB772F ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
15:25:44.0343 0624 BlueletSCOAudio - ok
15:25:44.0421 0624 [ E460DBC78B9162A569C6CE3B7D31216D ] BlueSoleil Hid Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
15:25:44.0437 0624 BlueSoleil Hid Service - ok
15:25:44.0484 0624 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:25:44.0515 0624 Bonjour Service - ok
15:25:44.0578 0624 [ 139102D1865D3C1F152A25ABD16242DB ] Browser C:\WINDOWS\System32\browser.dll
15:25:44.0703 0624 Browser - ok
15:25:44.0734 0624 [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
15:25:44.0750 0624 BT - ok
15:25:44.0796 0624 [ FB2ABC6D08D9F8D5ED8E02CBD18B39BB ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys
15:25:44.0812 0624 Btcsrusb - ok
15:25:44.0843 0624 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
15:25:45.0156 0624 BthEnum - ok
15:25:45.0187 0624 [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum C:\WINDOWS\system32\Drivers\vbtenum.sys
15:25:45.0234 0624 BTHidEnum - ok
15:25:45.0234 0624 [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr C:\WINDOWS\system32\Drivers\BTHidMgr.sys
15:25:45.0250 0624 BTHidMgr - ok
15:25:45.0265 0624 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
15:25:45.0406 0624 BTHMODEM - ok
15:25:45.0406 0624 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:25:45.0578 0624 BthPan - ok
15:25:45.0609 0624 [ 29FF6A865782D0F5B8E7FA1FFAB4182B ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
15:25:45.0703 0624 BTHPORT - ok
15:25:45.0750 0624 [ 530494EF38B7EEA798FAC9B87ECD5284 ] BthServ C:\WINDOWS\System32\bthserv.dll
15:25:45.0906 0624 BthServ - ok
15:25:45.0937 0624 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
15:25:46.0093 0624 BTHUSB - ok
15:25:46.0109 0624 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:25:46.0296 0624 cbidf2k - ok
15:25:46.0375 0624 [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1309000.009\ccSetx86.sys
15:25:46.0406 0624 ccSet_NIS - ok
15:25:46.0421 0624 cd20xrnt - ok
15:25:46.0437 0624 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:25:46.0578 0624 Cdaudio - ok
15:25:46.0593 0624 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:25:46.0718 0624 Cdfs - ok
15:25:46.0750 0624 [ 248349293CA42EE5DB61DC1FD85A2F49 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
15:25:46.0765 0624 cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
15:25:46.0765 0624 cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
15:25:46.0781 0624 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:25:46.0921 0624 Cdrom - ok
15:25:46.0921 0624 Changer - ok
15:25:46.0984 0624 [ BD85400700B80FBE3D4A3412BCE74861 ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:25:47.0109 0624 CiSvc - ok
15:25:47.0140 0624 [ 4FB6108130829666C8FE96B442FEAD94 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:25:47.0484 0624 ClipSrv - ok
15:25:47.0515 0624 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:25:47.0562 0624 clr_optimization_v2.0.50727_32 - ok
15:25:47.0562 0624 CmdIde - ok
15:25:47.0578 0624 COMSysApp - ok
15:25:47.0593 0624 Cpqarray - ok
15:25:47.0609 0624 [ 0A9CF5D3CF63A8699F28C814EF821C7E ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:25:47.0765 0624 CryptSvc - ok
15:25:47.0781 0624 dac2w2k - ok
15:25:47.0781 0624 dac960nt - ok
15:25:47.0828 0624 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:25:48.0125 0624 DcomLaunch - ok
15:25:48.0203 0624 [ 770471DE2550820FEEB7E5D24BF2E273 ] DgiVecp C:\WINDOWS\system32\Drivers\DgiVecp.sys
15:25:48.0234 0624 DgiVecp ( UnsignedFile.Multi.Generic ) - warning
15:25:48.0234 0624 DgiVecp - detected UnsignedFile.Multi.Generic (1)
15:25:48.0281 0624 [ 146AB038F5DBB366122D28444999AB2C ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:25:48.0421 0624 Dhcp - ok
15:25:48.0437 0624 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:25:48.0578 0624 Disk - ok
15:25:48.0593 0624 dmadmin - ok
15:25:48.0671 0624 [ DEC123E0C75971D0CC7A6C6A75E28429 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:25:48.0859 0624 dmboot - ok
15:25:48.0859 0624 [ 7268E66259722F6228C730685B201092 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:25:49.0031 0624 dmio - ok
15:25:49.0062 0624 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:25:49.0187 0624 dmload - ok
15:25:49.0218 0624 [ 127DB74184E2D3D31655DA525A5EFDE1 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:25:49.0359 0624 dmserver - ok
15:25:49.0390 0624 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:25:49.0515 0624 DMusic - ok
15:25:49.0546 0624 [ DE6CDB6CBC5C27B9085CFA6DFE8E5025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:25:49.0734 0624 Dnscache - ok
15:25:49.0781 0624 [ 90EE765E1A598B578852901F74F914F1 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:25:50.0078 0624 Dot3svc - ok
15:25:50.0093 0624 dpti2o - ok
15:25:50.0125 0624 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:25:50.0312 0624 drmkaud - ok
15:25:50.0375 0624 [ E6BBDEBF7081899D161C773E8D84D015 ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:25:50.0531 0624 EapHost - ok
15:25:50.0625 0624 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:25:50.0687 0624 eeCtrl - ok
15:25:50.0750 0624 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:25:50.0781 0624 EraserUtilRebootDrv - ok
15:25:50.0812 0624 [ 2F5C7F650B7AF178988946EE4B0D9C01 ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:25:50.0953 0624 ERSvc - ok
15:25:51.0015 0624 [ 657B69389B893F440B07590C9E963F23 ] Eventlog C:\WINDOWS\system32\services.exe
15:25:51.0046 0624 Eventlog - ok
15:25:51.0078 0624 [ 97912DC0679D2DA60CCE589BBC196D72 ] EventSystem C:\WINDOWS\system32\es.dll
15:25:51.0140 0624 EventSystem - ok
15:25:51.0171 0624 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:25:51.0312 0624 Fastfat - ok
15:25:51.0359 0624 [ 2D5D4156292150FE571872C1B88E9299 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:25:51.0468 0624 FastUserSwitchingCompatibility - ok
15:25:51.0515 0624 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:25:51.0625 0624 Fdc - ok
15:25:51.0671 0624 [ 8BFFFB5AC954E19DFDB96D56512AA518 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:25:51.0781 0624 Fips - ok
15:25:51.0796 0624 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:25:51.0921 0624 Flpydisk - ok
15:25:52.0015 0624 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:25:52.0187 0624 FltMgr - ok
15:25:52.0281 0624 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:25:52.0359 0624 FontCache3.0.0.0 - ok
15:25:52.0359 0624 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:25:52.0515 0624 Fs_Rec - ok
15:25:52.0531 0624 [ FA8CA22E70245C81FF29C36AF56292FC ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:25:52.0671 0624 Ftdisk - ok
15:25:52.0718 0624 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:25:52.0734 0624 GEARAspiWDM - ok
15:25:52.0765 0624 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\WINDOWS\system32\drivers\gfibto.sys
15:25:52.0796 0624 gfibto - ok
15:25:52.0843 0624 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:25:52.0984 0624 Gpc - ok
15:25:53.0062 0624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:25:53.0093 0624 gupdate - ok
15:25:53.0109 0624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:25:53.0125 0624 gupdatem - ok
15:25:53.0140 0624 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:25:53.0296 0624 HDAudBus - ok
15:25:53.0375 0624 [ 5327BAD9B35C33D2A64B64E4CF282ECD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:25:53.0515 0624 helpsvc - ok
15:25:53.0515 0624 HidServ - ok
15:25:53.0562 0624 [ 1FF903FFA2DA1704E5A5443D37D8E49E ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:25:53.0718 0624 hkmsvc - ok
15:25:53.0718 0624 hpn - ok
15:25:53.0765 0624 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:25:53.0828 0624 HTTP - ok
15:25:53.0843 0624 [ 2529C7BA05242BEED0027F554D0513BB ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:25:53.0984 0624 HTTPFilter - ok
15:25:53.0984 0624 i2omgmt - ok
15:25:54.0000 0624 i2omp - ok
15:25:54.0031 0624 [ C43372D0682F8E32E4EC21117E089EC0 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:25:54.0140 0624 i8042prt - ok
15:25:54.0234 0624 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:25:54.0421 0624 ialm - ok
15:25:54.0515 0624 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:25:54.0593 0624 idsvc - ok
15:25:54.0718 0624 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130124.001\IDSxpx86.sys
15:25:54.0781 0624 IDSxpx86 - ok
15:25:54.0812 0624 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:25:54.0937 0624 Imapi - ok
15:25:55.0000 0624 [ A117772F94C854DE5D1BBC1F1962B192 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:25:55.0140 0624 ImapiService - ok
15:25:55.0156 0624 ini910u - ok
15:25:55.0328 0624 [ 71AE838A88B07268D732F596FC17CED5 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:25:55.0671 0624 IntcAzAudAddService - ok
15:25:55.0703 0624 [ 72C63AD984D427D34BD5B9DB838D88EB ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
15:25:55.0828 0624 IntelIde - ok
15:25:55.0875 0624 [ 2D2254FAC267E6B1C7865E8EBEF60C6D ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:25:56.0046 0624 intelppm - ok
15:25:56.0062 0624 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:25:56.0203 0624 Ip6Fw - ok
15:25:56.0234 0624 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:25:56.0390 0624 IpFilterDriver - ok
15:25:56.0421 0624 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:25:56.0546 0624 IpInIp - ok
15:25:56.0578 0624 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:25:56.0718 0624 IpNat - ok
15:25:56.0781 0624 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:25:56.0828 0624 iPod Service - ok
15:25:56.0859 0624 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:25:57.0015 0624 IPSec - ok
15:25:57.0031 0624 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:25:57.0140 0624 IRENUM - ok
15:25:57.0187 0624 [ 0B78E1A31340E1FB1E389D5633F7C3A0 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:25:57.0312 0624 isapnp - ok
15:25:57.0343 0624 [ 8F1BA487B35F0C8F637E05113AA815F8 ] itchfltr C:\WINDOWS\system32\DRIVERS\itchfltr.sys
15:25:57.0390 0624 itchfltr - ok
15:25:57.0515 0624 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:25:57.0531 0624 JavaQuickStarterService - ok
15:25:57.0546 0624 [ 380397621E94B32C744E7B2CC1330390 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:25:57.0671 0624 Kbdclass - ok
15:25:57.0703 0624 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:25:57.0828 0624 kmixer - ok
15:25:57.0859 0624 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:25:58.0031 0624 KSecDD - ok
15:25:58.0078 0624 [ 0F8B7BF7097D1E8D78F2F52A2BEA03CD ] L8042pr2 C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys
15:25:58.0125 0624 L8042pr2 - ok
15:25:58.0187 0624 [ C7955E7EDAEA462D04F1C4BE1D340372 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:25:58.0250 0624 lanmanserver - ok
15:25:58.0281 0624 [ A936A575EAF6DCE8DC08BC0C53972ADD ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:25:58.0343 0624 lanmanworkstation - ok
15:25:58.0359 0624 Lbd - ok
15:25:58.0359 0624 lbrtfdc - ok
15:25:58.0437 0624 [ C12476DE1AFFB1BBA1A48A459CEB3D39 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:25:58.0437 0624 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:25:58.0437 0624 LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:25:58.0484 0624 [ C837D17DE0B349539AA527EE750EBE2A ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
15:25:58.0531 0624 LiveUpdate Notice Service - ok
15:25:58.0562 0624 [ 91AE20C5C2776C511994AA1308C05283 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:25:58.0703 0624 LmHosts - ok
15:25:58.0750 0624 [ AEF09673376A4D93C09E8341854F1BF4 ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
15:25:58.0765 0624 LMouFlt2 - ok
15:25:58.0812 0624 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
15:25:58.0828 0624 MBAMProtector - ok
15:25:58.0890 0624 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:25:58.0953 0624 MBAMScheduler - ok
15:25:59.0046 0624 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:25:59.0156 0624 MBAMService - ok
15:25:59.0171 0624 [ C56A45A03DCA11712DE9FDF98224230B ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:25:59.0312 0624 Messenger - ok
15:25:59.0359 0624 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:25:59.0500 0624 mnmdd - ok
15:25:59.0531 0624 [ 5B1D994DCF1895AFA27600E46A2F0FEA ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:25:59.0640 0624 mnmsrvc - ok
15:25:59.0687 0624 [ 8114EEAC353F549331AB73E9AF4219ED ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:25:59.0796 0624 Modem - ok
15:25:59.0812 0624 [ 1A4E2214DD63E4A876463D3427EE8261 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:25:59.0937 0624 Mouclass - ok
15:26:00.0078 0624 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:26:00.0234 0624 MountMgr - ok
15:26:00.0234 0624 mraid35x - ok
15:26:00.0265 0624 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:26:00.0390 0624 MRxDAV - ok
15:26:00.0421 0624 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:26:00.0562 0624 MRxSmb - ok
15:26:00.0578 0624 [ 21EA21984D7D1AD50DB2E627020AB14C ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:26:00.0718 0624 MSDTC - ok
15:26:00.0734 0624 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:26:00.0890 0624 Msfs - ok
15:26:00.0890 0624 MSIServer - ok
15:26:00.0906 0624 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:26:01.0078 0624 MSKSSRV - ok
15:26:01.0109 0624 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:26:01.0234 0624 MSPCLOCK - ok
15:26:01.0234 0624 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:26:01.0375 0624 MSPQM - ok
15:26:01.0437 0624 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:26:01.0531 0624 mssmbios - ok
15:26:01.0578 0624 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:26:01.0640 0624 Mup - ok
15:26:01.0718 0624 [ 87E394C810794D3C70CF22E8316CB23E ] napagent C:\WINDOWS\System32\qagentrt.dll
15:26:01.0875 0624 napagent - ok
15:26:02.0031 0624 [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130125.023\NAVENG.SYS
15:26:02.0062 0624 NAVENG - ok
15:26:02.0125 0624 [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130125.023\NAVEX15.SYS
15:26:02.0250 0624 NAVEX15 - ok
15:26:02.0343 0624 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:26:02.0500 0624 NDIS - ok
15:26:02.0546 0624 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:26:02.0625 0624 NdisTapi - ok
15:26:02.0671 0624 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:26:02.0796 0624 Ndisuio - ok
15:26:02.0843 0624 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:26:02.0968 0624 NdisWan - ok
15:26:03.0000 0624 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:26:03.0078 0624 NDProxy - ok
15:26:03.0093 0624 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:26:03.0203 0624 NetBIOS - ok
15:26:03.0234 0624 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:26:03.0359 0624 NetBT - ok
15:26:03.0390 0624 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDE C:\WINDOWS\system32\netdde.exe
15:26:03.0546 0624 NetDDE - ok
15:26:03.0546 0624 [ DC6BAE085E9B3C2F3A963ED46791FEAB ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:26:03.0671 0624 NetDDEdsdm - ok
15:26:03.0687 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:26:03.0812 0624 Netlogon - ok
15:26:03.0843 0624 [ 5431FB616ECAE0D587C5B97D0B86CBD8 ] Netman C:\WINDOWS\System32\netman.dll
15:26:03.0984 0624 Netman - ok
15:26:04.0046 0624 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:26:04.0078 0624 NetTcpPortSharing - ok
15:26:04.0156 0624 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
15:26:04.0187 0624 NIS - ok
15:26:04.0250 0624 [ 4522CBE00A9E9EEE36AA82ED4B319148 ] Nla C:\WINDOWS\System32\mswsock.dll
15:26:04.0281 0624 Nla - ok
15:26:04.0312 0624 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:26:04.0437 0624 Npfs - ok
15:26:04.0468 0624 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:26:04.0640 0624 Ntfs - ok
15:26:04.0656 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:26:04.0765 0624 NtLmSsp - ok
15:26:04.0828 0624 [ AC1A78237B53044735693633F8235468 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:26:05.0328 0624 NtmsSvc - ok
15:26:05.0359 0624 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:26:05.0500 0624 Null - ok
15:26:05.0531 0624 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:26:05.0656 0624 NwlnkFlt - ok
15:26:05.0671 0624 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:26:05.0843 0624 NwlnkFwd - ok
15:26:05.0875 0624 [ E3934CCC20A4D24F1924E13D36D2A5BD ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:26:06.0000 0624 Parport - ok
15:26:06.0031 0624 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:26:06.0140 0624 PartMgr - ok
15:26:06.0187 0624 [ 1EADE28746A64C21E0A808BB12A63326 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:26:06.0312 0624 ParVdm - ok
15:26:06.0328 0624 [ 3B166F9F753C21AEDAA9A6BD76B49655 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:26:06.0453 0624 PCI - ok
15:26:06.0468 0624 PCIDump - ok
15:26:06.0468 0624 [ B31EDEBA4DA28283F6B8DC4756FB9585 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:26:06.0609 0624 PCIIde - ok
15:26:06.0671 0624 [ 2137FFD65F8E609A3A5ACD487C56CCE0 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:26:06.0796 0624 Pcmcia - ok
15:26:06.0812 0624 PDCOMP - ok
15:26:06.0812 0624 PDFRAME - ok
15:26:06.0828 0624 PDRELI - ok
15:26:06.0828 0624 PDRFRAME - ok
15:26:06.0843 0624 perc2 - ok
15:26:06.0859 0624 perc2hib - ok
15:26:06.0921 0624 Planner voor Automatische LiveUpdate - ok
15:26:06.0953 0624 [ 657B69389B893F440B07590C9E963F23 ] PlugPlay C:\WINDOWS\system32\services.exe
15:26:06.0984 0624 PlugPlay - ok
15:26:07.0000 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:26:07.0125 0624 PolicyAgent - ok
15:26:07.0156 0624 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:26:07.0265 0624 PptpMiniport - ok
15:26:07.0281 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:26:07.0390 0624 ProtectedStorage - ok
15:26:07.0406 0624 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:26:07.0531 0624 PSched - ok
15:26:07.0546 0624 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:26:07.0687 0624 Ptilink - ok
15:26:07.0718 0624 [ 7C81AE3C9B82BA2DA437ED4D31BC56CF ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:26:07.0750 0624 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
15:26:07.0750 0624 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
15:26:07.0750 0624 ql1080 - ok
15:26:07.0765 0624 Ql10wnt - ok
15:26:07.0765 0624 ql12160 - ok
15:26:07.0781 0624 ql1240 - ok
15:26:07.0781 0624 ql1280 - ok
15:26:07.0812 0624 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:26:07.0921 0624 RasAcd - ok
15:26:08.0000 0624 [ 0575D034B1292CA3A9BB9F67A8EE289C ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:26:08.0140 0624 RasAuto - ok
15:26:08.0156 0624 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:26:08.0296 0624 Rasl2tp - ok
15:26:08.0343 0624 [ 9E7E2DF6971A5F00102BE3F901CC3BDC ] RasMan C:\WINDOWS\System32\rasmans.dll
15:26:08.0468 0624 RasMan - ok
15:26:08.0484 0624 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:26:08.0593 0624 RasPppoe - ok
15:26:08.0609 0624 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:26:08.0734 0624 Raspti - ok
15:26:08.0750 0624 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:26:08.0875 0624 Rdbss - ok
15:26:08.0953 0624 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:26:09.0078 0624 RDPCDD - ok
15:26:09.0125 0624 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:26:09.0218 0624 RDPWD - ok
15:26:09.0250 0624 [ EA9FDF71D696B532BDC44C8BFF03A737 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:26:09.0406 0624 RDSessMgr - ok
15:26:09.0421 0624 [ 4173BC66E485FD77A03C4819F60BD0DA ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:26:09.0531 0624 redbook - ok
15:26:09.0578 0624 [ 4007ABF5D9BF0E55451D775443D1F985 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:26:09.0718 0624 RemoteAccess - ok
15:26:09.0750 0624 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
15:26:09.0906 0624 RFCOMM - ok
15:26:09.0937 0624 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
15:26:10.0078 0624 ROOTMODEM - ok
15:26:10.0125 0624 [ BE078F8F7EC2491EFDD79A53353A060F ] RpcLocator C:\WINDOWS\system32\locator.exe
15:26:10.0234 0624 RpcLocator - ok
15:26:10.0265 0624 [ D9883335CC1C17AFC3A09C8AC3E4DBE4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:26:10.0296 0624 RpcSs - ok
15:26:10.0312 0624 [ AD1B5F1B99FFF08C99F443D784711A81 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:26:10.0468 0624 RSVP - ok
15:26:10.0515 0624 [ D6E1B1BD04FAD422AF17FC4B810CB9AF ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:26:10.0546 0624 RTL8023xp - ok
15:26:10.0562 0624 [ 8754210A3399D19610CE2D71E0C3E5D9 ] SamSs C:\WINDOWS\system32\lsass.exe
15:26:10.0671 0624 SamSs - ok
15:26:10.0828 0624 [ 99FC1599F89A80216E41175B8CA44D89 ] SBAMSvc C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
15:26:11.0234 0624 SBAMSvc - ok
15:26:11.0296 0624 [ 1B4CD62174E907C7EF8EC5D4D0A2A616 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:26:11.0421 0624 SCardSvr - ok
15:26:11.0453 0624 [ 7C288AE0F75CB18CFF1DF6179A67AD8F ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:26:11.0609 0624 Schedule - ok
15:26:11.0656 0624 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:26:11.0828 0624 Secdrv - ok
15:26:11.0859 0624 [ 6983665BEA867125B1DA5757CD8B2F9D ] seclogon C:\WINDOWS\System32\seclogon.dll
15:26:11.0968 0624 seclogon - ok
15:26:12.0015 0624 [ F6EC8F1E50E40237BDDEE1CB7FE20B42 ] SENS C:\WINDOWS\system32\sens.dll
15:26:12.0125 0624 SENS - ok
15:26:12.0156 0624 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:26:12.0281 0624 serenum - ok
15:26:12.0312 0624 [ 92C21762653BB2CE51147EB8A9AA654F ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:26:12.0437 0624 Serial - ok
15:26:12.0453 0624 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:26:12.0593 0624 Sfloppy - ok
15:26:12.0640 0624 [ 7579C4BE909D47F10F3D8D801CB13ED9 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:26:12.0828 0624 SharedAccess - ok
15:26:12.0859 0624 [ 2D5D4156292150FE571872C1B88E9299 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:26:12.0875 0624 ShellHWDetection - ok
15:26:12.0890 0624 Simbad - ok
15:26:12.0906 0624 Sparrow - ok
15:26:12.0953 0624 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:26:13.0078 0624 splitter - ok
15:26:13.0125 0624 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:26:13.0187 0624 Spooler - ok
15:26:13.0218 0624 [ 64D2A7640E0767ECD3BCB38D3200E7CE ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:26:13.0328 0624 sr - ok
15:26:13.0375 0624 [ 81CBF363C414620CAA61BD6843D8FDB9 ] srservice C:\WINDOWS\system32\srsvc.dll
15:26:13.0578 0624 srservice - ok
15:26:13.0734 0624 [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP C:\WINDOWS\System32\Drivers\NIS\1309000.009\SRTSP.SYS
15:26:14.0046 0624 SRTSP - ok
15:26:14.0078 0624 [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1309000.009\SRTSPX.SYS
15:26:14.0109 0624 SRTSPX - ok
15:26:14.0156 0624 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:26:14.0296 0624 Srv - ok
15:26:14.0328 0624 [ 5B9D0DE64BE96A806819516440FD211C ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:26:14.0453 0624 SSDPSRV - ok
15:26:14.0468 0624 SSPORT - ok
15:26:14.0500 0624 [ 9D1A8732718438DC8C472D4D7762DE5F ] Start BT in service C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
15:26:14.0515 0624 Start BT in service - ok
15:26:14.0562 0624 [ 5AE996186D2DC694FEF88F14A3FC9242 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:26:14.0718 0624 stisvc - ok
15:26:14.0750 0624 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:26:14.0890 0624 swenum - ok
15:26:14.0968 0624 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:26:15.0078 0624 swmidi - ok
15:26:15.0093 0624 SwPrv - ok
15:26:15.0093 0624 symc810 - ok
15:26:15.0109 0624 symc8xx - ok
15:26:15.0156 0624 [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMDS.SYS
15:26:15.0234 0624 SymDS - ok
15:26:15.0296 0624 [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA C:\WINDOWS\system32\drivers\NIS\1309000.009\SYMEFA.SYS
15:26:15.0375 0624 SymEFA - ok
15:26:15.0421 0624 [ 74E2521E96176A4449570E50BE91954D ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
15:26:15.0453 0624 SymEvent - ok
15:26:15.0468 0624 [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1309000.009\Ironx86.SYS
15:26:15.0500 0624 SymIRON - ok
15:26:15.0531 0624 [ 508BD882040F9CB12319E3A4FC78EDB9 ] SYMTDI C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS
15:26:15.0562 0624 SYMTDI - ok
15:26:15.0578 0624 sym_hi - ok
15:26:15.0593 0624 sym_u3 - ok
15:26:15.0609 0624 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:26:15.0734 0624 sysaudio - ok
15:26:15.0765 0624 [ 251EAE7C56C6AB9490311A3C9757E18D ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:26:15.0890 0624 SysmonLog - ok
15:26:15.0953 0624 [ 2BC9FB448F0C2394FF53C83A7BB04731 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:26:16.0093 0624 TapiSrv - ok
15:26:16.0140 0624 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:26:16.0218 0624 Tcpip - ok
15:26:16.0250 0624 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:26:16.0375 0624 TDPIPE - ok
15:26:16.0390 0624 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:26:16.0500 0624 TDTCP - ok
15:26:16.0531 0624 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:26:16.0671 0624 TermDD - ok
15:26:16.0703 0624 [ E0AEF86A594C9990D6321C5CA239C5B7 ] TermService C:\WINDOWS\System32\termsrv.dll
15:26:16.0828 0624 TermService - ok
15:26:16.0859 0624 [ 2D5D4156292150FE571872C1B88E9299 ] Themes C:\WINDOWS\System32\shsvcs.dll
15:26:16.0890 0624 Themes - ok
15:26:16.0890 0624 TosIde - ok
15:26:16.0953 0624 [ 20655E8CA1C78BC7088B18E93806D21B ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:26:17.0140 0624 TrkWks - ok
15:26:17.0203 0624 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:26:17.0500 0624 Udfs - ok
15:26:17.0515 0624 ultra - ok
15:26:17.0562 0624 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:26:17.0750 0624 Update - ok
15:26:17.0781 0624 [ 01653D6C9604F1FB31A76EC94E08954F ] upnphost C:\WINDOWS\System32\upnphost.dll
15:26:17.0906 0624 upnphost - ok
15:26:17.0953 0624 [ A89796DD0DE24CF03B3A39407E1F46A3 ] UPS C:\WINDOWS\System32\ups.exe
15:26:18.0093 0624 UPS - ok
15:26:18.0140 0624 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:26:18.0265 0624 usbccgp - ok
15:26:18.0281 0624 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:26:18.0406 0624 usbehci - ok
15:26:18.0437 0624 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:26:18.0562 0624 usbhub - ok
15:26:18.0578 0624 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:26:18.0718 0624 usbprint - ok
15:26:18.0750 0624 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:26:18.0859 0624 usbscan - ok
15:26:18.0968 0624 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:26:19.0078 0624 USBSTOR - ok
15:26:19.0093 0624 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:26:19.0218 0624 usbuhci - ok
15:26:19.0265 0624 [ 51750B0539986186C6931FC40D171521 ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys
15:26:19.0281 0624 VComm - ok
15:26:19.0296 0624 [ 6D9C891C0A761AFED1F3609C2E56F2B9 ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys
15:26:19.0312 0624 VcommMgr - ok
15:26:19.0343 0624 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:26:19.0453 0624 VgaSave - ok
15:26:19.0453 0624 ViaIde - ok
15:26:19.0500 0624 [ 8AB662B3C4691E6DDF61C96BB5B7D103 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:26:19.0625 0624 VolSnap - ok
15:26:19.0671 0624 [ A585EDD6965B301DE8A45C6768C7C215 ] VSS C:\WINDOWS\System32\vssvc.exe
15:26:19.0812 0624 VSS - ok
15:26:19.0843 0624 [ 390D8E65F362327AD510B08971478301 ] W32Time C:\WINDOWS\system32\w32time.dll
15:26:19.0968 0624 W32Time - ok
15:26:20.0000 0624 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:26:20.0125 0624 Wanarp - ok
15:26:20.0140 0624 WDICA - ok
15:26:20.0156 0624 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:26:20.0265 0624 wdmaud - ok
15:26:20.0312 0624 [ 33D8E2812054D97A0AEC9B8F04277927 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:26:20.0453 0624 WebClient - ok
15:26:20.0515 0624 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
15:26:20.0546 0624 WinDefend - ok
15:26:20.0656 0624 [ F9E105F369C18E4001E0C05AAF600D73 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:26:20.0781 0624 winmgmt - ok
15:26:20.0828 0624 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
15:26:21.0078 0624 WmdmPmSN - ok
15:26:21.0109 0624 [ 87F11D161207C7063EDABAC0AADC33C3 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:26:21.0250 0624 WmiApSrv - ok
15:26:21.0359 0624 [ 79A01ACD485687EE602411A06B63A9A5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
15:26:21.0421 0624 WMPNetworkSvc - ok
15:26:21.0453 0624 [ 843F7FA8EA38E6A4262976DCC994C81A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:26:21.0578 0624 wscsvc - ok
15:26:21.0593 0624 [ 1E8FDDDEF3FE260BADAB06DAE10D753A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:26:21.0734 0624 wuauserv - ok
15:26:21.0765 0624 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:26:21.0812 0624 WudfPf - ok
15:26:21.0828 0624 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:26:21.0875 0624 WudfRd - ok
15:26:21.0890 0624 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
15:26:21.0984 0624 WudfSvc - ok
15:26:22.0015 0624 [ E99782DBB8FFA2AEE72B31DAC8D8D887 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:26:22.0156 0624 WZCSVC - ok
15:26:22.0187 0624 [ FD3C38635808920F8235BF2FED642F54 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:26:22.0359 0624 xmlprov - ok
15:26:22.0359 0624 ================ Scan global ===============================
15:26:22.0406 0624 [ 953AD498333B03F7CE547151F96EF241 ] C:\WINDOWS\system32\basesrv.dll
15:26:22.0421 0624 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
15:26:22.0468 0624 [ C7CC71181F7FD61C49EFF278003827A5 ] C:\WINDOWS\system32\winsrv.dll
15:26:22.0484 0624 [ 657B69389B893F440B07590C9E963F23 ] C:\WINDOWS\system32\services.exe
15:26:22.0484 0624 [Global] - ok
15:26:22.0484 0624 ================ Scan MBR ==================================
15:26:22.0515 0624 [ 3051207086651214E435112E51817DC5 ] \Device\Harddisk0\DR0
15:26:22.0734 0624 \Device\Harddisk0\DR0 - ok
15:26:23.0078 0624 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR3
15:26:23.0218 0624 \Device\Harddisk1\DR3 - ok
15:26:23.0218 0624 ================ Scan VBR ==================================
15:26:23.0234 0624 [ C4C46FC3AB50F112270E26B5D8D32770 ] \Device\Harddisk0\DR0\Partition1
15:26:23.0234 0624 \Device\Harddisk0\DR0\Partition1 - ok
15:26:23.0234 0624 [ 2877D21307F0A6B40F296B4C8642ED3C ] \Device\Harddisk0\DR0\Partition2
15:26:23.0234 0624 \Device\Harddisk0\DR0\Partition2 - ok
15:26:23.0281 0624 [ 6491C57FD83D23B470881022F0ACBBC4 ] \Device\Harddisk1\DR3\Partition1
15:26:23.0281 0624 \Device\Harddisk1\DR3\Partition1 - ok
15:26:23.0281 0624 ============================================================
15:26:23.0281 0624 Scan finished
15:26:23.0281 0624 ============================================================
15:26:23.0421 0568 Detected object count: 5
15:26:23.0421 0568 Actual detected object count: 5
15:29:58.0468 0568 bgsvcgen ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:58.0468 0568 bgsvcgen ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:58.0468 0568 cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:58.0468 0568 cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:58.0468 0568 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:58.0468 0568 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:58.0468 0568 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:58.0468 0568 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:29:58.0468 0568 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:58.0468 0568 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
-
Juist iets stom ontdekt, ik had vorige week Ad-aware laten lopen, een snelle scan, niets gedetecteerd. Daags nadien een full scan. Ik had aan mijn vrouw gevraagd of er iets gemeld was (zij had de computer afgezet) Nee was het antwoord. Ik ben er ook niet meer gaan naar kijken.
Nu wou ik malwareprogramma's uitzetten, blijkt dat Ad-Aware toch 2 bedreigingen had gevonden.
1 een heel serie cookies
2 een trojan virus nl Trojan.Win32.Generic.Pak! Cobra
Als actie is daar dus niets mee gebeurt (aanbevolen actie cookies -delete en trojan - quarantaine)
Moet ik dit eerst doen of eerst de tdsskiller
-
Nog een paar keer omgeleid, maar de meeste zoekopdrachten kwamen goed terecht.
Zal straks nog eens proberen
-
Zoek.exe Version 4.0.0.1 Updated 24-January-2013
Tool run by admin on vr 25/01/2013 at 22:44:08,04.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Internet Explorer\SearchScopes\{D1736352-4B14-4E0F-8D03-459870CFB33B} deleted successfully
==== Deleting CLSID Registry Values ======================
-
Zoek.exe Version 4.0.0.1 Updated 24-January-2013
Tool run by admin on do 24/01/2013 at 23:44:16,48.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"=""
[-KEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk]
==== Deleting Files \ Folders ======================
"C:\Documents and Settings\All Users\Bureaublad\sample_20132301_2114.zip" deleted
-
Word nu omgeleid naar google.com bij elke site die ik ook probeer na een zoekopdracht.
Bij het telkens terugklikken gaat het geheugengebruik de hoogte in.
Het geheugenniveau zakt terug bij het verlaten van IE
-
Bing is verdwenen als zoekmachine, google staat er terug als standaard zoekmachine.(was al gewijzigd voor de uitvoering van vorige opdracht)
Geheugengebruik is weer normaal.
In google word ik omgeleid naar google.be (blanco pag) na een paar keer heen en weer klikken kom ik op de juiste pag.
Ofwel googleadservices.com , ook na een aantal keren klikken kom ik niet op gewenste pag.
Omleiden gebeurt niet altijd.
-
In Bing ben ik ook omgeleid (naar Bing zelf lege pag)
Hierbij het "zoek"log
Zoek.exe Version 4.0.0.1 Updated 21-January-2013
Tool run by admin on wo 23/01/2013 at 21:11:38,71.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
==== Creating Sample_20132301_2114.zip ======================
Process iexplore.exe killed
Process rundll32.exe killed
Copied file C:\Documents and Settings\admin\OOo_3.3.0_Win_x86_install-wJRE_nl.exe to sample
sample\OOo_3.3.0_Win_x86_install-wJRE_nl.exe renamed to 0CB8FD56BDDA393762B50F6701ECD916
C:\Documents and Settings\All Users\Bureaublad\sample_20132301_2114.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully
HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully
HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
==== Installed Programs ======================
Ad-Aware Antivirus
Ad-Aware Browsing Protection
Adobe ActiveShare 1.3
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 7.1.0 - Nederlands
Adobe Shockwave Player 11.5
Albelli.be Fotoboeken
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Beveiligingsupdate for Windows Media Player 10 (KB917734)
Beveiligingsupdate for Windows XP (KB923689)
Beveiligingsupdate for Windows XP (KB941569)
Beveiligingsupdate voor Microsoft Windows (KB2564958)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB929969)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB931768)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB937143)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2183461)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2360131)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2416400)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB969897)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB972260)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB974455)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)
Beveiligingsupdate voor Windows Media Player (KB2378111)
Beveiligingsupdate voor Windows Media Player (KB911564)
Beveiligingsupdate voor Windows Media Player (KB952069)
Beveiligingsupdate voor Windows Media Player (KB954155)
Beveiligingsupdate voor Windows Media Player (KB968816)
Beveiligingsupdate voor Windows Media Player (KB973540)
Beveiligingsupdate voor Windows Media Player (KB975558)
Beveiligingsupdate voor Windows Media Player (KB978695)
Beveiligingsupdate voor Windows Media Player 11 (KB936782)
Beveiligingsupdate voor Windows Media Player 11 (KB954154)
Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)
Beveiligingsupdate voor Windows Media Player 9 (KB917734)
Beveiligingsupdate voor Windows XP (KB2079403)
Beveiligingsupdate voor Windows XP (KB2115168)
Beveiligingsupdate voor Windows XP (KB2121546)
Beveiligingsupdate voor Windows XP (KB2160329)
Beveiligingsupdate voor Windows XP (KB2229593)
Beveiligingsupdate voor Windows XP (KB2259922)
Beveiligingsupdate voor Windows XP (KB2279986)
Beveiligingsupdate voor Windows XP (KB2286198)
Beveiligingsupdate voor Windows XP (KB2296011)
Beveiligingsupdate voor Windows XP (KB2296199)
Beveiligingsupdate voor Windows XP (KB2347290)
Beveiligingsupdate voor Windows XP (KB2360937)
Beveiligingsupdate voor Windows XP (KB2387149)
Beveiligingsupdate voor Windows XP (KB2393802)
Beveiligingsupdate voor Windows XP (KB2412687)
Beveiligingsupdate voor Windows XP (KB2419632)
Beveiligingsupdate voor Windows XP (KB2423089)
Beveiligingsupdate voor Windows XP (KB2436673)
Beveiligingsupdate voor Windows XP (KB2440591)
Beveiligingsupdate voor Windows XP (KB2443105)
Beveiligingsupdate voor Windows XP (KB2476490)
Beveiligingsupdate voor Windows XP (KB2476687)
Beveiligingsupdate voor Windows XP (KB2478960)
Beveiligingsupdate voor Windows XP (KB2478971)
Beveiligingsupdate voor Windows XP (KB2479628)
Beveiligingsupdate voor Windows XP (KB2479943)
Beveiligingsupdate voor Windows XP (KB2481109)
Beveiligingsupdate voor Windows XP (KB2483185)
Beveiligingsupdate voor Windows XP (KB2485376)
Beveiligingsupdate voor Windows XP (KB2485663)
Beveiligingsupdate voor Windows XP (KB2503658)
Beveiligingsupdate voor Windows XP (KB2503665)
Beveiligingsupdate voor Windows XP (KB2506212)
Beveiligingsupdate voor Windows XP (KB2506223)
Beveiligingsupdate voor Windows XP (KB2507618)
Beveiligingsupdate voor Windows XP (KB2507938)
Beveiligingsupdate voor Windows XP (KB2508272)
Beveiligingsupdate voor Windows XP (KB2508429)
Beveiligingsupdate voor Windows XP (KB2509553)
Beveiligingsupdate voor Windows XP (KB2511455)
Beveiligingsupdate voor Windows XP (KB2524375)
Beveiligingsupdate voor Windows XP (KB2535512)
Beveiligingsupdate voor Windows XP (KB2536276-v2)
Beveiligingsupdate voor Windows XP (KB2536276)
Beveiligingsupdate voor Windows XP (KB2544893-v2)
Beveiligingsupdate voor Windows XP (KB2544893)
Beveiligingsupdate voor Windows XP (KB2555917)
Beveiligingsupdate voor Windows XP (KB2562937)
Beveiligingsupdate voor Windows XP (KB2566454)
Beveiligingsupdate voor Windows XP (KB2567053)
Beveiligingsupdate voor Windows XP (KB2567680)
Beveiligingsupdate voor Windows XP (KB2570222)
Beveiligingsupdate voor Windows XP (KB2570947)
Beveiligingsupdate voor Windows XP (KB2584146)
Beveiligingsupdate voor Windows XP (KB2585542)
Beveiligingsupdate voor Windows XP (KB2592799)
Beveiligingsupdate voor Windows XP (KB2598479)
Beveiligingsupdate voor Windows XP (KB2603381)
Beveiligingsupdate voor Windows XP (KB2618451)
Beveiligingsupdate voor Windows XP (KB2619339)
Beveiligingsupdate voor Windows XP (KB2620712)
Beveiligingsupdate voor Windows XP (KB2621440)
Beveiligingsupdate voor Windows XP (KB2624667)
Beveiligingsupdate voor Windows XP (KB2631813)
Beveiligingsupdate voor Windows XP (KB2633171)
Beveiligingsupdate voor Windows XP (KB2639417)
Beveiligingsupdate voor Windows XP (KB2641653)
Beveiligingsupdate voor Windows XP (KB2646524)
Beveiligingsupdate voor Windows XP (KB2647518)
Beveiligingsupdate voor Windows XP (KB2653956)
Beveiligingsupdate voor Windows XP (KB2655992)
Beveiligingsupdate voor Windows XP (KB2659262)
Beveiligingsupdate voor Windows XP (KB2660465)
Beveiligingsupdate voor Windows XP (KB2661637)
Beveiligingsupdate voor Windows XP (KB2676562)
Beveiligingsupdate voor Windows XP (KB2685939)
Beveiligingsupdate voor Windows XP (KB2686509)
Beveiligingsupdate voor Windows XP (KB2691442)
Beveiligingsupdate voor Windows XP (KB2695962)
Beveiligingsupdate voor Windows XP (KB2698365)
Beveiligingsupdate voor Windows XP (KB2705219)
Beveiligingsupdate voor Windows XP (KB2707511)
Beveiligingsupdate voor Windows XP (KB2709162)
Beveiligingsupdate voor Windows XP (KB2712808)
Beveiligingsupdate voor Windows XP (KB2718523)
Beveiligingsupdate voor Windows XP (KB2719985)
Beveiligingsupdate voor Windows XP (KB2723135)
Beveiligingsupdate voor Windows XP (KB2724197)
Beveiligingsupdate voor Windows XP (KB2727528)
Beveiligingsupdate voor Windows XP (KB2731847)
Beveiligingsupdate voor Windows XP (KB2753842-v2)
Beveiligingsupdate voor Windows XP (KB2753842)
Beveiligingsupdate voor Windows XP (KB2757638)
Beveiligingsupdate voor Windows XP (KB2758857)
Beveiligingsupdate voor Windows XP (KB2761226)
Beveiligingsupdate voor Windows XP (KB2770660)
Beveiligingsupdate voor Windows XP (KB2779030)
Beveiligingsupdate voor Windows XP (KB913433)
Beveiligingsupdate voor Windows XP (KB923561)
Beveiligingsupdate voor Windows XP (KB938464-v2)
Beveiligingsupdate voor Windows XP (KB938464)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB950760)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951066)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951376)
Beveiligingsupdate voor Windows XP (KB951698)
Beveiligingsupdate voor Windows XP (KB951748)
Beveiligingsupdate voor Windows XP (KB952004)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB953839)
Beveiligingsupdate voor Windows XP (KB954211)
Beveiligingsupdate voor Windows XP (KB954459)
Beveiligingsupdate voor Windows XP (KB954600)
Beveiligingsupdate voor Windows XP (KB955069)
Beveiligingsupdate voor Windows XP (KB956391)
Beveiligingsupdate voor Windows XP (KB956572)
Beveiligingsupdate voor Windows XP (KB956744)
Beveiligingsupdate voor Windows XP (KB956802)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956841)
Beveiligingsupdate voor Windows XP (KB956844)
Beveiligingsupdate voor Windows XP (KB957095)
Beveiligingsupdate voor Windows XP (KB957097)
Beveiligingsupdate voor Windows XP (KB958644)
Beveiligingsupdate voor Windows XP (KB958687)
Beveiligingsupdate voor Windows XP (KB958690)
Beveiligingsupdate voor Windows XP (KB958869)
Beveiligingsupdate voor Windows XP (KB959426)
Beveiligingsupdate voor Windows XP (KB960225)
Beveiligingsupdate voor Windows XP (KB960715)
Beveiligingsupdate voor Windows XP (KB960803)
Beveiligingsupdate voor Windows XP (KB960859)
Beveiligingsupdate voor Windows XP (KB961371)
Beveiligingsupdate voor Windows XP (KB961373)
Beveiligingsupdate voor Windows XP (KB961501)
Beveiligingsupdate voor Windows XP (KB968537)
Beveiligingsupdate voor Windows XP (KB969059)
Beveiligingsupdate voor Windows XP (KB969898)
Beveiligingsupdate voor Windows XP (KB969947)
Beveiligingsupdate voor Windows XP (KB970238)
Beveiligingsupdate voor Windows XP (KB970430)
Beveiligingsupdate voor Windows XP (KB971468)
Beveiligingsupdate voor Windows XP (KB971486)
Beveiligingsupdate voor Windows XP (KB971557)
Beveiligingsupdate voor Windows XP (KB971633)
Beveiligingsupdate voor Windows XP (KB971657)
Beveiligingsupdate voor Windows XP (KB972270)
Beveiligingsupdate voor Windows XP (KB973346)
Beveiligingsupdate voor Windows XP (KB973354)
Beveiligingsupdate voor Windows XP (KB973507)
Beveiligingsupdate voor Windows XP (KB973525)
Beveiligingsupdate voor Windows XP (KB973869)
Beveiligingsupdate voor Windows XP (KB973904)
Beveiligingsupdate voor Windows XP (KB974112)
Beveiligingsupdate voor Windows XP (KB974318)
Beveiligingsupdate voor Windows XP (KB974392)
Beveiligingsupdate voor Windows XP (KB974571)
Beveiligingsupdate voor Windows XP (KB975025)
Beveiligingsupdate voor Windows XP (KB975467)
Beveiligingsupdate voor Windows XP (KB975560)
Beveiligingsupdate voor Windows XP (KB975561)
Beveiligingsupdate voor Windows XP (KB975562)
Beveiligingsupdate voor Windows XP (KB975713)
Beveiligingsupdate voor Windows XP (KB977165)
Beveiligingsupdate voor Windows XP (KB977816)
Beveiligingsupdate voor Windows XP (KB977914)
Beveiligingsupdate voor Windows XP (KB978037)
Beveiligingsupdate voor Windows XP (KB978251)
Beveiligingsupdate voor Windows XP (KB978262)
Beveiligingsupdate voor Windows XP (KB978338)
Beveiligingsupdate voor Windows XP (KB978542)
Beveiligingsupdate voor Windows XP (KB978601)
Beveiligingsupdate voor Windows XP (KB978706)
Beveiligingsupdate voor Windows XP (KB979309)
Beveiligingsupdate voor Windows XP (KB979482)
Beveiligingsupdate voor Windows XP (KB979559)
Beveiligingsupdate voor Windows XP (KB979683)
Beveiligingsupdate voor Windows XP (KB979687)
Beveiligingsupdate voor Windows XP (KB980195)
Beveiligingsupdate voor Windows XP (KB980218)
Beveiligingsupdate voor Windows XP (KB980232)
Beveiligingsupdate voor Windows XP (KB980436)
Beveiligingsupdate voor Windows XP (KB981322)
Beveiligingsupdate voor Windows XP (KB981852)
Beveiligingsupdate voor Windows XP (KB981957)
Beveiligingsupdate voor Windows XP (KB981997)
Beveiligingsupdate voor Windows XP (KB982132)
Beveiligingsupdate voor Windows XP (KB982214)
Beveiligingsupdate voor Windows XP (KB982665)
Beveiligingsupdate voor Windows XP (KB982802)
BlockCAD 3.19
Bluesoleil2.7.0.35 VoIP Release 080317
Bonjour
BufferChm
CameraDrivers
CameraUserGuides
Codec Pack - All In 1 6.0.3.0
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Panorama1Config
cp_PosterPrintConfig
CueTour
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
Disney's SpellenSpektakel
DriveImage XML
Dropbox
dword:00000000
EDUROM Tafeltrainer
EPSON-printersoftware
EPSON Attach To Email
EPSON Easy Photo Print
EPSON File Manager
EPSON Print CD
EPSON PRINT Image Framer Tool
EPSON Scan Assistant
EPSON Web-To-Page
ESPR340 Gebruikershandleiding
Essenti‰le update voor Windows Media Player 11 (KB959772)
eSupportQFolder
FREEDOM SceneView
FullDPAppQFolder
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix voor Windows Internet Explorer 7 (KB947864)
Hotfix voor Windows Media Player 11 (KB939683)
Hotfix voor Windows XP (KB2158563)
Hotfix voor Windows XP (KB2443685)
Hotfix voor Windows XP (KB2570791)
Hotfix voor Windows XP (KB2633952)
Hotfix voor Windows XP (KB2756822)
Hotfix voor Windows XP (KB2779562)
Hotfix voor Windows XP (KB952287)
Hotfix voor Windows XP (KB961118)
Hotfix voor Windows XP (KB970653-v3)
Hotfix voor Windows XP (KB976098-v2)
Hotfix voor Windows XP (KB979306)
Hotfix voor Windows XP (KB981793)
HP Imaging Device Functions 6.0
HP Photosmart-camera's 6.0
HP Photosmart Premier Software 6.0
HP PrecisionScan LTX
HP Product Assistant
HP Solution Center and Imaging Support Tools 6.0
HP Update
hpiCamDrvQFolder
HPProductAssistant
Huggly's Schildpadden Speurtocht
Ik zie Fantasie
Ik zie, ik zie in het spookhuis
IKEA Home Planner
ImageMixer VCD/DVD2 for OLYMPUS
InstantShareDevices
Intel® Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java 6 Update 22
Java 6 Update 24
Junior Interactif
LightScribe 1.4.44.1
LiveUpdate Notice (Symantec Corporation)
Logitech iTouch-software
Logitech MouseWare 9.79.1
Lucky luke - De zingende draad
Malwarebytes Anti-Malware versie 1.70.0.1100
Meep Media Downloader
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Dutch Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MuseScore 1.0 MuseScore score typesetter
Nero Digital
Nero OEM
Nero Suite
Norton Internet Security
Norton Security Scan
OLYMPUS Master
OpenOffice.org 3.3
Overhoor voor Windows 4.5.1
PanoStandAlone
Partituur Expert 2005
PhotoGallery
PIF DESIGNER
PrintMaster 7.00
QSuite Ver2.1
QuickTime
RandMap
Realtek High Definition Audio Driver
REALTEK PCIE NIC Driver
Recuva
Samsung ML-1640 Series
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Shockwave Director 11.0
SkinsHP1
SlowView
SolutionCenter
Sonic_PrimoSDK
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Status
Super Collapse 3 Deluxe
Teach2000 8.42
TimeCalendar 1.6.7
TrayApp
Trellix Web
Unity Web Player
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update voor Windows Internet Explorer 8 (KB971930)
Update voor Windows Internet Explorer 8 (KB976662)
Update voor Windows Internet Explorer 8 (KB976749)
Update voor Windows Internet Explorer 8 (KB980182)
Update voor Windows XP (KB2141007)
Update voor Windows XP (KB2345886)
Update voor Windows XP (KB2467659)
Update voor Windows XP (KB2541763)
Update voor Windows XP (KB2607712)
Update voor Windows XP (KB2616676)
Update voor Windows XP (KB2641690)
Update voor Windows XP (KB2661254-v2)
Update voor Windows XP (KB2718704)
Update voor Windows XP (KB2736233)
Update voor Windows XP (KB2749655)
Update voor Windows XP (KB951072-v2)
Update voor Windows XP (KB951978)
Update voor Windows XP (KB955759)
Update voor Windows XP (KB955839)
Update voor Windows XP (KB967715)
Update voor Windows XP (KB968389)
Update voor Windows XP (KB971029)
Update voor Windows XP (KB971737)
Update voor Windows XP (KB973687)
Update voor Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.11
WebFldrs XP
WebReg
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell 1.0
Windows XP Service Pack 3
YouTube Downloader Toolbar v4.7
YTD Video Downloader 3.9.4
Zylom Games Player Plugin
==== Deleting Files \ Folders ======================
"C:\Documents and Settings\admin\OOo_3.3.0_Win_x86_install-wJRE_nl.exe" deleted
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\DOCUME~1\admin\LOCALS~1\Temp ====
2013-01-13 21:14:02 4B3BA728905957A78886034A8BA86C7D 18339544 ----a-w- C:\DOCUME~1\admin\LOCALS~1\Temp\37c337b1-2919-4228-ae63-054a9f774ff5.exe
2013-01-13 21:11:54 4CAB419288A3569B7BFA2D7C03140452 3087584 ----a-w- C:\DOCUME~1\admin\LOCALS~1\Temp\6e6b6a45-6a7f-4618-b4b2-d954364165b5.exe
====== C:\WINDOWS\system32 =====
2013-01-15 02:18:31 3EEBB957AC98AD07D06E4238A8BC7413 1190 ----a-w- C:\WINDOWS\System32\ServiceConfig.xml
2013-01-13 21:16:58 7D7A100919F0416FAC602F5345005058 44424 ----a-w- C:\WINDOWS\System32\sbbd.exe
====== C:\WINDOWS\system32\drivers =====
2013-01-13 21:16:58 483924F92E55A5F9423201EC635E2CED 13560 ----a-w- C:\WINDOWS\System32\drivers\gfibto.sys
====== C:\WINDOWS\Tasks ======
2013-01-13 21:49:46 AB9FAE1111E5082D96C04BBF51456413 944 ----a-w- C:\WINDOWS\Tasks\Ad-Aware Antivirus Scheduled Scan.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-01-20 12:12:13 -------- d-----w- C:\Program Files\Trend Micro
2013-01-13 21:21:34 -------- d-----w- C:\Program Files\Ad-Aware Antivirus
2013-01-13 21:13:36 -------- d-----w- C:\Program Files\Toolbar Cleaner
2013-01-07 11:46:11 -------- d-----w- C:\Program Files\MSBuild
2013-01-07 11:46:00 -------- d-----w- C:\Program Files\Reference Assemblies
======= C: =====
2013-01-21 22:37:14 B6E6F0FC19E3804ED48967B10D4FABB5 5783 ----a-w- C:\AdwCleaner[s1].txt
====== C:\Documents and Settings\admin\Application Data ======
2013-01-13 21:48:41 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
2013-01-13 21:45:01 -------- d-----w- C:\Documents and Settings\admin\Application Data\LavasoftStatistics
2013-01-13 21:17:09 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\Downloaded Installations
2013-01-13 21:14:02 -------- d-----w- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp
2013-01-13 21:13:54 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
2013-01-07 14:08:14 -------- d-----w- C:\Documents and Settings\admin\Application Data\ElevatedDiagnostics
====== C:\Documents and Settings\admin ======
====== C: exe-files ==
2013-01-21 22:35:33 0F76DD0978CB15119F6A8D45A0C94023 574315 ----a-w- C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe
=== C: other files ==
2013-01-23 20:15:03 3AF86A0ECF010C7E6E2E5E7D49E069AF 154712561 ----a-w- C:\Documents and Settings\All Users\Bureaublad\sample_20132301_2114.zip
2013-01-22 16:57:14 A067FD7FE78950C95CC4CD41570849D4 6970 ----a-w- C:\Documents and Settings\admin\Local Settings\Application Data\adawarebp\data\temp.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
[HKEY_USERS\S-1-5-21-2097683373-1679141021-1366619321-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"TimeCalendar"="C:\Program Files\TimeCalendar\TC.exe auto"
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe"
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 -reboot 1"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE"
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe"
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe"
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe"
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe"
"Logitech Utility"="Logi_MwX.Exe"
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"
"EPSON Stylus Photo R340 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE /P30 EPSON Stylus Photo R340 Series /O6 USB001 /M Stylus Photo R340"
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe"
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"
"Ad-Aware Browsing Protection"="C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
"TimeCalendar"="C:\Program Files\TimeCalendar\TC.exe auto"
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe"
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 -reboot 1"
==== Startup Folders ======================
2012-05-15 14:44:11 1024 ----a-w- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\Dropbox.lnk
2012-01-09 21:33:12 864 ----a-w- C:\Documents and Settings\admin\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk
2008-05-17 09:15:36 1757 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Adobe Reader Snelle start.lnk
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job --a------ C:\PROGRA1\AD-AWA1\AdAwareLauncher.exe []
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job --a------ C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/01/2013 20:52]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/01/2010 11:16]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/01/2010 11:16]
C:\WINDOWS\tasks\MP Scheduled Scan.job --ah----- C:\Program Files\Windows Defender\MpCmdRun.exe [03/11/2006 18:20]
C:\WINDOWS\tasks\NSSstub.job --a------ C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [23/09/2009 17:30]
C:\WINDOWS\tasks\NSSstub.job --a------ downloadC:\WINDOWS\system32\Adobe\Shockwave 11\adminNSSStub exe0 []
C:\WINDOWS\tasks\NSSstub.job --a------ C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [23/09/2009 17:30]
C:\WINDOWS\tasks\NSSstub.job --a------ downloadC:\WINDOWS\system32\Adobe\Shockwave 11\adminNSSStub exe0 []
C:\WINDOWS\tasks\NSSstub.job --a------ s 3C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe []
C:\WINDOWS\tasks\NSSstub.job --a------ C:\WINDOWS\system32\Adobe\Shockwave 11\adminNSSStub exe0 []
C:\WINDOWS\tasks\UQNAEBM.job --a------ C:\WINDOWS\system32\rundll32.exe [14/04/2008 18:03]
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\Exts\Chrome.crx[26/09/2012 04:11]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="Belgian Athletics - Calendar - Results - Rankings - Athletes"
"Search Bar"="Upgrade to Google Chrome"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="Bing"
"Start Page"="Belgian Athletics - Calendar - Results - Rankings - Athletes"
==== All HKCU SearchScopes ======================
HKCU\*\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKCU\*\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing"
HKCU\*\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"
HKCU\*\SearchScopes\{D1736352-4B14-4E0F-8D03-459870CFB33B} Yahoo//search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}"
==== Empty IE Cache ======================
C:\Documents and Settings\admin\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\admin\LOCALS~1\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
-
Google is uit de keuzelijst verdwenen (rechtsboven in de IE toolbar)
Bij zoekopdrachten in google wordt ik nog omgeleid naar google zelf (blanco pagina) maar minder frequent.
Openen van pagina's gebeurt traag.
Ik denk dat ik een groter geheugengebruik heb. Meer meldingen van groot geheugengebruik, een maal zelfs de melding eerst een toepassing sluiten vooraleer verder te gaan.
-
# AdwCleaner v2.107 - Verslag gemaakt op 21/01/2013 om 23:37:14
# Geactualiseerd op 21/01/2013 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : admin - PRELOAD
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Documents and Settings\admin\Bureaublad\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
File Verwijdert : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Map Verwijdert : C:\DOCUME~1\admin\LOCALS~1\Temp\AskSearch
Map Verwijdert : C:\Documents and Settings\admin\Application Data\adawaretb
Map Verwijdert : C:\Documents and Settings\admin\Application Data\AskToolbar
Map Verwijdert : C:\Documents and Settings\admin\Local Settings\Application Data\AskToolbar
Map Verwijdert : C:\Documents and Settings\All Users\Application Data\blekko toolbars
Map Verwijdert : C:\Program Files\adawaretb
Map Verwijdert : C:\Program Files\Ask.com
Map Verwijdert : C:\Program Files\YouTube Downloader Toolbar
Map Verwijdert : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\APN PIP
Sleutel Verwijdert : HKCU\Software\AppDataLow\AskToolbarInfo
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Search Settings
Sleutel Verwijdert : HKCU\Software\Ask.com
Sleutel Verwijdert : HKCU\Software\AskToolbar
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Sleutel Verwijdert : HKLM\Software\PIP
Sleutel Verwijdert : HKLM\Software\Search Settings
Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Waarde Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
***** [browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Het register bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[s1].txt - [5654 octets] - [21/01/2013 23:37:14]
########## EOF - C:\AdwCleaner[s1].txt - [5714 octets] ##########
-
Mako,
Ask (toolbar) kon ik niet deinstaleren (stond niet in de lijst, ook niet als keuze van toolbars in IE)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:41:03, on 21/01/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\QuickTime\qttask.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TimeCalendar\TC.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Belgian Athletics - Calendar - Results - Rankings - Athletes
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJE.EXE /P30 "EPSON Stylus Photo R340 Series" /O6 "USB001" /M "Stylus Photo R340"
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TimeCalendar] "C:\Program Files\TimeCalendar\TC.exe" auto
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\admin\Application Data\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
--
End of file - 10129 bytes
Malwarebytes Anti-Malware 1.70.0.1100
Databaseversie: v2013.01.21.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
admin :: PRELOAD [administrator]
21/01/2013 20:59:57
mbam-log-2013-01-21 (20-59-57).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 242650
Verstreken tijd: 20 minuut/minuten, 57 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Related Searches
in Archief Bestrijding malware & virussen
Geplaatst:
Ja, het komt niet meer voor.
De iconen op het bureaublad heb ik ook terug (aangevinkt in de rechtermuismenu onder 'beeld')
Bedankt hiervoor
Zal mijn malwarebeveiliging ook moeten bekijken.
Danny