signorita

Dank je voor je hulp ,bij deze zal ik het als opgelost afsluiten.

o jee dan kunnen ze bij je bankgegevens toch?.

Nee alles is toppie ,nogmaals hartelijk dank.

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:26:02, on 28-2-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12299 bytes

twee pup blabbers waren er. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.02.28.04 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Compaq :: PC_VAN_COMPAQ [administrator] 28-2-2013 10:25:01 mbam-log-2013-02-28 (10-25-01).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 219746 Verstreken tijd: 15 minuut/minuten, 31 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

pffff het word nu iets te moeilijk voor mij denk ik?

Ik heb deze malware ,maar zie Meer functies tab niet te staan? - - - Updated - - - Bedoel je dit?

Gedaan ,moet ik nu nog iets doen? - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:02:48, on 27-2-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\BlueStacks\HD-Adb.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Presario&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 216.239.32.20 www.google.ae # bck9 O1 - Hosts: 216.239.32.20 www.google.at # bck9 O1 - Hosts: 216.239.32.20 www.google.be # bck9 O1 - Hosts: 216.239.32.20 www.google.ca # bck9 O1 - Hosts: 216.239.32.20 www.google.ch # bck9 O1 - Hosts: 216.239.32.20 www.google.cl # bck9 O1 - Hosts: 216.239.32.20 www.google.co.il # bck9 O1 - Hosts: 216.239.32.20 www.google.co.in # bck9 O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9 O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9 O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9 O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9 O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9 O1 - Hosts: 216.239.32.20 www.google.co.za # bck9 O1 - Hosts: 216.239.32.20 www.google.com # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9 O1 - Hosts: 216.239.32.20 www.google.com.au # bck9 O1 - Hosts: 216.239.32.20 www.google.com.br # bck9 O1 - Hosts: 216.239.32.20 www.google.com.co # bck9 O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9 O1 - Hosts: 216.239.32.20 www.google.com.my # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9 O1 - Hosts: 216.239.32.20 www.google.de # bck9 O1 - Hosts: 216.239.32.20 www.google.dk # bck9 O1 - Hosts: 216.239.32.20 www.google.es # bck9 O1 - Hosts: 216.239.32.20 www.google.fi # bck9 O1 - Hosts: 216.239.32.20 www.google.fr # bck9 O1 - Hosts: 216.239.32.20 www.google.it # bck9 O1 - Hosts: 216.239.32.20 www.google.lt # bck9 O1 - Hosts: 216.239.32.20 www.google.lv # bck9 O1 - Hosts: 216.239.32.20 www.google.nl # bck9 O1 - Hosts: 216.239.32.20 www.google.pl # bck9 O1 - Hosts: 216.239.32.20 www.google.pt # bck9 O1 - Hosts: 216.239.32.20 www.google.ro # bck9 O1 - Hosts: 216.239.32.20 www.google.ru # bck9 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14473 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:56:43, on 27-2-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\BlueStacks\HD-Adb.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Presario&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 216.239.32.20 www.google.ae # bck9 O1 - Hosts: 216.239.32.20 www.google.at # bck9 O1 - Hosts: 216.239.32.20 www.google.be # bck9 O1 - Hosts: 216.239.32.20 www.google.ca # bck9 O1 - Hosts: 216.239.32.20 www.google.ch # bck9 O1 - Hosts: 216.239.32.20 www.google.cl # bck9 O1 - Hosts: 216.239.32.20 www.google.co.il # bck9 O1 - Hosts: 216.239.32.20 www.google.co.in # bck9 O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9 O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9 O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9 O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9 O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9 O1 - Hosts: 216.239.32.20 www.google.co.za # bck9 O1 - Hosts: 216.239.32.20 www.google.com # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9 O1 - Hosts: 216.239.32.20 www.google.com.au # bck9 O1 - Hosts: 216.239.32.20 www.google.com.br # bck9 O1 - Hosts: 216.239.32.20 www.google.com.co # bck9 O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9 O1 - Hosts: 216.239.32.20 www.google.com.my # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9 O1 - Hosts: 216.239.32.20 www.google.de # bck9 O1 - Hosts: 216.239.32.20 www.google.dk # bck9 O1 - Hosts: 216.239.32.20 www.google.es # bck9 O1 - Hosts: 216.239.32.20 www.google.fi # bck9 O1 - Hosts: 216.239.32.20 www.google.fr # bck9 O1 - Hosts: 216.239.32.20 www.google.it # bck9 O1 - Hosts: 216.239.32.20 www.google.lt # bck9 O1 - Hosts: 216.239.32.20 www.google.lv # bck9 O1 - Hosts: 216.239.32.20 www.google.nl # bck9 O1 - Hosts: 216.239.32.20 www.google.pl # bck9 O1 - Hosts: 216.239.32.20 www.google.pt # bck9 O1 - Hosts: 216.239.32.20 www.google.ro # bck9 O1 - Hosts: 216.239.32.20 www.google.ru # bck9 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14452 bytes - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:56:43, on 27-2-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\BlueStacks\HD-Adb.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Presario&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 216.239.32.20 www.google.ae # bck9 O1 - Hosts: 216.239.32.20 www.google.at # bck9 O1 - Hosts: 216.239.32.20 www.google.be # bck9 O1 - Hosts: 216.239.32.20 www.google.ca # bck9 O1 - Hosts: 216.239.32.20 www.google.ch # bck9 O1 - Hosts: 216.239.32.20 www.google.cl # bck9 O1 - Hosts: 216.239.32.20 www.google.co.il # bck9 O1 - Hosts: 216.239.32.20 www.google.co.in # bck9 O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9 O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9 O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9 O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9 O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9 O1 - Hosts: 216.239.32.20 www.google.co.za # bck9 O1 - Hosts: 216.239.32.20 www.google.com # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9 O1 - Hosts: 216.239.32.20 www.google.com.au # bck9 O1 - Hosts: 216.239.32.20 www.google.com.br # bck9 O1 - Hosts: 216.239.32.20 www.google.com.co # bck9 O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9 O1 - Hosts: 216.239.32.20 www.google.com.my # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9 O1 - Hosts: 216.239.32.20 www.google.de # bck9 O1 - Hosts: 216.239.32.20 www.google.dk # bck9 O1 - Hosts: 216.239.32.20 www.google.es # bck9 O1 - Hosts: 216.239.32.20 www.google.fi # bck9 O1 - Hosts: 216.239.32.20 www.google.fr # bck9 O1 - Hosts: 216.239.32.20 www.google.it # bck9 O1 - Hosts: 216.239.32.20 www.google.lt # bck9 O1 - Hosts: 216.239.32.20 www.google.lv # bck9 O1 - Hosts: 216.239.32.20 www.google.nl # bck9 O1 - Hosts: 216.239.32.20 www.google.pl # bck9 O1 - Hosts: 216.239.32.20 www.google.pt # bck9 O1 - Hosts: 216.239.32.20 www.google.ro # bck9 O1 - Hosts: 216.239.32.20 www.google.ru # bck9 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14452 bytes

Shortcut Cleaner 1.2.1 by Lawrence Abrams (Grinler) Bleeping Computer - Technical Support and Computer Help Copyright 2008-2013 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: Shortcut Cleaner Download Program started at: 02/27/2013 04:04:52 PM. Searching C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\ Searching C:\ProgramData\Microsoft\Windows\Start Menu\ Searching C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ Searching C:\Users\Compaq\Desktop\ * Shortcut Cleaned: C:\Users\Compaq\Desktop\Launch Internet Explorer Browser.lnk => C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! 1 bad shortcut found. Program finished at: 02/27/2013 04:04:55 PM Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s) - - - Updated - - - yehhhhhhhhhh het is gelukt. - - - Updated - - - pffffff was een zware bevalling.....hartelijk dank voor je hulp en geduld .

Deze blijft dus. 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! Hij blijt ook staan bij huidige gebruiken

Ik begrijp je vraag niet goed?. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:33:04, on 27-2-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\BlueStacks\HD-Adb.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ÿþ127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 216.239.32.20 www.google.ae # bck9 O1 - Hosts: 216.239.32.20 www.google.at # bck9 O1 - Hosts: 216.239.32.20 www.google.be # bck9 O1 - Hosts: 216.239.32.20 www.google.ca # bck9 O1 - Hosts: 216.239.32.20 www.google.ch # bck9 O1 - Hosts: 216.239.32.20 www.google.cl # bck9 O1 - Hosts: 216.239.32.20 www.google.co.il # bck9 O1 - Hosts: 216.239.32.20 www.google.co.in # bck9 O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9 O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9 O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9 O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9 O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9 O1 - Hosts: 216.239.32.20 www.google.co.za # bck9 O1 - Hosts: 216.239.32.20 www.google.com # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9 O1 - Hosts: 216.239.32.20 www.google.com.au # bck9 O1 - Hosts: 216.239.32.20 www.google.com.br # bck9 O1 - Hosts: 216.239.32.20 www.google.com.co # bck9 O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9 O1 - Hosts: 216.239.32.20 www.google.com.my # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9 O1 - Hosts: 216.239.32.20 www.google.de # bck9 O1 - Hosts: 216.239.32.20 www.google.dk # bck9 O1 - Hosts: 216.239.32.20 www.google.es # bck9 O1 - Hosts: 216.239.32.20 www.google.fi # bck9 O1 - Hosts: 216.239.32.20 www.google.fr # bck9 O1 - Hosts: 216.239.32.20 www.google.it # bck9 O1 - Hosts: 216.239.32.20 www.google.lt # bck9 O1 - Hosts: 216.239.32.20 www.google.lv # bck9 O1 - Hosts: 216.239.32.20 www.google.nl # bck9 O1 - Hosts: 216.239.32.20 www.google.pl # bck9 O1 - Hosts: 216.239.32.20 www.google.pt # bck9 O1 - Hosts: 216.239.32.20 www.google.ro # bck9 O1 - Hosts: 216.239.32.20 www.google.ru # bck9 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14457 bytes - - - Updated - - - De startpagina die ik heb ingesteld is http://nl.msn.com/ maar de 22 find tapak portal bijft als startpagina ,nu nog steeds. - - - Updated - - - De startpagina die ik heb ingesteld is http://nl.msn.com/ maar de 22 find tapak portal bijft als startpagina ,nu nog steeds. - - - Updated - - - De startpagina die ik heb ingesteld is http://nl.msn.com/ maar de 22 find tapak portal bijft als startpagina ,nu nog steeds. - - - Updated - - - Sorry hier ging ook iets niet goed .

De computer herstarte gelijk. ======= COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.69.0 log created on 02272013_152048

De tapak portal is er nog steeds. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:33:11, on 27-2-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O1 - Hosts: 216.239.32.20 www.google.ae # bck9 O1 - Hosts: 216.239.32.20 www.google.at # bck9 O1 - Hosts: 216.239.32.20 www.google.be # bck9 O1 - Hosts: 216.239.32.20 www.google.ca # bck9 O1 - Hosts: 216.239.32.20 www.google.ch # bck9 O1 - Hosts: 216.239.32.20 www.google.cl # bck9 O1 - Hosts: 216.239.32.20 www.google.co.il # bck9 O1 - Hosts: 216.239.32.20 www.google.co.in # bck9 O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9 O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9 O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9 O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9 O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9 O1 - Hosts: 216.239.32.20 www.google.co.za # bck9 O1 - Hosts: 216.239.32.20 www.google.com # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9 O1 - Hosts: 216.239.32.20 www.google.com.au # bck9 O1 - Hosts: 216.239.32.20 www.google.com.br # bck9 O1 - Hosts: 216.239.32.20 www.google.com.co # bck9 O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9 O1 - Hosts: 216.239.32.20 www.google.com.my # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9 O1 - Hosts: 216.239.32.20 www.google.de # bck9 O1 - Hosts: 216.239.32.20 www.google.dk # bck9 O1 - Hosts: 216.239.32.20 www.google.es # bck9 O1 - Hosts: 216.239.32.20 www.google.fi # bck9 O1 - Hosts: 216.239.32.20 www.google.fr # bck9 O1 - Hosts: 216.239.32.20 www.google.it # bck9 O1 - Hosts: 216.239.32.20 www.google.lt # bck9 O1 - Hosts: 216.239.32.20 www.google.lv # bck9 O1 - Hosts: 216.239.32.20 www.google.nl # bck9 O1 - Hosts: 216.239.32.20 www.google.pl # bck9 O1 - Hosts: 216.239.32.20 www.google.pt # bck9 O1 - Hosts: 216.239.32.20 www.google.ro # bck9 O1 - Hosts: 216.239.32.20 www.google.ru # bck9 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14344 bytes

Zoek.exe Version 4.0.0.1 Updated 25-02-2013 Tool run by Compaq on di 26-02-2013 at 23:06:06,28. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== "C:\Users\Compaq\AppData\Roaming\Awads\anedk.syp" deleted "C:\Users\Compaq\AppData\Roaming\Nyon\yxtu.tmp" deleted "C:\Users\Compaq\AppData\Roaming\Wiisa\ohos.ixo" deleted "C:\Users\Compaq\AppData\Roaming\Yxlen\unoco.yva" deleted "C:\Users\Compaq\AppData\Roaming\Raptr\ltc\[help] Dwm.exe.log" deleted "C:\Users\Compaq\AppData\Roaming\Raptr\ltc\[help] lxdiamon.exe.log" deleted "C:\Users\Compaq\AppData\Roaming\Raptr\ltc\[help] PMBVolumeWatcher.exe.log" deleted "C:\Users\Compaq\AppData\Roaming\Awads" deleted "C:\Users\Compaq\AppData\Roaming\Ewoliv" deleted "C:\Users\Compaq\AppData\Roaming\Nyon" deleted "C:\Users\Compaq\AppData\Roaming\Raptr" deleted "C:\Users\Compaq\AppData\Roaming\Uccy" deleted "C:\Users\Compaq\AppData\Roaming\Wiisa" deleted "C:\Users\Compaq\AppData\Roaming\Yxlen" deleted "C:\Users\Compaq\AppData\Roaming\Raptr\ltc" deleted ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe C:\Users\Public\Desktop\Adobe Reader X .lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\RealPlay.exe /launch:desktop C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - c:\Users\Compaq\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 Help.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 verwijderen.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games.lnk - C:\Program Files\IncrediMail\Bin\IncrediGamesStart.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail Gallery.lnk - C:\Program Files\IncrediMail\Bin\IncrediGalleryStart.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Letter Creator.lnk - C:\Program Files\IncrediMail\Bin\ImLc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Uninstall IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\EU Waste Electronics Information.LNK - C:\Windows\System32\spool\drivers\w32x86\3\EU_Waste_Electronic_Information.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Cartridge Diagnostic Wizard.LNK - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Imaging Studio.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Solution Center.LNK - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdipswx.exe /M=Lexmark 3500-4500 Series /T=100 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Release Notes.LNK - C:\Windows\System32\write.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdirme.doc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Uninstall Lexmark 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\Install\x86\Uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\User's Guide.LNK - C:\Program Files\Lexmark 3500-4500 Series\LXDIuser.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Wireless Configuration Utility.LNK - C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe /ini=lxdiina.ini /title="Wireless Configuration Utility" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files\Real\RealPlayer\realconverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files\Real\RealPlayer\realtrimmer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:start_menu ==== shortcuts in Quick Launch ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

OTL Extras logfile created on: 26-2-2013 14:38:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Compaq\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 2,93 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 57,42% Memory free 6,07 Gb Paging File | 4,66 Gb Available in Paging File | 76,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 223,00 Gb Total Space | 127,22 Gb Free Space | 57,05% Space Free | Partition Type: NTFS Drive D: | 9,88 Gb Total Space | 1,72 Gb Free Space | 17,39% Space Free | Partition Type: NTFS Computer Name: PC_VAN_COMPAQ | User Name: Compaq | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-279592566-1776291336-1976008511-1000] "EnableNotificationsRef" = 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Lexmark 3500-4500 Series\app4r.exe" = C:\Program Files\Lexmark 3500-4500 Series\app4r.exe:*:Enabled:Lexmark Imaging Studio -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{18A1A743-4168-4BA3-ADE8-9898B5DBA17E}" = rport=137 | protocol=17 | dir=out | app=system | "{300E21A1-1CF1-4D2A-9E0E-175E041A5614}" = rport=139 | protocol=6 | dir=out | app=system | "{559A1832-A305-4651-90FD-130C23F8B142}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | "{6E7FB010-0B8C-49AC-912E-8277DB88E4F2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe | "{79E5E98C-D2BB-4B12-A82B-228BB2A756C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{81FEE34A-4EA1-4A76-8114-81EFCBC9AAFA}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | "{9481AAFF-260E-4A9A-A018-8EC1F3153FE0}" = lport=2869 | protocol=6 | dir=in | app=system | "{97F919CB-820A-46EC-8981-198BC53DBB6F}" = lport=445 | protocol=6 | dir=in | app=system | "{9B10ECF4-01A6-46E0-8A3F-3EC5BC6E5B82}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{9EADCE8E-4FF7-4254-B7C9-2C7275539151}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{9F9780BC-74AC-4508-83A5-0AB2DE6295C4}" = lport=137 | protocol=17 | dir=in | app=system | "{AD2D2C31-3E53-417A-840E-4E164CF1FD17}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | "{B4AF8737-9C02-45A6-BC9E-2789ABD883C4}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | "{C17F01A6-F0DA-4776-9F37-E0E7908E74DE}" = lport=138 | protocol=17 | dir=in | app=system | "{D58DEF67-94CF-4AA3-9D61-7DC021F5C75C}" = rport=138 | protocol=17 | dir=out | app=system | "{E1963F80-02CA-4ADB-8F0D-BDB993100CA1}" = rport=445 | protocol=6 | dir=out | app=system | "{E6FC7BCF-44D2-4F60-8FEC-EFE2A24ABA18}" = lport=139 | protocol=6 | dir=in | app=system | "{EE34BBAD-DAF2-453F-BAA0-A81F29D6F121}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{FCC2CB3F-2AED-4C61-AE36-BF2191B37AE8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02D62730-888C-43AE-8DAB-B2291A455DB0}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe | "{05E6743A-7946-434C-A90B-328D94B8ACC6}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{11E69078-DB13-4D51-864F-63FD11853F6A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{14AC5918-98E8-4E61-A7FE-D1A7CF55C860}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe | "{152DD921-B268-4401-90C6-C93C63320480}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdiwbgw.exe | "{180CA938-813E-449B-88B4-25A138A8AC7C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe | "{1AF91C02-18C6-4FD6-B71F-AA8028A9338F}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe | "{24EE4D6A-E3AE-4FAD-8359-FE8BDE905EC3}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicfg.exe | "{2539C5FC-BF4E-4D25-A029-6255963016E2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | "{25B192E7-AE2E-42D3-A7CB-44198C69A129}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{2771DFE3-EF68-4540-840E-A72DB417197C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe | "{308737A5-494B-457B-82F7-FD119DEB1143}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicfg.exe | "{32D5D43B-89AF-41DE-833D-E13C610B175D}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicoms.exe | "{33DBF006-B066-4565-9849-B4D4F6EC6C0D}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe | "{3D255840-61FF-42E0-8A81-B94A005AF981}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe | "{40E886DE-B900-4F9D-B805-84053D6185DF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe | "{44A2381C-5D0F-4A08-9893-88329902832B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{4671CE95-D1B2-4C08-9BC2-C4780E3E01F1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | "{4746410F-9B46-45D6-97B2-2245AD68F782}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{49706F90-0608-454C-9209-302D617B70EE}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4F478F9B-36A5-4A6A-AA33-EAA4BC9FE1FE}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicoms.exe | "{50C920CE-0F8D-4ADE-99DF-EAFA1B0A61F2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{59DF1409-D38B-4CDF-A7B6-4950FC6502D1}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdijswx.exe | "{5B84407C-B767-4F36-9545-5A06C9C8199B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe | "{5C7DFC44-9B96-44B9-801C-4593CBC63FD5}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{5CD081A2-01B6-4C78-9179-EA5BB88A5789}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe | "{5D6E5DD4-322E-4CBD-ABB2-28931BA712DE}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe | "{61C430A5-4472-4857-9925-BB14F7B3560E}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | "{634A4F69-F778-47EA-8975-D6F7548AB8BC}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicoms.exe | "{642E8C84-18C2-4714-92C3-264DCE89B785}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe | "{680D0534-8250-4824-83E6-8F67771EC7ED}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{68464D96-DBB5-4C92-A4FA-EEEC6E39836A}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe | "{6E56F282-A0BA-49E0-BA79-10FF154C06B9}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{82448B05-9B1C-4A6F-B009-7C8ED72BF326}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe | "{84373634-DDF9-412B-80BB-7F243A59E853}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe | "{87836444-C58E-4D17-8538-427425CCDB1A}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe | "{88BBA5D4-122F-402C-A82D-416C1A1D07A6}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe | "{8ACAD506-D4AA-44A4-98BA-7E544985DBEC}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe | "{8EFC894A-1BE7-405C-8AD8-76B1169A6D55}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe | "{9170C214-5F6D-4C16-937A-2108EB202C56}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe | "{92ECB321-1724-4286-A762-5FC24F7391CA}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe | "{9CE9D743-6430-4FBF-9262-41FA2C00CB7D}" = dir=in | app=c:\program files\hp\quickplay\qp.exe | "{A6144261-2C93-43C7-8EF2-E01874B5689D}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe | "{A6413273-792C-44A5-AFC4-2634FF17852A}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe | "{A6D0E51A-2E21-4BFB-95E9-9554B4A600F6}" = protocol=17 | dir=in | app=c:\windows\system32\lxdiih.exe | "{A9918AED-9743-460F-BB05-54D9CA21FAA7}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{A9D789A6-F049-48F5-A7BE-3CC3ADA28414}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe | "{AD8AB678-218A-446D-B53C-54FF3650ACC5}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe | "{AE2A27BD-B121-46D6-AD61-3672F36A8E8F}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe | "{B8337443-3177-4434-BD75-6F8941FE7183}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe | "{CB9D59B6-3392-488B-8977-EC31C8056600}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{D355BCDC-9ADB-44F6-AD3B-95637C605917}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe | "{D85FFEB6-8E48-4E1F-851C-93E24B9F6E78}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdijswx.exe | "{DBC8D630-C586-4A17-91BE-A0A27774DF40}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{DD004F76-3C80-4FF0-8313-922A29349442}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicoms.exe | "{E1D902CD-7498-452D-B58E-5D731B76E144}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdiwbgw.exe | "{E38CFCF2-09BA-46F0-BCF2-BAFF2E15384D}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe | "{EE56D171-9EA1-4308-B34A-62550DEE50B3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{EF542A26-01BD-4C14-A322-BEB13A854588}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{F5D8432D-A08D-4637-8034-40A5757FF2D6}" = protocol=6 | dir=in | app=c:\windows\system32\lxdiih.exe | "{F9BD8E96-AA89-47A3-8645-08D719A1F566}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | "{FAAC0F7F-BC9C-4055-83BE-83DA08F33273}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{FB3F69E0-4ED8-443B-A0D2-1FC5826B83BD}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe | "TCP Query User{1BB9250A-382A-408A-B564-057C3875B7D5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{22BB3695-E01E-4CB3-ADB6-CB0527207ECF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{27F35F09-8719-4116-919A-B587CDBC889C}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | "TCP Query User{33B57C6C-C9F4-4503-AE32-FCFD7405957B}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{35BA2914-FDF2-4950-9C42-44399F22E1CD}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe | "TCP Query User{4C7F79BB-4107-4B07-85A5-CA12B214D98E}C:\program files\real\realplayer\recordingmanager.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe | "TCP Query User{66C6071C-A04C-403A-8BA1-0D76036CDFE2}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe | "TCP Query User{7199B439-60DE-4A7A-91B9-2218308A25FF}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe | "TCP Query User{8009915E-B2F7-4B59-B91A-75C51FD10F4E}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{9298CCBB-773E-4B55-B332-5ED40234559F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{B84CB8F4-E3D3-4E5F-91F6-9BAFF868974F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{DB4B4264-2ABF-42FC-B8DC-712D311E995B}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "TCP Query User{F9B79CAA-EF06-4305-A37E-0042204C6AC9}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | "UDP Query User{169DCAE8-5882-4B1D-8926-C28874F5D519}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{1885C449-0408-429C-AE6C-B34C1E2612CD}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{1F746344-883B-41FE-91AB-499B82F3F8ED}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe | "UDP Query User{1FF8279C-E160-4833-B00D-03506C8D3386}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{422AEA87-810B-40EA-9BD9-04C8E78063B6}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{4A67FEF2-5D65-4FB2-830D-4C9B539294D7}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | "UDP Query User{5C374A73-239D-4E6C-BABD-D657641216AA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{67CDA50E-C28F-4428-B6E8-3A0EBFAF9F52}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe | "UDP Query User{8DC5352B-5E59-45A2-B270-2BF6648A3328}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | "UDP Query User{B6653475-A5DF-443A-8447-40AFCB154A90}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{D0900749-22B8-42DF-80BE-9AB70AEF2E6C}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe | "UDP Query User{DA767932-CAA0-4E21-B507-0F523D5F47A4}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "UDP Query User{F6279A74-5F44-47C9-8E49-AF69C683E032}C:\program files\real\realplayer\recordingmanager.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1 "{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR "{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3 "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack "{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java 6 Update 29 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2 "{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module "{41A63ADA-088B-1C2D-43B3-E4087FE79881}" = Pixlr-o-matic "{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7 "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E1E1394-F813-420E-A4D0-63D6FE26ACBE}" = BlueStacks "{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client NL-NL Language Pack "{5158F1F5-FA1B-4D49-B546-55A5004B89BD}" = Microsoft Works "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3 "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion "{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003 "{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client "{98EFD8F0-08DE-48DB-B922-A2EBAB711043}" = Nero 7 Ultra Edition "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A2090170-70B6-40D6-8B43-04ECDC641EA6}" = TuneUp Utilities Language Pack (nl-NL) "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Nederlands "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player "{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118 "{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0 "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3 "{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent "{DE99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_CL "{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW "{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}" = IPM_PSP_COM "{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}" = Microsoft Antimalware Service NL-NL Language Pack "{FDFE5E63-116A-4655-9B4D-29F4AFE441B3}" = IncrediMail "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Aangifte inkomstenbelasting 2009" = Aangifte inkomstenbelasting 2009 "Aangifte inkomstenbelasting 2012" = Aangifte inkomstenbelasting 2012 "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Acrobat 4.0" = Adobe Acrobat 4.0 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AviSynth" = AviSynth 2.6 "Blue Coat K9 Web Protection" = Blue Coat K9 Web Protection "BSRScreenRecorder5" = BSR Screen Recorder 5 "CCleaner" = CCleaner "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "Creative OA004" = Integrated Webcam Driver (1.00.03.0720) "Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228 "HDMI" = Intel® Graphics Media Accelerator Driver "HelixYUVCodecs" = Helix YUV Codecs (remove only) "IE New Window Maximizer_is1" = IE New Window Maximizer 2.4 "Imikimi Plugin" = Imikimi Plugin "IncrediMail" = IncrediMail 2.0 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "Jasc Paint Shop Pro 8.06 Update Patch" = Jasc Paint Shop Pro 8.06 Update Patch "Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series "Lexmark Fax Solutions" = Lexmark Faxoplossingen "LHTTSDUN" = L&H TTS3000 Nederlands "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD "Microsoft Security Client" = Microsoft Security Essentials "PaintStar_is1" = PaintStar 2.70 "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "PhotoFiltre" = PhotoFiltre "PhotoMail" = PhotoMail Maker "PhotoScape" = PhotoScape "PhotoToolkit_is1" = Photo! Editor 1.1 "Picasa 3" = Picasa 3 "Pixlromatic" = Pixlr-o-matic "Popims Animator" = Popims Animator "RealPlayer 16.0" = RealPlayer "Sqirlz Water Reflections" = Sqirlz Water Reflections "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeamViewer 8" = TeamViewer 8 "TuneUp Utilities 2012" = TuneUp Utilities 2012 "Uninstall_is1" = Uninstall 1.0.0.1 "uTorrent" = µTorrent "VLC media player" = VLC media player 2.0.4 "WildTangent hp Master Uninstall" = My HP Games "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "WinGimp-2.0_is1" = GIMP 2.6.11 "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.00 (32-bit) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25-2-2013 15:30:10 | Computer Name = PC_van_Compaq | Source = VSS | ID = 8194 Description = Error - 25-2-2013 18:17:04 | Computer Name = PC_van_Compaq | Source = SideBySide | ID = 16842785 Description = Kan activeringscontext voor 'C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe' niet maken. Kan afhankelijke assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error - 25-2-2013 18:17:04 | Computer Name = PC_van_Compaq | Source = SideBySide | ID = 16842785 Description = Kan activeringscontext voor 'C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe' niet maken. Kan afhankelijke assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error - 25-2-2013 18:21:42 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013 Description = Error - 25-2-2013 18:21:43 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013 Description = Error - 26-2-2013 3:24:17 | Computer Name = PC_van_Compaq | Source = BstHdAndroidSvc | ID = 0 Description = Service kan niet worden gestart. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bij BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26-2-2013 7:39:23 | Computer Name = PC_van_Compaq | Source = BstHdAndroidSvc | ID = 0 Description = Service kan niet worden gestart. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bij BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26-2-2013 7:43:25 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013 Description = Error - 26-2-2013 7:43:25 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013 Description = Error - 26-2-2013 9:26:28 | Computer Name = PC_van_Compaq | Source = BstHdAndroidSvc | ID = 0 Description = Service kan niet worden gestart. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. bij BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26-2-2013 9:30:33 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013 Description = Error - 26-2-2013 9:30:33 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013 Description = Error - 26-2-2013 9:30:34 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013 Description = [ System Events ] Error - 26-2-2013 9:25:28 | Computer Name = PC_van_Compaq | Source = EventLog | ID = 6008 Description = De vorige afsluiting van het systeem om 14:24:24 op 26-2-2013 is onverwacht gebeurd. Error - 26-2-2013 9:25:35 | Computer Name = PC_van_Compaq | Source = HTTP | ID = 15021 Description = Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7000 Description = Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7009 Description = Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7000 Description = Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7009 Description = Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7000 Description = Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7023 Description = Error - 26-2-2013 9:27:56 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7026 Description = Error - 26-2-2013 9:30:16 | Computer Name = PC_van_Compaq | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = < End of report >

OTL logfile created on: 26-2-2013 14:38:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Compaq\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 2,93 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 57,42% Memory free 6,07 Gb Paging File | 4,66 Gb Available in Paging File | 76,90% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 223,00 Gb Total Space | 127,22 Gb Free Space | 57,05% Space Free | Partition Type: NTFS Drive D: | 9,88 Gb Total Space | 1,72 Gb Free Space | 17,39% Space Free | Partition Type: NTFS Computer Name: PC_VAN_COMPAQ | User Name: Compaq | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013-02-26 14:36:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Compaq\Desktop\OTL.com PRC - [2013-02-17 10:23:47 | 000,367,016 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe PRC - [2013-02-17 10:23:47 | 000,264,616 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe PRC - [2012-12-14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2012-09-24 16:05:36 | 000,581,496 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-Agent.exe PRC - [2012-09-24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe PRC - [2012-09-12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe PRC - [2012-09-12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012-09-12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012-08-31 01:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012-08-31 01:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2012-08-31 01:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe PRC - [2012-06-21 15:52:06 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012-02-13 20:02:32 | 001,604,880 | ---- | M] (Blue Coat Systems, Inc.) -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe PRC - [2011-11-23 14:15:40 | 001,510,720 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2011-11-23 14:15:40 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-03-28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2010-11-26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe PRC - [2010-11-26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-07-09 13:27:52 | 001,716,224 | ---- | M] (Textalk AB) -- C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe PRC - [2009-04-10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-10 22:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-10-06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe PRC - [2008-09-16 11:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe PRC - [2007-07-16 12:54:10 | 000,025,264 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe PRC - [2007-07-16 12:54:08 | 000,434,864 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe PRC - [2007-06-11 10:14:52 | 000,517,040 | ---- | M] ( ) -- C:\Windows\System32\lxdicoms.exe PRC - [2005-02-08 23:06:40 | 000,356,352 | ---- | M] (jiiSoft) -- C:\Program Files\IE New Window Maximizer\iemaximizer.exe ========== Modules (No Company Name) ========== MOD - [2013-02-24 14:38:16 | 000,115,137 | ---- | M] () -- C:\Users\Compaq\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll MOD - [2013-02-21 21:07:33 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\d474265b5c15fd23811fac0735946b5e\HD-Agent.ni.exe MOD - [2013-02-21 21:06:13 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\8488df9357dc67a1e3b588534eee094c\JSON.ni.dll MOD - [2013-02-17 10:23:58 | 000,072,104 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\wlessfp1.dll MOD - [2013-02-17 10:23:51 | 000,268,712 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImLookExU.dll MOD - [2013-02-17 10:23:50 | 000,033,128 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\IMHttpComm.dll MOD - [2013-02-17 10:23:49 | 000,133,544 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImComUtlU.dll MOD - [2013-02-16 19:21:53 | 000,108,888 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\PMC.dll MOD - [2013-02-16 19:21:47 | 000,080,296 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImAppRU.dll MOD - [2013-02-14 11:47:28 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll MOD - [2013-02-14 11:47:24 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dab997283369b95e0fc398cdb89d371c\System.Web.ni.dll MOD - [2013-02-14 10:03:35 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll MOD - [2013-02-14 00:17:08 | 005,679,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\d22643f369405d4383fd0f849922d27b\DeviceHost.ni.dll MOD - [2013-02-14 00:16:53 | 001,007,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\cf426f4841c104584469006ed98faa0c\CPKTMusicPlugin.ni.dll MOD - [2013-02-14 00:16:43 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\7bc840787572d2a524538560f48e6110\Kies.Common.Multimedia.ni.dll MOD - [2013-02-14 00:16:39 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\0cdb25093171374a554aa54651a691d2\Kies.Common.MainUI.ni.dll MOD - [2013-02-14 00:16:37 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\94d3268e67e75d23095a9c4a405bacf9\Kies.Common.Util.ni.dll MOD - [2013-02-14 00:16:36 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ed5947fbb20225cda0daf88e33bb3eb0\Kies.UI.ni.dll MOD - [2013-02-14 00:16:33 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\ab98b3421e2bcbd877f3e0f4d58764bc\GongSolutions.Wpf.DragDrop.ni.dll MOD - [2013-02-14 00:16:28 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll MOD - [2013-02-14 00:16:11 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\9b05cc46b2bd88b8a93dd2dfb0a72e14\Kies.ni.exe MOD - [2013-02-14 00:12:54 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll MOD - [2013-01-10 10:48:53 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b454f5723ec86048063fe19d4267d9e8\System.Runtime.Remoting.ni.dll MOD - [2013-01-10 10:48:35 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\391ea916f3b1b284221296777121dc35\Kies.Theme.ni.dll MOD - [2013-01-10 10:48:34 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\7caad59e6acc01209cee77c5e428c9a6\DevicePodcast.ni.dll MOD - [2013-01-10 10:48:32 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\d4e5340e992c8d3987f094cc5c0f87f2\DeviceVideo.ni.dll MOD - [2013-01-10 10:48:31 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e936f228d8ad3a2cde22816e14b3d893\DevicePhoto.ni.dll MOD - [2013-01-10 10:48:30 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\017c339a4736fbfa96b95744f0877439\DeviceMusic.ni.dll MOD - [2013-01-10 10:48:29 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\c2590fedfc1a30b2e6c7cb1d602ae9f5\VideoManager.ni.dll MOD - [2013-01-10 10:48:27 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\f9ef96cc9e4721fa1f850b6d13356188\PodcastService.ni.dll MOD - [2013-01-10 10:48:25 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\ab557a355e92f4a2ad161cd2275e999b\Podcaster.ni.dll MOD - [2013-01-10 10:48:23 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\4108a67787498a2f1f86bdf26165e86b\PhotoManager.ni.dll MOD - [2013-01-10 10:47:57 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\07966428683b0b27f0bb4f24a4f23edd\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll MOD - [2013-01-10 10:47:45 | 003,079,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Pims\8f81c69772bb240267ad2b1de4e9f853\Kies.Common.Pims.ni.dll MOD - [2013-01-10 10:47:40 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\fe551d98cab568470eea1ad9e3cb47c4\Phonebook.ni.dll MOD - [2013-01-10 10:47:30 | 000,024,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\lib_Samsung_WitchPl#\0f6a68e21e4894592e16856189b20199\lib_Samsung_WitchPlaylist_v0.1.ni.dll MOD - [2013-01-10 10:47:29 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\3cdb3b0e0b0bc93200b686744fc05c28\MusicManager.ni.dll MOD - [2013-01-10 10:47:27 | 000,829,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\20c60144e15ea4035a9301293258d9a8\DeviceCommonLib.ni.dll MOD - [2013-01-10 10:47:25 | 000,717,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\578977b7e1a4b0077aa4e234bf3dbc54\Kies.Plugin.ContentsManagerLib.ni.dll MOD - [2013-01-10 10:47:23 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\20ce24f16635a232cba09fc3c4d5fafd\EBookManager.ni.dll MOD - [2013-01-10 10:47:22 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\f7a77e89ba33d2c2abc2be479d531733\BATPlugin.ni.dll MOD - [2013-01-10 10:47:21 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\e6997b13f92eb0cb72aaabb6738fdca5\AllShareController.ni.dll MOD - [2013-01-10 10:47:15 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\fde1089e4b687be72553efa52365caf7\Kies.Common.MediaDB.ni.dll MOD - [2013-01-10 10:47:15 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\84f86f95b5891e6918ac28918493fcad\Kies.Common.StoreManager.ni.dll MOD - [2013-01-10 10:47:13 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll MOD - [2013-01-10 10:47:13 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\76b539a4b51fa911a868ff999087fc26\Kies.Common.AllShare.ni.dll MOD - [2013-01-10 10:47:11 | 000,043,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll MOD - [2013-01-10 10:47:11 | 000,036,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CmdAgentLib\02112949b614855b25bdd7eae4fa464a\Interop.CmdAgentLib.ni.dll MOD - [2013-01-10 10:47:10 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f5c6cb7cd8fe9fde11d3b1baa6273439\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll MOD - [2013-01-10 10:47:10 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AdminCmdAgent\ac715684bfba0fcdb10807c93ef0cca4\AdminCmdAgent.ni.dll MOD - [2013-01-10 10:47:08 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ce0c07379d684b13e16ff3f86859268a\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll MOD - [2013-01-10 10:47:07 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\5e1c9b656623e96ba88a7c843e3c4743\Interop.DevFileServiceLib.ni.dll MOD - [2013-01-10 10:47:07 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CDBurnCOMLib\c1739a9b18cf8b334e60bfc1e4d126db\Interop.CDBurnCOMLib.ni.dll MOD - [2013-01-10 10:47:06 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9449228e5d54148b202cc31e0d122007\Kies.Common.DeviceServiceLib.FileService.ni.dll MOD - [2013-01-10 10:47:05 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.SyncService#\6169b94e04d363fb40d22ff30aaf24df\Interop.SyncServiceLib.ni.dll MOD - [2013-01-10 10:47:04 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1bce0f2823154a17fa5f3bdb3f942fc\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll MOD - [2013-01-10 10:47:03 | 000,083,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceManag#\632874d66534024b811a93de2879d6db\Interop.DeviceManagerLib.ni.dll MOD - [2013-01-10 10:47:03 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\755372b3115e029792125faaf3c1fdc1\Interop.DeviceServiceModelDBLib.ni.dll MOD - [2013-01-10 10:47:02 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3f04fd8571bd8fce43b44e005ed76dcc\Kies.Common.DeviceServiceLib.Interface.ni.dll MOD - [2013-01-10 10:47:02 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceDataS#\cc97d9478b1bcb3c9cb62b65a1f8824c\Interop.DeviceDataServiceLib.ni.dll MOD - [2013-01-10 10:47:02 | 000,053,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.ConnectionM#\94ae8d556c86f6326a1f9b4566948fb7\Interop.ConnectionManagerLib.ni.dll MOD - [2013-01-10 10:47:01 | 000,902,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\862afe4e75ca8c8ff39da665e049a53e\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll MOD - [2013-01-10 10:46:59 | 001,025,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\8347bc592ce3ab9df0ab644cbde32e50\Kies.Common.DeviceService.ni.dll MOD - [2013-01-10 10:46:54 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d5b1b0c6e8a714de39a06e3b61f35fe\System.Management.ni.dll MOD - [2013-01-10 10:46:52 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll MOD - [2013-01-10 10:46:52 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll MOD - [2013-01-10 10:46:51 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll MOD - [2013-01-10 10:46:51 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\e7e551790fd25ab8ad002f1ea6643c3a\Interop.PRPLAYERCORELib.ni.dll MOD - [2013-01-10 10:46:41 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\200fe24fa11e9bcfba932685cd446a90\Kies.Common.DBManager.ni.dll MOD - [2013-01-10 10:46:40 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\b8d3852e5a6e3b88855b66c70584da3f\ICSharpCode.SharpZipLib.ni.dll MOD - [2013-01-10 10:46:40 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll MOD - [2013-01-10 10:46:38 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\f64400a817d3942ff03470493d079229\Interop.DeviceSearchLib.ni.dll MOD - [2013-01-10 10:46:37 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\eb65253ccb5b544e4ca73bd76af5c080\Kies.Locale.ni.dll MOD - [2013-01-10 10:46:36 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\4423d13d5488ed057c1b5124e875e7c8\Kies.MVVM.ni.dll MOD - [2013-01-10 10:46:30 | 001,185,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\9c3350d38de97f460563787b2a3d9a3b\Kies.Interface.ni.dll MOD - [2013-01-10 10:45:49 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll MOD - [2013-01-10 10:45:34 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll MOD - [2013-01-10 01:11:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll MOD - [2013-01-10 01:10:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll MOD - [2013-01-10 01:10:46 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll MOD - [2013-01-10 01:10:00 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll MOD - [2013-01-10 01:08:34 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll MOD - [2013-01-10 01:08:22 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll MOD - [2013-01-09 23:18:49 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll MOD - [2013-01-09 23:18:38 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll MOD - [2013-01-09 23:18:27 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll MOD - [2013-01-09 23:18:19 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll MOD - [2013-01-09 23:18:14 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll MOD - [2013-01-09 23:18:13 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll MOD - [2013-01-09 23:18:00 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll MOD - [2013-01-09 23:17:55 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll MOD - [2013-01-09 23:17:48 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll MOD - [2013-01-09 23:17:38 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll MOD - [2012-08-31 01:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2011-03-02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-03-31 10:04:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-03-31 10:04:20 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_nl_b77a5c561934e089\System.resources.dll MOD - [2008-09-02 11:29:52 | 000,098,304 | ---- | M] () -- C:\Program Files\Photo!\Photo! Editor\IvBar\ivbshlext.dll MOD - [2007-07-16 12:54:10 | 000,025,264 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe MOD - [2007-07-16 12:54:08 | 000,434,864 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe MOD - [2007-05-02 05:11:56 | 000,040,960 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.Monitor.Core.dll MOD - [2007-05-02 05:11:56 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.Monitor.Common.dll MOD - [2007-05-02 05:10:58 | 000,057,344 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.dll MOD - [2007-04-30 08:20:26 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll MOD - [2007-04-30 08:19:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.ScanDevMon.dll MOD - [2007-04-30 08:19:48 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.NetworkCardDevMon.dll MOD - [2007-03-23 15:41:44 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiscw.dll MOD - [2007-03-05 10:45:26 | 000,589,824 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdidatr.dll MOD - [2006-12-28 11:47:42 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdicats.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2013-02-08 15:28:26 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2012-09-24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2012-09-24 16:04:32 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2012-09-12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012-09-12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012-07-17 22:10:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-02-13 20:02:32 | 001,604,880 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Running] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs) SRV - [2011-11-23 14:15:40 | 001,510,720 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-04-01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-03-28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010-11-26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-07-09 13:27:52 | 001,716,224 | ---- | M] (Textalk AB) [Auto | Running] -- C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe -- (EFUploadSrv) SRV - [2008-10-06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008-09-16 11:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0) SRV - [2008-02-03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-06-11 10:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device) SRV - [2007-06-11 10:14:42 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX) DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG) DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\tfohqy.sys -- (jiwqy) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\clwvd.sys -- (clwvd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwavdt.sys -- (btwavdt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio) DRV - [2013-02-26 14:26:00 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD850F49-2742-461A-AEA8-963242D727ED}\MpKsld3b87875.sys -- (MpKsld3b87875) DRV - [2013-02-26 12:41:29 | 000,029,904 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD850F49-2742-461A-AEA8-963242D727ED}\MpKsla2db8154.sys -- (MpKsla2db8154) DRV - [2013-02-26 01:17:11 | 000,029,904 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD850F49-2742-461A-AEA8-963242D727ED}\MpKslb4f8faaa.sys -- (MpKslb4f8faaa) DRV - [2012-09-24 16:04:42 | 000,063,864 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv) DRV - [2012-08-30 21:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2012-02-13 20:02:02 | 000,087,312 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\bckd.sys -- (bckd) DRV - [2011-11-09 09:21:18 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011-06-02 06:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011-06-02 06:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011-06-02 06:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011-06-02 06:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2009-09-05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-10-03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2008-07-17 17:01:00 | 000,269,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Vid.sys -- (OA004Vid) DRV - [2008-06-29 15:52:26 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV - [2008-06-10 19:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008-06-03 09:30:24 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Ufd.sys -- (OA004Ufd) DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007-10-18 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007-06-18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = {searchTerms} - Bing IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2} IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = {searchTerms} - Bing IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@ei.MyWebFace_5a.com/Plugin: C:\Program Files\MyWebFace_5aEI\Installr\1.bin\NP5aEISB.dll File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\PremierOpinion FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-01-29 09:15:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-29 09:15:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2010-02-18 12:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Extensions [2010-02-18 12:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2012-06-21 15:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\extensions [2012-06-30 10:50:14 | 000,000,000 | ---D | M] (uTorrentBar_NL Community Toolbar) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\extensions\{87775fdb-6972-41f9-ae51-8326e38cb206} [2013-02-24 14:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2012-12-25 21:37:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions [2012-12-25 21:37:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions O1 HOSTS File: ([2013-02-26 14:26:14 | 000,002,480 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 216.239.32.20 www.google.ae # bck9 O1 - Hosts: 216.239.32.20 www.google.at # bck9 O1 - Hosts: 216.239.32.20 www.google.be # bck9 O1 - Hosts: 216.239.32.20 www.google.ca # bck9 O1 - Hosts: 216.239.32.20 www.google.ch # bck9 O1 - Hosts: 216.239.32.20 www.google.cl # bck9 O1 - Hosts: 216.239.32.20 www.google.co.il # bck9 O1 - Hosts: 216.239.32.20 www.google.co.in # bck9 O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9 O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9 O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9 O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9 O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9 O1 - Hosts: 216.239.32.20 www.google.co.za # bck9 O1 - Hosts: 216.239.32.20 www.google.com # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9 O1 - Hosts: 216.239.32.20 www.google.com.au # bck9 O1 - Hosts: 216.239.32.20 www.google.com.br # bck9 O1 - Hosts: 216.239.32.20 www.google.com.co # bck9 O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9 O1 - Hosts: 216.239.32.20 www.google.com.my # bck9 O1 - Hosts: 41 more lines... O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe () O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe () O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe () O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe (jiiSoft) O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: internet ([]about in Vertrouwde websites) O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: marktplaats.nl ([betalingen] https in Vertrouwde websites) O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: mcafee.com ([]http in Vertrouwde websites) O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: mcafee.com ([]https in Vertrouwde websites) O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/download/imikimi_plugin_0.5.1.cab (Imikimi_activex_plugin Control) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab (Image Uploader Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75380268-F390-455C-9CFA-4637BB461275}: DhcpNameServer = 212.54.40.25 212.54.35.25 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013-02-26 14:36:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Compaq\Desktop\OTL.com [2013-02-25 20:24:27 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Roaming\Systweak [2013-02-25 20:24:25 | 000,018,800 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe [2013-02-25 18:24:09 | 000,688,779 | ---- | C] (Swearware) -- C:\Users\Compaq\Desktop\dds.pif [2013-02-25 14:05:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-02-25 12:46:04 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Compaq\Desktop\dds.com [2013-02-24 17:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2013-02-24 17:04:29 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013-02-24 14:36:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013-02-24 14:31:46 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2013-02-24 14:31:46 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Local\Temp [2013-02-23 17:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\HiJackThis [2013-02-23 10:01:55 | 000,000,000 | ---D | C] -- C:\Users\Compaq\Documents\webkit [2013-02-23 10:01:45 | 000,000,000 | ---D | C] -- C:\Users\Compaq\.Virtualbox.sav [2013-02-23 10:01:09 | 000,000,000 | ---D | C] -- C:\Users\Compaq\youwave [2013-02-21 20:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks [2013-02-21 20:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks [2013-02-21 11:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013-02-21 11:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013-02-16 19:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\IncrediMail [2013-02-07 16:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series [2013-02-07 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3500-4500 Series [2013-02-05 22:11:40 | 000,000,000 | ---D | C] -- C:\aiofw [2013-02-04 15:45:50 | 000,000,000 | ---D | C] -- C:\Windows\Profiles [2013-02-02 12:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Xerox [2013-01-30 16:49:14 | 000,000,000 | ---D | C] -- C:\Users\Compaq\{4f2f8c7e-f45b-4e33-b049-2c7d3a203053} [2013-01-30 15:53:38 | 000,000,000 | ---D | C] -- C:\lxk3500-4500Patch [2013-01-29 09:17:30 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Local\Real [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013-02-26 14:36:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Compaq\Desktop\OTL.com [2013-02-26 14:35:15 | 000,140,300 | ---- | M] () -- C:\Users\Compaq\Desktop\hosts.zip [2013-02-26 14:29:00 | 000,000,286 | ---- | M] () -- C:\ProgramData\hpqp.ini [2013-02-26 14:28:24 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-02-26 14:26:14 | 000,002,480 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013-02-26 14:25:36 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013-02-26 14:25:36 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013-02-26 14:25:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-02-26 14:25:23 | 3149,078,528 | -HS- | M] () -- C:\hiberfil.sys [2013-02-26 12:37:49 | 000,007,052 | ---- | M] () -- C:\Users\Compaq\AppData\Local\d3d9caps.dat [2013-02-26 08:42:01 | 000,000,177 | ---- | M] () -- C:\Users\Compaq\Desktop\Ad.url [2013-02-26 01:02:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2013-02-25 19:57:47 | 000,003,080 | ---- | M] () -- C:\Users\Public\Desktop\sample_25-02-2013_1957.zip [2013-02-25 19:30:21 | 000,066,541 | ---- | M] () -- C:\Users\Compaq\.recently-used.xbel [2013-02-25 18:24:10 | 000,688,779 | ---- | M] (Swearware) -- C:\Users\Compaq\Desktop\dds.pif [2013-02-25 14:20:41 | 000,008,984 | ---- | M] () -- C:\ProgramData\lxdi [2013-02-25 14:18:57 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X .lnk [2013-02-25 12:46:04 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Compaq\Desktop\dds.com [2013-02-25 09:21:21 | 000,000,975 | ---- | M] () -- C:\Users\Compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013-02-25 08:50:51 | 000,020,310 | ---- | M] () -- C:\Users\Compaq\Desktop\capture-20130225-085034.png [2013-02-24 18:56:14 | 000,002,531 | ---- | M] () -- C:\Users\Compaq\Desktop\Jasc Animation Shop 3.lnk [2013-02-24 17:05:58 | 000,002,525 | ---- | M] () -- C:\Users\Compaq\Desktop\HiJackThis.lnk [2013-02-23 09:55:06 | 000,001,153 | ---- | M] () -- C:\Users\Compaq\Desktop\Launch Internet Explorer Browser.lnk [2013-02-21 21:00:40 | 000,001,676 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk [2013-02-21 19:42:00 | 000,092,481 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_13104.jpg [2013-02-21 19:41:16 | 000,110,362 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_74277.jpg [2013-02-21 16:09:47 | 000,091,583 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_41770.jpg [2013-02-21 14:49:10 | 000,098,427 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_41300.jpg [2013-02-21 14:43:41 | 000,083,802 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_48962.jpg [2013-02-21 14:40:36 | 000,091,720 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_92857.jpg [2013-02-21 14:40:28 | 000,114,139 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_45383.jpg [2013-02-21 11:47:34 | 000,091,199 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_77757.jpg [2013-02-21 11:33:04 | 000,091,739 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_9644.jpg [2013-02-21 11:32:31 | 000,103,932 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_39741.jpg [2013-02-21 11:31:39 | 000,078,033 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_57353.jpg [2013-02-21 11:09:03 | 000,124,158 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_94959.jpg [2013-02-21 11:04:12 | 000,078,459 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_78699.jpg [2013-02-21 11:02:36 | 000,078,365 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_88790.jpg [2013-02-21 11:01:00 | 000,102,389 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_29528.jpg [2013-02-21 10:41:47 | 000,099,296 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_37561.jpg [2013-02-21 10:41:35 | 000,076,804 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_86319.jpg [2013-02-21 10:40:51 | 000,076,733 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_16515.jpg [2013-02-21 00:34:36 | 000,002,637 | ---- | M] () -- C:\Users\Compaq\Desktop\Jasc Paint Shop Pro 8.lnk [2013-02-19 20:43:24 | 000,069,120 | ---- | M] () -- C:\Users\Compaq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-02-19 15:48:48 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk [2013-02-19 08:39:56 | 000,000,238 | ---- | M] () -- C:\Users\Compaq\Desktop\facebook.url [2013-02-17 10:24:53 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk [2013-02-17 10:24:53 | 000,001,882 | ---- | M] () -- C:\Users\Compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk [2013-02-14 09:57:53 | 000,469,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-02-14 00:11:20 | 000,680,716 | ---- | M] () -- C:\Windows\System32\perfh013.dat [2013-02-14 00:11:20 | 000,599,182 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013-02-14 00:11:20 | 000,132,166 | ---- | M] () -- C:\Windows\System32\perfc013.dat [2013-02-14 00:11:20 | 000,105,864 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013-02-07 16:39:04 | 000,077,507 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf [2013-02-07 16:36:10 | 000,000,897 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK [2013-01-29 18:17:32 | 000,018,800 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe [2013-01-29 09:16:28 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2013-01-29 09:12:23 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2013-02-26 14:35:15 | 000,140,300 | ---- | C] () -- C:\Users\Compaq\Desktop\hosts.zip [2013-02-25 19:57:47 | 000,003,080 | ---- | C] () -- C:\Users\Public\Desktop\sample_25-02-2013_1957.zip [2013-02-25 19:30:21 | 000,066,541 | ---- | C] () -- C:\Users\Compaq\.recently-used.xbel [2013-02-25 14:18:57 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X .lnk [2013-02-25 14:18:57 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk [2013-02-25 09:21:20 | 000,000,963 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013-02-25 08:50:51 | 000,020,310 | ---- | C] () -- C:\Users\Compaq\Desktop\capture-20130225-085034.png [2013-02-24 17:04:29 | 000,002,525 | ---- | C] () -- C:\Users\Compaq\Desktop\HiJackThis.lnk [2013-02-24 08:24:22 | 000,000,177 | ---- | C] () -- C:\Users\Compaq\Desktop\Ad.url [2013-02-21 21:00:40 | 000,001,676 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk [2013-02-21 19:42:00 | 000,092,481 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_13104.jpg [2013-02-21 19:41:16 | 000,110,362 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_74277.jpg [2013-02-21 16:09:47 | 000,091,583 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_41770.jpg [2013-02-21 14:49:10 | 000,098,427 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_41300.jpg [2013-02-21 14:43:41 | 000,083,802 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_48962.jpg [2013-02-21 14:40:36 | 000,091,720 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_92857.jpg [2013-02-21 14:40:28 | 000,114,139 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_45383.jpg [2013-02-21 11:47:34 | 000,091,199 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_77757.jpg [2013-02-21 11:33:03 | 000,091,739 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_9644.jpg [2013-02-21 11:32:30 | 000,103,932 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_39741.jpg [2013-02-21 11:31:39 | 000,078,033 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_57353.jpg [2013-02-21 11:09:03 | 000,124,158 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_94959.jpg [2013-02-21 11:04:12 | 000,078,459 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_78699.jpg [2013-02-21 11:02:36 | 000,078,365 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_88790.jpg [2013-02-21 11:01:00 | 000,102,389 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_29528.jpg [2013-02-21 10:41:47 | 000,099,296 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_37561.jpg [2013-02-21 10:41:35 | 000,076,804 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_86319.jpg [2013-02-21 10:40:51 | 000,076,733 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_16515.jpg [2013-02-19 15:48:48 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk [2013-02-18 18:28:51 | 000,000,238 | ---- | C] () -- C:\Users\Compaq\Desktop\facebook.url [2013-02-16 19:22:58 | 000,001,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk [2013-02-16 19:22:58 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk [2013-02-16 19:22:58 | 000,001,882 | ---- | C] () -- C:\Users\Compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk [2013-02-07 16:36:10 | 000,000,897 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK [2013-02-07 16:35:04 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll [2013-02-07 16:35:04 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll [2013-02-07 16:35:04 | 000,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dll [2013-02-07 16:35:04 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.dll [2013-02-07 16:35:03 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll [2013-02-07 16:35:03 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll [2013-02-07 16:35:03 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll [2013-02-07 16:35:03 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll [2013-02-07 16:35:02 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll [2013-02-07 16:35:02 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll [2013-02-07 16:35:01 | 000,965,785 | ---- | C] () -- C:\Windows\System32\lxdihelp.chm [2013-02-07 16:35:01 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll [2013-02-07 16:35:01 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe [2013-02-07 16:35:01 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll [2013-02-07 16:35:00 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe [2013-02-07 16:34:59 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll [2013-02-07 16:34:59 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll [2013-02-07 16:34:58 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe [2013-02-07 16:34:58 | 000,001,900 | ---- | C] () -- C:\Windows\System32\lxdi.loc [2013-01-30 16:29:24 | 000,024,576 | ---- | C] () -- C:\Program Files\Lexmark 3500-4500 Series(271) [2012-12-25 12:04:06 | 000,123,442 | ---- | C] () -- C:\Users\Compaq\fitness.gif [2012-12-09 19:55:34 | 000,090,112 | ---- | C] () -- C:\Windows\System32\bsrlback.dll [2012-12-09 19:55:34 | 000,090,112 | ---- | C] () -- C:\Windows\System32\bsreffs.dll [2012-12-09 19:55:32 | 000,692,224 | ---- | C] () -- C:\Windows\System32\bsrmgcv.dll [2012-12-09 19:55:32 | 000,192,512 | ---- | C] () -- C:\Windows\System32\bsrmgps.dll [2012-12-09 19:55:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\bsrgvas.dll [2012-12-09 19:55:24 | 000,585,728 | ---- | C] () -- C:\Windows\System32\bsratswf.dll [2012-12-09 19:55:24 | 000,147,456 | ---- | C] () -- C:\Windows\System32\bsratwmv.dll [2012-12-02 19:38:25 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012-11-08 00:18:06 | 000,093,553 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_82286.jpg [2012-06-26 15:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012-06-26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012-06-26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012-06-26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012-06-26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012-04-28 12:14:23 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll [2011-12-24 13:02:12 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011-12-24 12:57:49 | 000,034,936 | ---- | C] () -- C:\Windows\System32\uninstHelixYUV.exe [2011-12-18 15:59:39 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2011-12-15 15:24:04 | 003,726,375 | ---- | C] () -- C:\Users\Compaq\Ulead_GIF-X.Plugin_2.0.rar [2011-11-29 14:07:14 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011-08-01 21:17:02 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin [2011-05-28 15:41:30 | 000,000,598 | ---- | C] () -- C:\Users\Compaq\emma.xspf [2011-04-26 21:30:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011-04-26 21:30:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011-04-26 21:30:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011-04-26 21:30:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011-04-26 21:30:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011-04-25 23:06:58 | 000,148,195 | ---- | C] () -- C:\Program Files\Common Files\BookViewer.xap [2011-04-08 13:57:44 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011-02-22 21:11:27 | 000,221,892 | ---- | C] () -- C:\Users\Compaq\You are my Star a 1.dzp [2011-02-22 21:03:48 | 001,721,089 | ---- | C] () -- C:\Users\Compaq\youmm.dzp [2011-02-22 21:00:44 | 000,340,920 | ---- | C] () -- C:\Users\Compaq\YOU.dzp [2011-02-22 19:44:34 | 004,305,056 | ---- | C] () -- C:\Users\Compaq\Vorhang 55 open p.dzp [2011-02-22 19:32:56 | 000,800,703 | ---- | C] () -- C:\Users\Compaq\through mirror.dzp [2009-06-16 22:11:22 | 000,000,552 | ---- | C] () -- C:\Users\Compaq\AppData\Local\d3d8caps.dat [2009-05-08 20:40:27 | 000,008,984 | ---- | C] () -- C:\ProgramData\lxdi [2009-04-24 11:56:16 | 000,007,052 | ---- | C] () -- C:\Users\Compaq\AppData\Local\d3d9caps.dat [2009-04-22 20:45:47 | 000,004,144 | ---- | C] () -- C:\Users\Compaq\AppData\Roaming\wklnhst.dat [2009-04-22 20:45:13 | 000,069,120 | ---- | C] () -- C:\Users\Compaq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-03-06 00:37:04 | 000,000,286 | ---- | C] () -- C:\ProgramData\hpqp.ini ========== ZeroAccess Check ========== [2006-11-02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010-05-04 22:44:17 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Acapela Group [2012-06-18 06:38:11 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Awads [2012-10-06 19:40:37 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Azureus [2013-02-19 15:50:52 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Belastingdienst [2011-02-06 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\BitComet [2010-05-26 23:15:08 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\DAZ 3D [2012-02-09 10:54:14 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\DVDVideoSoft [2012-02-09 10:53:41 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\DVDVideoSoftIEHelpers [2012-09-13 10:30:32 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Ewoliv [2009-12-23 07:11:24 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\ExtraFilm [2011-04-28 09:19:47 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Fighters [2013-01-15 10:51:29 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\FLVPlayer4Free [2012-10-04 16:59:59 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\FrostWire [2011-02-22 20:12:19 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\GetRightToGo [2013-02-25 19:30:21 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\gtk-2.0 [2010-08-28 20:30:24 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\HamsterSoft [2010-12-09 12:40:17 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Jasc [2011-12-24 16:47:11 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Kazaa Lite [2013-02-07 16:51:51 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Lexmark Productivity Studio [2009-07-07 22:12:39 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\LimeWire Music [2010-01-03 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Morpheus Software [2012-06-18 07:27:46 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Nyon [2013-02-04 12:04:52 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\PhotoScape [2012-08-27 10:19:40 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Pixlromatic [2012-10-04 21:50:28 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Raptr [2011-06-16 16:36:15 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Reviversoft [2012-09-07 19:29:12 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Samsung [2010-01-16 23:34:07 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\SPAMfighter [2013-02-25 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Systweak [2012-07-10 14:47:07 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\TeamViewer [2009-04-22 20:45:49 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Template [2012-09-12 09:45:24 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\TuneUp Software [2012-09-13 10:01:00 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Uccy [2011-10-29 15:01:22 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Uniblue [2013-02-26 14:49:33 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\uTorrent [2010-03-17 19:48:04 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\VoipBuster [2011-01-18 11:57:20 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\WebcamMax [2012-09-11 17:36:12 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Wiisa [2012-08-02 22:35:56 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Windows Live Writer [2010-05-04 22:44:23 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Xtranormal [2012-06-17 18:05:36 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Yxlen [2011-07-10 14:56:59 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Zoner ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:C119EC96 @Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34 @Alternate Data Stream - 64 bytes -> C:\Users\Compaq\Documents\Freddy Maertens goes to Bruges.mp4:TOC.WMV @Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:0B4227B4 @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8 @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:901E30B2 @Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:8D21982F < End of report >

hopelijk heb ik mvps ,goed gedaan?,ik hoef nooit rechts te klikken om uit te voeren als administrator.

Zoek.exe Version 4.0.0.1 Updated 25-02-2013 Tool run by Compaq on ma 25-02-2013 at 19:55:39,80. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Creating Sample_25-02-2013_1957.zip ====================== Process iexplore.exe killed Copied file C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk to sample Copied file C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk to sample Copied file C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk to sample sample\Internet Explorer (No Add-ons).lnk renamed to CA27F6D3CBFD39DFFDA8E08FFD0E3801 sample\Internet Explorer.lnk renamed to 8EF47975D9267E42BE03A4AD3B800DA0 sample\Launch Internet Explorer Browser.lnk renamed to 1A2979C515F0356F65E0A6A011DFE163 C:\Users\Public\Desktop\sample_25-02-2013_1957.zip created successfully ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe C:\Users\Public\Desktop\Adobe Reader X .lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\RealPlay.exe /launch:desktop C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - c:\Users\Compaq\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 Help.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 verwijderen.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games.lnk - C:\Program Files\IncrediMail\Bin\IncrediGamesStart.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail Gallery.lnk - C:\Program Files\IncrediMail\Bin\IncrediGalleryStart.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Letter Creator.lnk - C:\Program Files\IncrediMail\Bin\ImLc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Uninstall IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\EU Waste Electronics Information.LNK - C:\Windows\System32\spool\drivers\w32x86\3\EU_Waste_Electronic_Information.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Cartridge Diagnostic Wizard.LNK - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Imaging Studio.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Solution Center.LNK - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdipswx.exe /M=Lexmark 3500-4500 Series /T=100 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Release Notes.LNK - C:\Windows\System32\write.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdirme.doc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Uninstall Lexmark 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\Install\x86\Uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\User's Guide.LNK - C:\Program Files\Lexmark 3500-4500 Series\LXDIuser.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Wireless Configuration Utility.LNK - C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe /ini=lxdiina.ini /title="Wireless Configuration Utility" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files\Real\RealPlayer\realconverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files\Real\RealPlayer\realtrimmer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:start_menu ==== shortcuts in Quick Launch ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== shortcuts After Repair ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

Goedenavond welke moet ik nog meer doen? de info spyware? - - - Updated - - - Och zie nu pas dat hij er niet op staat komt er zo aan . - - - Updated - - - mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab TCP: NameServer = 212.54.40.25 212.54.35.25 TCP: Interfaces\{75380268-F390-455C-9CFA-4637BB461275} : DHCPNameServer = 212.54.40.25 212.54.35.25 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" Hosts: 216.239.32.20 www.google.ae # bck9 Hosts: 216.239.32.20 www.google.at # bck9 Hosts: 216.239.32.20 www.google.be # bck9 Hosts: 216.239.32.20 www.google.ca # bck9 Hosts: 216.239.32.20 www.google.ch # bck9 . Note: multiple HOSTS entries found. Please refer to Attach.txt . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552] R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2012-2-13 87312] R1 MpKsl63c4e92d;MpKsl63c4e92d;c:\programdata\microsoft\microsoft antimalware\definition updates\{53b29f45-4444-4339-a063-c5dd9d347b35}\MpKsl63c4e92d.sys [2013-2-25 29904] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312] R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\blue coat k9 web protection\k9filter.exe [2012-2-13 1604880] R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files\bluestacks\HD-Service.exe [2012-9-24 393080] R2 BstHdDrv;BlueStacks Hypervisor;c:\program files\bluestacks\HD-Hypervisor-x86.sys [2012-9-24 63864] R2 EFUploadSrv;ExtraFilm upload service;c:\program files\extrafilm designer nl\EFUploadSrv.exe [2009-7-9 1716224] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?] R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272] R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2010-11-26 398176] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608] R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2008-11-8 365952] R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-31 3467768] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-11-23 1510720] R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-11-8 193840] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-29 112128] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824] R3 OA004Ufd;Creative Camera OA004 Upper Filter Driver;c:\windows\system32\drivers\OA004Ufd.sys [2008-6-3 144672] R3 OA004Vid;Creative Camera OA004 Function Driver;c:\windows\system32\drivers\OA004Vid.sys [2008-7-17 269760] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-11-9 10064] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files\bluestacks\HD-LogRotatorService.exe [2012-9-24 384888] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdiserv.exe [2007-6-11 99248] S2 Secunia Update Agent;Secunia Update Agent;"c:\program files\secunia\psi\sua.exe" --start-service --> c:\program files\secunia\psi\sua.exe [?] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-4-1 183560] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-20 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-8-3 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-8-3 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-8-3 136808] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2012-8-3 114280] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2013-02-25 07:39:48 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{53b29f45-4444-4339-a063-c5dd9d347b35}\MpKsl63c4e92d.sys 2013-02-24 16:05:51 388096 ----a-r- c:\users\compaq\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2013-02-24 16:05:50 -------- d-----w- c:\program files\Trend Micro 2013-02-24 13:44:31 6954968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{53b29f45-4444-4339-a063-c5dd9d347b35}\mpengine.dll 2013-02-24 13:36:46 -------- d-sh--w- C:\$RECYCLE.BIN 2013-02-24 13:31:46 -------- d-----w- c:\users\compaq\appdata\local\Temp 2013-02-23 09:01:45 -------- d-----w- c:\users\compaq\.Virtualbox.sav 2013-02-23 09:01:09 -------- d-----w- c:\users\compaq\youwave 2013-02-23 08:24:31 6954968 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-02-21 19:38:48 -------- d-----w- c:\programdata\BlueStacks 2013-02-21 10:35:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-02-21 10:30:23 -------- d-----w- c:\program files\Bonjour 2013-02-16 18:22:32 -------- d-----w- c:\program files\IncrediMail 2013-02-13 23:13:58 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll 2013-02-13 08:42:20 2048512 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 08:42:18 1314816 ----a-w- c:\windows\system32\quartz.dll 2013-02-13 08:42:17 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 08:42:17 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2013-02-13 08:42:04 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-02-13 08:42:04 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-08 14:28:14 16365936 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2013-02-07 15:52:22 687859 ----a-w- c:\programdata\SPL42E4.tmp 2013-02-07 15:38:44 113664 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\lxdidrpp.dll 2013-02-07 15:34:59 765952 ----a-w- c:\windows\system32\lxdicomc.dll 2013-02-07 15:34:59 360448 ----a-w- c:\windows\system32\lxdicomm.dll 2013-02-07 15:34:58 77906 ----a-w- c:\windows\system32\lxdicfg.dll 2013-02-07 15:34:58 340912 ----a-w- c:\windows\system32\lxdicfg.exe 2013-02-07 15:34:55 -------- d-----w- c:\program files\Lexmark 3500-4500 Series 2013-02-05 21:11:40 -------- d-----w- C:\aiofw 2013-02-04 14:45:50 565760 ----a-w- c:\windows\system32\MSVCP50.DLL 2013-02-04 14:45:50 -------- d-----w- c:\windows\Profiles 2013-02-04 14:45:37 306688 ----a-w- c:\windows\IsUninst.exe 2013-02-04 10:58:05 398056 ----a-w- c:\programdata\SPLE5AD.tmp 2013-02-02 11:58:35 -------- d-----w- c:\programdata\Xerox 2013-01-30 15:49:14 -------- d-----w- c:\users\compaq\{4f2f8c7e-f45b-4e33-b049-2c7d3a203053} 2013-01-30 15:29:24 24576 ----a-w- c:\program files\Lexmark 3500-4500 Series(271) 2013-01-30 14:53:38 -------- d-----w- C:\lxk3500-4500Patch 2013-01-29 08:17:30 -------- d-----w- c:\users\compaq\appdata\local\Real 2013-01-29 08:12:03 348160 ----a-w- c:\windows\system32\msvcr71.dll . ==================== Find3M ==================== . 2013-02-23 08:55:27 420944 ----a-w- c:\windows\system32\msvcp100.dll 2013-02-08 14:28:25 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-02-08 14:28:25 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe 2013-01-29 08:12:03 499712 ----a-w- c:\windows\system32\msvcp71.dll 2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll 2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll 2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll 2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll 2012-12-14 15:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-09 18:55:34 90112 ----a-w- c:\windows\system32\bsrlback.dll 2012-12-09 18:55:34 90112 ----a-w- c:\windows\system32\bsreffs.dll 2012-12-09 18:55:32 81920 ----a-w- c:\windows\system32\bsrgvas.dll 2012-12-09 18:55:32 692224 ----a-w- c:\windows\system32\bsrmgcv.dll 2012-12-09 18:55:32 192512 ----a-w- c:\windows\system32\bsrmgps.dll 2012-12-09 18:55:24 585728 ----a-w- c:\windows\system32\bsratswf.dll 2012-12-09 18:55:24 147456 ----a-w- c:\windows\system32\bsratwmv.dll . ============= FINISH: 12:56:32,17 ===============

Nog geen verandering .

Nog hetzelfde de 22 find tapak portal is er nog steeds.

Zoek.exe Version 4.0.0.1 Updated 25-02-2013 Tool run by Compaq on ma 25-02-2013 at 9:12:54,32. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{95324E44-4B0A-47A9-8F77-9C6415E51C29} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ::1 localhost ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-02-04 14:45:37 515E4684008E955DE0C81E6A7AEA1C2A 306688 ----a-w- C:\Windows\IsUninst.exe ====== C:\Users\Compaq\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-02-13 23:14:25 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-02-13 23:14:25 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-02-13 23:14:24 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-02-13 23:14:23 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-02-13 23:14:23 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2013-02-13 23:14:22 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-02-13 23:14:22 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-02-13 23:14:21 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-02-13 23:14:21 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-02-13 23:14:20 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-02-13 23:14:20 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll 2013-02-13 23:14:20 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll 2013-02-13 23:14:18 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll 2013-02-13 23:14:18 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-02-13 23:14:17 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll 2013-02-13 23:14:15 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll 2013-02-13 08:42:20 1C1F3014453865E805A8708751743A48 2048512 ----a-w- C:\Windows\System32\win32k.sys 2013-02-13 08:42:18 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll 2013-02-13 08:42:04 E185428925DBC53CE59B2A5CBA64B837 3602808 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-02-13 08:42:04 691F1612558BF6B27F952C4B1073B0D1 3550072 ----a-w- C:\Windows\System32\ntoskrnl.exe ====== C:\Windows\system32\drivers ===== 2013-02-13 08:42:17 CD21572F83F7EC6E2C20C465967BEDD9 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2013-02-13 08:42:17 3535CD93F944C00F098E73E12EE7FEB6 914792 ----a-w- C:\Windows\System32\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-02-24 16:05:50 -------- d-----w- C:\Program Files\Trend Micro 2013-02-21 10:30:23 -------- d-----w- C:\Program Files\Bonjour 2013-02-16 18:22:32 -------- d-----w- C:\Program Files\IncrediMail 2013-02-07 15:34:55 -------- d-----w- C:\Program Files\Lexmark 3500-4500 Series 2013-01-30 15:29:24 24576 ----a-w- C:\Program Files\Lexmark 3500-4500 Series(271) ======= C: ===== ====== C:\Users\Compaq\AppData\Roaming ====== 2013-02-24 13:31:46 -------- d-----w- C:\users\Compaq\AppData\Local\Temp 2013-01-29 08:17:30 -------- d-----w- C:\users\Compaq\AppData\Local\Real ====== C:\Users\Compaq ====== 2013-02-24 18:02:44 B8C50314B86427F0C26B4C509D8A020E 64613 ----a-w- C:\Users\Compaq\.recently-used.xbel 2013-02-23 09:01:45 -------- d-----w- C:\Users\Compaq\.Virtualbox.sav 2013-02-23 09:01:09 -------- d-----w- C:\Users\Compaq\youwave 2013-02-21 19:38:48 -------- d-----w- C:\ProgramData\BlueStacks 2013-02-21 18:42:00 DA24ABEBDE71F0FBA51F7F7C78296862 92481 ----a-w- C:\Users\Compaq\final_bstSnapshot_13104.jpg 2013-02-21 18:41:16 8CD11A92E561EE9E05201F9031169698 110362 ----a-w- C:\Users\Compaq\final_bstSnapshot_74277.jpg 2013-02-21 15:09:47 6409CAD442CE10C928BC50B9CF1AB068 91583 ----a-w- C:\Users\Compaq\final_bstSnapshot_41770.jpg 2013-02-21 13:49:10 1188276298D020A71FFD7689B81A199B 98427 ----a-w- C:\Users\Compaq\final_bstSnapshot_41300.jpg 2013-02-21 13:43:41 35475ACB12BEF3268525F3EDE2C26D60 83802 ----a-w- C:\Users\Compaq\final_bstSnapshot_48962.jpg 2013-02-21 13:40:36 3F98724C1CAC264144EDA21CED050172 91720 ----a-w- C:\Users\Compaq\final_bstSnapshot_92857.jpg 2013-02-21 13:40:28 0003EC5B452230E079E96D08774A9262 114139 ----a-w- C:\Users\Compaq\final_bstSnapshot_45383.jpg 2013-02-21 10:47:34 B3F64FB25E2A2B2B687243157FADBA49 91199 ----a-w- C:\Users\Compaq\final_bstSnapshot_77757.jpg 2013-02-21 10:35:59 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-02-21 10:33:03 07D0A71645A2C730108A95D838B687D2 91739 ----a-w- C:\Users\Compaq\final_bstSnapshot_9644.jpg 2013-02-21 10:32:30 29B9A8E0BA7C4FCD5B4FA266976D15E3 103932 ----a-w- C:\Users\Compaq\final_bstSnapshot_39741.jpg 2013-02-21 10:31:39 E1745889A251C82936B3054E1976D910 78033 ----a-w- C:\Users\Compaq\final_bstSnapshot_57353.jpg 2013-02-21 10:09:03 CAE06C341A182601D5866B791FD7B239 124158 ----a-w- C:\Users\Compaq\final_bstSnapshot_94959.jpg 2013-02-21 10:04:12 066B67960F077E9D8E7784EDA692D1D7 78459 ----a-w- C:\Users\Compaq\final_bstSnapshot_78699.jpg 2013-02-21 10:02:36 7E2933699E15CD548ECFB1A29632FEE5 78365 ----a-w- C:\Users\Compaq\final_bstSnapshot_88790.jpg 2013-02-21 10:01:00 ECC31E2F8043D9606F83B87332F72455 102389 ----a-w- C:\Users\Compaq\final_bstSnapshot_29528.jpg 2013-02-21 09:41:47 1484A8AB0D9FC88463804279935EF4E9 99296 ----a-w- C:\Users\Compaq\final_bstSnapshot_37561.jpg 2013-02-21 09:41:35 D450E7FA9CC47CADEF5BECE8960556F2 76804 ----a-w- C:\Users\Compaq\final_bstSnapshot_86319.jpg 2013-02-21 09:40:51 A1AA3D47D4A2B304AD9C11C48002337D 76733 ----a-w- C:\Users\Compaq\final_bstSnapshot_16515.jpg 2013-02-07 15:52:22 83F08B6E11A9F56B1C28F92787DE11A0 687859 ----a-w- C:\ProgramData\SPL42E4.tmp 2013-02-04 10:58:05 CD6235E1BBDD43F4431DE70080DF2C26 398056 ----a-w- C:\ProgramData\SPLE5AD.tmp 2013-02-02 11:58:35 -------- d-----w- C:\ProgramData\Xerox 2013-01-30 15:49:14 -------- d-----w- C:\Users\Compaq\{4f2f8c7e-f45b-4e33-b049-2c7d3a203053} ====== C: exe-files == 2013-02-25 07:48:10 E8F9516B646ED12FE0FBDD2D65D277C9 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-279592566-1776291336-1976008511-1000\$IIUWCFN.exe 2013-02-25 07:47:49 AA3E2A5EB08A36471641B5283DD70F72 1262573 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-279592566-1776291336-1976008511-1000\$RIUWCFN.exe 2013-02-23 09:34:57 92405A3EEB9D74DB7CCFBF32CC720176 53319 ----a-w- C:\ProgramData\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe 2013-02-19 14:48:46 3644168EBD9967E2568ED3E723610B8E 177129 ------r- C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe === C: other files == 2231-04-23 12:00:36 C5334DD82ED64A48168DD324AA5B99D9 237568 ----a-w- C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0\CTB.dll 2231-04-23 12:00:36 1A60DDBD05E3018E29075726C2368B13 194048 ----a-w- C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0\CrmAdpt.dll 2013-02-24 13:38:16 949AF3E92B8ADF423A222F4A27A41A30 115137 ----a-w- C:\Users\Compaq\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe C:\Users\Public\Desktop\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\RealPlay.exe /launch:desktop C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - c:\Users\Compaq\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 Help.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 verwijderen.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games.lnk - C:\Program Files\IncrediMail\Bin\IncrediGamesStart.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail Gallery.lnk - C:\Program Files\IncrediMail\Bin\IncrediGalleryStart.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Letter Creator.lnk - C:\Program Files\IncrediMail\Bin\ImLc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Uninstall IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\EU Waste Electronics Information.LNK - C:\Windows\System32\spool\drivers\w32x86\3\EU_Waste_Electronic_Information.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Cartridge Diagnostic Wizard.LNK - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Imaging Studio.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Solution Center.LNK - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdipswx.exe /M=Lexmark 3500-4500 Series /T=100 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Release Notes.LNK - C:\Windows\System32\write.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdirme.doc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Uninstall Lexmark 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\Install\x86\Uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\User's Guide.LNK - C:\Program Files\Lexmark 3500-4500 Series\LXDIuser.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Wireless Configuration Utility.LNK - C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe /ini=lxdiina.ini /title="Wireless Configuration Utility" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files\Real\RealPlayer\realconverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files\Real\RealPlayer\realtrimmer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:start_menu ==== shortcuts in Quick Launch ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! ==== shortcuts After Repair ====================== C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia! C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

Die staan er niet bij

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:09:33, on 24-2-2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16464) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files\BlueStacks\HD-Agent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\IE New Window Maximizer\iemaximizer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\BlueStacks\HD-Adb.exe C:\Program Files\BlueStacks\HD-Frontend.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O1 - Hosts: 216.239.32.20 www.google.ae # bck9 O1 - Hosts: 216.239.32.20 www.google.at # bck9 O1 - Hosts: 216.239.32.20 www.google.be # bck9 O1 - Hosts: 216.239.32.20 www.google.ca # bck9 O1 - Hosts: 216.239.32.20 www.google.ch # bck9 O1 - Hosts: 216.239.32.20 www.google.cl # bck9 O1 - Hosts: 216.239.32.20 www.google.co.il # bck9 O1 - Hosts: 216.239.32.20 www.google.co.in # bck9 O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9 O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9 O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9 O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9 O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9 O1 - Hosts: 216.239.32.20 www.google.co.za # bck9 O1 - Hosts: 216.239.32.20 www.google.com # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9 O1 - Hosts: 216.239.32.20 www.google.com.au # bck9 O1 - Hosts: 216.239.32.20 www.google.com.br # bck9 O1 - Hosts: 216.239.32.20 www.google.com.co # bck9 O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9 O1 - Hosts: 216.239.32.20 www.google.com.my # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9 O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9 O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9 O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9 O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9 O1 - Hosts: 216.239.32.20 www.google.de # bck9 O1 - Hosts: 216.239.32.20 www.google.dk # bck9 O1 - Hosts: 216.239.32.20 www.google.es # bck9 O1 - Hosts: 216.239.32.20 www.google.fi # bck9 O1 - Hosts: 216.239.32.20 www.google.fr # bck9 O1 - Hosts: 216.239.32.20 www.google.it # bck9 O1 - Hosts: 216.239.32.20 www.google.lt # bck9 O1 - Hosts: 216.239.32.20 www.google.lv # bck9 O1 - Hosts: 216.239.32.20 www.google.nl # bck9 O1 - Hosts: 216.239.32.20 www.google.pl # bck9 O1 - Hosts: 216.239.32.20 www.google.pt # bck9 O1 - Hosts: 216.239.32.20 www.google.ro # bck9 O1 - Hosts: 216.239.32.20 www.google.ru # bck9 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14293 bytes