22 find tapak portal verwijderen.

[signorita]

Zoek.exe Version 4.0.0.1 Updated 25-02-2013

Tool run by Compaq on ma 25-02-2013 at 19:55:39,80.

Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Creating Sample_25-02-2013_1957.zip ======================

Process iexplore.exe killed

Copied file C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk to sample

Copied file C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk to sample

Copied file C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk to sample

sample\Internet Explorer (No Add-ons).lnk renamed to CA27F6D3CBFD39DFFDA8E08FFD0E3801

sample\Internet Explorer.lnk renamed to 8EF47975D9267E42BE03A4AD3B800DA0

sample\Launch Internet Explorer Browser.lnk renamed to 1A2979C515F0356F65E0A6A011DFE163

C:\Users\Public\Desktop\sample_25-02-2013_1957.zip created successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe

C:\Users\Public\Desktop\Adobe Reader X .lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe

C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\RealPlay.exe /launch:desktop

C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - c:\Users\Compaq\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 Help.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 verwijderen.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games.lnk - C:\Program Files\IncrediMail\Bin\IncrediGamesStart.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail Gallery.lnk - C:\Program Files\IncrediMail\Bin\IncrediGalleryStart.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Letter Creator.lnk - C:\Program Files\IncrediMail\Bin\ImLc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Uninstall IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\EU Waste Electronics Information.LNK - C:\Windows\System32\spool\drivers\w32x86\3\EU_Waste_Electronic_Information.pdf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Cartridge Diagnostic Wizard.LNK -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Imaging Studio.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Solution Center.LNK - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdipswx.exe /M=Lexmark 3500-4500 Series /T=100

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Release Notes.LNK - C:\Windows\System32\write.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdirme.doc

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Uninstall Lexmark 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\Install\x86\Uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\User's Guide.LNK - C:\Program Files\Lexmark 3500-4500 Series\LXDIuser.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Wireless Configuration Utility.LNK - C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe /ini=lxdiina.ini /title="Wireless Configuration Utility"

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files\Real\RealPlayer\realconverter.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files\Real\RealPlayer\realtrimmer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:start_menu

==== shortcuts in Quick Launch ======================

C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== shortcuts After Repair ======================

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 22Find Tapak Portal - My Homepage - navigasi terbaik dan paling lengkap laman Malaysia!

[signorita]

hopelijk heb ik mvps ,goed gedaan?,ik hoef nooit rechts te klikken om uit te voeren als administrator.

[juisterr]

Zo te zien heb je het wel goed gedaan maar weer niet gelukt? Heb je de Hostfix wel gerund ?

Download OTL naar je Bureaublad

• Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
  
• Zet een vinkje bij Scan All Users.
  
• Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
  
  • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
    
  • Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.
    

[signorita]

OTL logfile created on: 26-2-2013 14:38:02 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Compaq\Desktop

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,93 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 57,42% Memory free

6,07 Gb Paging File | 4,66 Gb Available in Paging File | 76,90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 223,00 Gb Total Space | 127,22 Gb Free Space | 57,05% Space Free | Partition Type: NTFS

Drive D: | 9,88 Gb Total Space | 1,72 Gb Free Space | 17,39% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_COMPAQ | User Name: Compaq | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-02-26 14:36:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Compaq\Desktop\OTL.com

PRC - [2013-02-17 10:23:47 | 000,367,016 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe

PRC - [2013-02-17 10:23:47 | 000,264,616 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe

PRC - [2012-12-14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

PRC - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

PRC - [2012-09-24 16:05:36 | 000,581,496 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-Agent.exe

PRC - [2012-09-24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe

PRC - [2012-09-12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe

PRC - [2012-09-12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe

PRC - [2012-09-12 16:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2012-08-31 01:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

PRC - [2012-08-31 01:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

PRC - [2012-08-31 01:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe

PRC - [2012-06-21 15:52:06 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe

PRC - [2012-02-13 20:02:32 | 001,604,880 | ---- | M] (Blue Coat Systems, Inc.) -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

PRC - [2011-11-23 14:15:40 | 001,510,720 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

PRC - [2011-11-23 14:15:40 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011-03-28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE

PRC - [2010-11-26 23:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

PRC - [2010-11-26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

PRC - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

PRC - [2009-07-09 13:27:52 | 001,716,224 | ---- | M] (Textalk AB) -- C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe

PRC - [2009-04-10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009-04-10 22:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2008-10-06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe

PRC - [2008-09-16 11:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

PRC - [2007-07-16 12:54:10 | 000,025,264 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe

PRC - [2007-07-16 12:54:08 | 000,434,864 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe

PRC - [2007-06-11 10:14:52 | 000,517,040 | ---- | M] ( ) -- C:\Windows\System32\lxdicoms.exe

PRC - [2005-02-08 23:06:40 | 000,356,352 | ---- | M] (jiiSoft) -- C:\Program Files\IE New Window Maximizer\iemaximizer.exe

========== Modules (No Company Name) ==========

MOD - [2013-02-24 14:38:16 | 000,115,137 | ---- | M] () -- C:\Users\Compaq\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll

MOD - [2013-02-21 21:07:33 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\d474265b5c15fd23811fac0735946b5e\HD-Agent.ni.exe

MOD - [2013-02-21 21:06:13 | 000,155,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\8488df9357dc67a1e3b588534eee094c\JSON.ni.dll

MOD - [2013-02-17 10:23:58 | 000,072,104 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\wlessfp1.dll

MOD - [2013-02-17 10:23:51 | 000,268,712 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImLookExU.dll

MOD - [2013-02-17 10:23:50 | 000,033,128 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\IMHttpComm.dll

MOD - [2013-02-17 10:23:49 | 000,133,544 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImComUtlU.dll

MOD - [2013-02-16 19:21:53 | 000,108,888 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\PMC.dll

MOD - [2013-02-16 19:21:47 | 000,080,296 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImAppRU.dll

MOD - [2013-02-14 11:47:28 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll

MOD - [2013-02-14 11:47:24 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dab997283369b95e0fc398cdb89d371c\System.Web.ni.dll

MOD - [2013-02-14 10:03:35 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll

MOD - [2013-02-14 00:17:08 | 005,679,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\d22643f369405d4383fd0f849922d27b\DeviceHost.ni.dll

MOD - [2013-02-14 00:16:53 | 001,007,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\cf426f4841c104584469006ed98faa0c\CPKTMusicPlugin.ni.dll

MOD - [2013-02-14 00:16:43 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\7bc840787572d2a524538560f48e6110\Kies.Common.Multimedia.ni.dll

MOD - [2013-02-14 00:16:39 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\0cdb25093171374a554aa54651a691d2\Kies.Common.MainUI.ni.dll

MOD - [2013-02-14 00:16:37 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\94d3268e67e75d23095a9c4a405bacf9\Kies.Common.Util.ni.dll

MOD - [2013-02-14 00:16:36 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ed5947fbb20225cda0daf88e33bb3eb0\Kies.UI.ni.dll

MOD - [2013-02-14 00:16:33 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\ab98b3421e2bcbd877f3e0f4d58764bc\GongSolutions.Wpf.DragDrop.ni.dll

MOD - [2013-02-14 00:16:28 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll

MOD - [2013-02-14 00:16:11 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\9b05cc46b2bd88b8a93dd2dfb0a72e14\Kies.ni.exe

MOD - [2013-02-14 00:12:54 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e963e9f51746f8e23837be7760e187c6\System.Windows.Forms.ni.dll

MOD - [2013-01-10 10:48:53 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\b454f5723ec86048063fe19d4267d9e8\System.Runtime.Remoting.ni.dll

MOD - [2013-01-10 10:48:35 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\391ea916f3b1b284221296777121dc35\Kies.Theme.ni.dll

MOD - [2013-01-10 10:48:34 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\7caad59e6acc01209cee77c5e428c9a6\DevicePodcast.ni.dll

MOD - [2013-01-10 10:48:32 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\d4e5340e992c8d3987f094cc5c0f87f2\DeviceVideo.ni.dll

MOD - [2013-01-10 10:48:31 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e936f228d8ad3a2cde22816e14b3d893\DevicePhoto.ni.dll

MOD - [2013-01-10 10:48:30 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\017c339a4736fbfa96b95744f0877439\DeviceMusic.ni.dll

MOD - [2013-01-10 10:48:29 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\c2590fedfc1a30b2e6c7cb1d602ae9f5\VideoManager.ni.dll

MOD - [2013-01-10 10:48:27 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\f9ef96cc9e4721fa1f850b6d13356188\PodcastService.ni.dll

MOD - [2013-01-10 10:48:25 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\ab557a355e92f4a2ad161cd2275e999b\Podcaster.ni.dll

MOD - [2013-01-10 10:48:23 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\4108a67787498a2f1f86bdf26165e86b\PhotoManager.ni.dll

MOD - [2013-01-10 10:47:57 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\07966428683b0b27f0bb4f24a4f23edd\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll

MOD - [2013-01-10 10:47:45 | 003,079,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Pims\8f81c69772bb240267ad2b1de4e9f853\Kies.Common.Pims.ni.dll

MOD - [2013-01-10 10:47:40 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\fe551d98cab568470eea1ad9e3cb47c4\Phonebook.ni.dll

MOD - [2013-01-10 10:47:30 | 000,024,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\lib_Samsung_WitchPl#\0f6a68e21e4894592e16856189b20199\lib_Samsung_WitchPlaylist_v0.1.ni.dll

MOD - [2013-01-10 10:47:29 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\3cdb3b0e0b0bc93200b686744fc05c28\MusicManager.ni.dll

MOD - [2013-01-10 10:47:27 | 000,829,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\20c60144e15ea4035a9301293258d9a8\DeviceCommonLib.ni.dll

MOD - [2013-01-10 10:47:25 | 000,717,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\578977b7e1a4b0077aa4e234bf3dbc54\Kies.Plugin.ContentsManagerLib.ni.dll

MOD - [2013-01-10 10:47:23 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\20ce24f16635a232cba09fc3c4d5fafd\EBookManager.ni.dll

MOD - [2013-01-10 10:47:22 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\f7a77e89ba33d2c2abc2be479d531733\BATPlugin.ni.dll

MOD - [2013-01-10 10:47:21 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\e6997b13f92eb0cb72aaabb6738fdca5\AllShareController.ni.dll

MOD - [2013-01-10 10:47:15 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\fde1089e4b687be72553efa52365caf7\Kies.Common.MediaDB.ni.dll

MOD - [2013-01-10 10:47:15 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\84f86f95b5891e6918ac28918493fcad\Kies.Common.StoreManager.ni.dll

MOD - [2013-01-10 10:47:13 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll

MOD - [2013-01-10 10:47:13 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\76b539a4b51fa911a868ff999087fc26\Kies.Common.AllShare.ni.dll

MOD - [2013-01-10 10:47:11 | 000,043,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll

MOD - [2013-01-10 10:47:11 | 000,036,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CmdAgentLib\02112949b614855b25bdd7eae4fa464a\Interop.CmdAgentLib.ni.dll

MOD - [2013-01-10 10:47:10 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f5c6cb7cd8fe9fde11d3b1baa6273439\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll

MOD - [2013-01-10 10:47:10 | 000,046,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AdminCmdAgent\ac715684bfba0fcdb10807c93ef0cca4\AdminCmdAgent.ni.dll

MOD - [2013-01-10 10:47:08 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ce0c07379d684b13e16ff3f86859268a\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll

MOD - [2013-01-10 10:47:07 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\5e1c9b656623e96ba88a7c843e3c4743\Interop.DevFileServiceLib.ni.dll

MOD - [2013-01-10 10:47:07 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.CDBurnCOMLib\c1739a9b18cf8b334e60bfc1e4d126db\Interop.CDBurnCOMLib.ni.dll

MOD - [2013-01-10 10:47:06 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9449228e5d54148b202cc31e0d122007\Kies.Common.DeviceServiceLib.FileService.ni.dll

MOD - [2013-01-10 10:47:05 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.SyncService#\6169b94e04d363fb40d22ff30aaf24df\Interop.SyncServiceLib.ni.dll

MOD - [2013-01-10 10:47:04 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1bce0f2823154a17fa5f3bdb3f942fc\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll

MOD - [2013-01-10 10:47:03 | 000,083,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceManag#\632874d66534024b811a93de2879d6db\Interop.DeviceManagerLib.ni.dll

MOD - [2013-01-10 10:47:03 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\755372b3115e029792125faaf3c1fdc1\Interop.DeviceServiceModelDBLib.ni.dll

MOD - [2013-01-10 10:47:02 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3f04fd8571bd8fce43b44e005ed76dcc\Kies.Common.DeviceServiceLib.Interface.ni.dll

MOD - [2013-01-10 10:47:02 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceDataS#\cc97d9478b1bcb3c9cb62b65a1f8824c\Interop.DeviceDataServiceLib.ni.dll

MOD - [2013-01-10 10:47:02 | 000,053,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.ConnectionM#\94ae8d556c86f6326a1f9b4566948fb7\Interop.ConnectionManagerLib.ni.dll

MOD - [2013-01-10 10:47:01 | 000,902,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\862afe4e75ca8c8ff39da665e049a53e\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll

MOD - [2013-01-10 10:46:59 | 001,025,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\8347bc592ce3ab9df0ab644cbde32e50\Kies.Common.DeviceService.ni.dll

MOD - [2013-01-10 10:46:54 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d5b1b0c6e8a714de39a06e3b61f35fe\System.Management.ni.dll

MOD - [2013-01-10 10:46:52 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll

MOD - [2013-01-10 10:46:52 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll

MOD - [2013-01-10 10:46:51 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll

MOD - [2013-01-10 10:46:51 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\e7e551790fd25ab8ad002f1ea6643c3a\Interop.PRPLAYERCORELib.ni.dll

MOD - [2013-01-10 10:46:41 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\200fe24fa11e9bcfba932685cd446a90\Kies.Common.DBManager.ni.dll

MOD - [2013-01-10 10:46:40 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\b8d3852e5a6e3b88855b66c70584da3f\ICSharpCode.SharpZipLib.ni.dll

MOD - [2013-01-10 10:46:40 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll

MOD - [2013-01-10 10:46:38 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\f64400a817d3942ff03470493d079229\Interop.DeviceSearchLib.ni.dll

MOD - [2013-01-10 10:46:37 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\eb65253ccb5b544e4ca73bd76af5c080\Kies.Locale.ni.dll

MOD - [2013-01-10 10:46:36 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\4423d13d5488ed057c1b5124e875e7c8\Kies.MVVM.ni.dll

MOD - [2013-01-10 10:46:30 | 001,185,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\9c3350d38de97f460563787b2a3d9a3b\Kies.Interface.ni.dll

MOD - [2013-01-10 10:45:49 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll

MOD - [2013-01-10 10:45:34 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll

MOD - [2013-01-10 01:11:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll

MOD - [2013-01-10 01:10:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll

MOD - [2013-01-10 01:10:46 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll

MOD - [2013-01-10 01:10:00 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll

MOD - [2013-01-10 01:08:34 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll

MOD - [2013-01-10 01:08:22 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll

MOD - [2013-01-09 23:18:49 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll

MOD - [2013-01-09 23:18:38 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll

MOD - [2013-01-09 23:18:27 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll

MOD - [2013-01-09 23:18:19 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll

MOD - [2013-01-09 23:18:14 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll

MOD - [2013-01-09 23:18:13 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll

MOD - [2013-01-09 23:18:00 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll

MOD - [2013-01-09 23:17:55 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll

MOD - [2013-01-09 23:17:48 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll

MOD - [2013-01-09 23:17:38 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll

MOD - [2012-08-31 01:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

MOD - [2011-03-02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2009-03-31 10:04:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll

MOD - [2009-03-31 10:04:20 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_nl_b77a5c561934e089\System.resources.dll

MOD - [2008-09-02 11:29:52 | 000,098,304 | ---- | M] () -- C:\Program Files\Photo!\Photo! Editor\IvBar\ivbshlext.dll

MOD - [2007-07-16 12:54:10 | 000,025,264 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe

MOD - [2007-07-16 12:54:08 | 000,434,864 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe

MOD - [2007-05-02 05:11:56 | 000,040,960 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.Monitor.Core.dll

MOD - [2007-05-02 05:11:56 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.Monitor.Common.dll

MOD - [2007-05-02 05:10:58 | 000,057,344 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.dll

MOD - [2007-04-30 08:20:26 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll

MOD - [2007-04-30 08:19:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.ScanDevMon.dll

MOD - [2007-04-30 08:19:48 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\App4R.DevMons.NetworkCardDevMon.dll

MOD - [2007-03-23 15:41:44 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiscw.dll

MOD - [2007-03-05 10:45:26 | 000,589,824 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdidatr.dll

MOD - [2006-12-28 11:47:42 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxdicats.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2013-02-08 15:28:26 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-12-14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)

SRV - [2012-11-29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)

SRV - [2012-09-24 16:05:00 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)

SRV - [2012-09-24 16:04:32 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)

SRV - [2012-09-12 16:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)

SRV - [2012-09-12 16:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)

SRV - [2012-07-17 22:10:16 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-02-13 20:02:32 | 001,604,880 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Running] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs)

SRV - [2011-11-23 14:15:40 | 001,510,720 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011-04-01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)

SRV - [2011-03-28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)

SRV - [2010-11-26 23:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)

SRV - [2010-03-10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2009-07-09 13:27:52 | 001,716,224 | ---- | M] (Textalk AB) [Auto | Running] -- C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe -- (EFUploadSrv)

SRV - [2008-10-06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)

SRV - [2008-09-16 11:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)

SRV - [2008-02-03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)

SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007-06-11 10:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdicoms.exe -- (lxdi_device)

SRV - [2007-06-11 10:14:42 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)

DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)

DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\tfohqy.sys -- (jiwqy)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\clwvd.sys -- (clwvd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwavdt.sys -- (btwavdt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)

DRV - [2013-02-26 14:26:00 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD850F49-2742-461A-AEA8-963242D727ED}\MpKsld3b87875.sys -- (MpKsld3b87875)

DRV - [2013-02-26 12:41:29 | 000,029,904 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD850F49-2742-461A-AEA8-963242D727ED}\MpKsla2db8154.sys -- (MpKsla2db8154)

DRV - [2013-02-26 01:17:11 | 000,029,904 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD850F49-2742-461A-AEA8-963242D727ED}\MpKslb4f8faaa.sys -- (MpKslb4f8faaa)

DRV - [2012-09-24 16:04:42 | 000,063,864 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv)

DRV - [2012-08-30 21:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)

DRV - [2012-02-13 20:02:02 | 000,087,312 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\bckd.sys -- (bckd)

DRV - [2011-11-09 09:21:18 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2011-06-02 06:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)

DRV - [2011-06-02 06:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)

DRV - [2011-06-02 06:47:22 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)

DRV - [2011-06-02 06:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)

DRV - [2009-09-05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2008-10-03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)

DRV - [2008-07-17 17:01:00 | 000,269,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Vid.sys -- (OA004Vid)

DRV - [2008-06-29 15:52:26 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)

DRV - [2008-06-10 19:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2008-06-03 09:30:24 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Ufd.sys -- (OA004Ufd)

DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)

DRV - [2007-10-18 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2007-06-18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search

IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = {searchTerms} - Bing

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}

IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing

IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = {searchTerms} - Bing

IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@ei.MyWebFace_5a.com/Plugin: C:\Program Files\MyWebFace_5aEI\Installr\1.bin\NP5aEISB.dll File not found

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\PremierOpinion

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013-01-29 09:15:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-29 09:15:45 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension

[2010-02-18 12:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Extensions

[2010-02-18 12:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2012-06-21 15:52:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\extensions

[2012-06-30 10:50:14 | 000,000,000 | ---D | M] (uTorrentBar_NL Community Toolbar) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\extensions\{87775fdb-6972-41f9-ae51-8326e38cb206}

[2013-02-24 14:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\Profiles\extensions

[2012-12-25 21:37:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions

[2012-12-25 21:37:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Compaq\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions

O1 HOSTS File: ([2013-02-26 14:26:14 | 000,002,480 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 216.239.32.20 www.google.ae # bck9

O1 - Hosts: 216.239.32.20 www.google.at # bck9

O1 - Hosts: 216.239.32.20 www.google.be # bck9

O1 - Hosts: 216.239.32.20 www.google.ca # bck9

O1 - Hosts: 216.239.32.20 www.google.ch # bck9

O1 - Hosts: 216.239.32.20 www.google.cl # bck9

O1 - Hosts: 216.239.32.20 www.google.co.il # bck9

O1 - Hosts: 216.239.32.20 www.google.co.in # bck9

O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9

O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9

O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9

O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9

O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9

O1 - Hosts: 216.239.32.20 www.google.co.za # bck9

O1 - Hosts: 216.239.32.20 www.google.com # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9

O1 - Hosts: 216.239.32.20 www.google.com.au # bck9

O1 - Hosts: 216.239.32.20 www.google.com.br # bck9

O1 - Hosts: 216.239.32.20 www.google.com.co # bck9

O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9

O1 - Hosts: 216.239.32.20 www.google.com.my # bck9

O1 - Hosts: 41 more lines...

O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)

O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()

O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe ()

O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)

O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe (jiiSoft)

O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()

O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)

O4 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: internet ([]about in Vertrouwde websites)

O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: marktplaats.nl ([betalingen] https in Vertrouwde websites)

O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: mcafee.com ([]http in Vertrouwde websites)

O15 - HKU\S-1-5-21-279592566-1776291336-1976008511-1000\..Trusted Domains: mcafee.com ([]https in Vertrouwde websites)

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/download/imikimi_plugin_0.5.1.cab (Imikimi_activex_plugin Control)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab (Image Uploader Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75380268-F390-455C-9CFA-4637BB461275}: DhcpNameServer = 212.54.40.25 212.54.35.25

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-02-26 14:36:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Compaq\Desktop\OTL.com

[2013-02-25 20:24:27 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Roaming\Systweak

[2013-02-25 20:24:25 | 000,018,800 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe

[2013-02-25 18:24:09 | 000,688,779 | ---- | C] (Swearware) -- C:\Users\Compaq\Desktop\dds.pif

[2013-02-25 14:05:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2013-02-25 12:46:04 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Compaq\Desktop\dds.com

[2013-02-24 17:05:50 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2013-02-24 17:04:29 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2013-02-24 14:36:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013-02-24 14:31:46 | 000,000,000 | ---D | C] -- C:\Windows\Temp

[2013-02-24 14:31:46 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Local\Temp

[2013-02-23 17:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\HiJackThis

[2013-02-23 10:01:55 | 000,000,000 | ---D | C] -- C:\Users\Compaq\Documents\webkit

[2013-02-23 10:01:45 | 000,000,000 | ---D | C] -- C:\Users\Compaq\.Virtualbox.sav

[2013-02-23 10:01:09 | 000,000,000 | ---D | C] -- C:\Users\Compaq\youwave

[2013-02-21 20:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

[2013-02-21 20:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks

[2013-02-21 11:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013-02-21 11:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2013-02-16 19:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\IncrediMail

[2013-02-07 16:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series

[2013-02-07 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3500-4500 Series

[2013-02-05 22:11:40 | 000,000,000 | ---D | C] -- C:\aiofw

[2013-02-04 15:45:50 | 000,000,000 | ---D | C] -- C:\Windows\Profiles

[2013-02-02 12:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Xerox

[2013-01-30 16:49:14 | 000,000,000 | ---D | C] -- C:\Users\Compaq\{4f2f8c7e-f45b-4e33-b049-2c7d3a203053}

[2013-01-30 15:53:38 | 000,000,000 | ---D | C] -- C:\lxk3500-4500Patch

[2013-01-29 09:17:30 | 000,000,000 | ---D | C] -- C:\Users\Compaq\AppData\Local\Real

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-02-26 14:36:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Compaq\Desktop\OTL.com

[2013-02-26 14:35:15 | 000,140,300 | ---- | M] () -- C:\Users\Compaq\Desktop\hosts.zip

[2013-02-26 14:29:00 | 000,000,286 | ---- | M] () -- C:\ProgramData\hpqp.ini

[2013-02-26 14:28:24 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013-02-26 14:26:14 | 000,002,480 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013-02-26 14:25:36 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013-02-26 14:25:36 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013-02-26 14:25:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-02-26 14:25:23 | 3149,078,528 | -HS- | M] () -- C:\hiberfil.sys

[2013-02-26 12:37:49 | 000,007,052 | ---- | M] () -- C:\Users\Compaq\AppData\Local\d3d9caps.dat

[2013-02-26 08:42:01 | 000,000,177 | ---- | M] () -- C:\Users\Compaq\Desktop\Ad.url

[2013-02-26 01:02:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2013-02-25 19:57:47 | 000,003,080 | ---- | M] () -- C:\Users\Public\Desktop\sample_25-02-2013_1957.zip

[2013-02-25 19:30:21 | 000,066,541 | ---- | M] () -- C:\Users\Compaq\.recently-used.xbel

[2013-02-25 18:24:10 | 000,688,779 | ---- | M] (Swearware) -- C:\Users\Compaq\Desktop\dds.pif

[2013-02-25 14:20:41 | 000,008,984 | ---- | M] () -- C:\ProgramData\lxdi

[2013-02-25 14:18:57 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X .lnk

[2013-02-25 12:46:04 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Compaq\Desktop\dds.com

[2013-02-25 09:21:21 | 000,000,975 | ---- | M] () -- C:\Users\Compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2013-02-25 08:50:51 | 000,020,310 | ---- | M] () -- C:\Users\Compaq\Desktop\capture-20130225-085034.png

[2013-02-24 18:56:14 | 000,002,531 | ---- | M] () -- C:\Users\Compaq\Desktop\Jasc Animation Shop 3.lnk

[2013-02-24 17:05:58 | 000,002,525 | ---- | M] () -- C:\Users\Compaq\Desktop\HiJackThis.lnk

[2013-02-23 09:55:06 | 000,001,153 | ---- | M] () -- C:\Users\Compaq\Desktop\Launch Internet Explorer Browser.lnk

[2013-02-21 21:00:40 | 000,001,676 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk

[2013-02-21 19:42:00 | 000,092,481 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_13104.jpg

[2013-02-21 19:41:16 | 000,110,362 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_74277.jpg

[2013-02-21 16:09:47 | 000,091,583 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_41770.jpg

[2013-02-21 14:49:10 | 000,098,427 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_41300.jpg

[2013-02-21 14:43:41 | 000,083,802 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_48962.jpg

[2013-02-21 14:40:36 | 000,091,720 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_92857.jpg

[2013-02-21 14:40:28 | 000,114,139 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_45383.jpg

[2013-02-21 11:47:34 | 000,091,199 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_77757.jpg

[2013-02-21 11:33:04 | 000,091,739 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_9644.jpg

[2013-02-21 11:32:31 | 000,103,932 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_39741.jpg

[2013-02-21 11:31:39 | 000,078,033 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_57353.jpg

[2013-02-21 11:09:03 | 000,124,158 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_94959.jpg

[2013-02-21 11:04:12 | 000,078,459 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_78699.jpg

[2013-02-21 11:02:36 | 000,078,365 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_88790.jpg

[2013-02-21 11:01:00 | 000,102,389 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_29528.jpg

[2013-02-21 10:41:47 | 000,099,296 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_37561.jpg

[2013-02-21 10:41:35 | 000,076,804 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_86319.jpg

[2013-02-21 10:40:51 | 000,076,733 | ---- | M] () -- C:\Users\Compaq\final_bstSnapshot_16515.jpg

[2013-02-21 00:34:36 | 000,002,637 | ---- | M] () -- C:\Users\Compaq\Desktop\Jasc Paint Shop Pro 8.lnk

[2013-02-19 20:43:24 | 000,069,120 | ---- | M] () -- C:\Users\Compaq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013-02-19 15:48:48 | 000,001,196 | ---- | M] () -- C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk

[2013-02-19 08:39:56 | 000,000,238 | ---- | M] () -- C:\Users\Compaq\Desktop\facebook.url

[2013-02-17 10:24:53 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk

[2013-02-17 10:24:53 | 000,001,882 | ---- | M] () -- C:\Users\Compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk

[2013-02-14 09:57:53 | 000,469,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013-02-14 00:11:20 | 000,680,716 | ---- | M] () -- C:\Windows\System32\perfh013.dat

[2013-02-14 00:11:20 | 000,599,182 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013-02-14 00:11:20 | 000,132,166 | ---- | M] () -- C:\Windows\System32\perfc013.dat

[2013-02-14 00:11:20 | 000,105,864 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013-02-07 16:39:04 | 000,077,507 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf

[2013-02-07 16:36:10 | 000,000,897 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK

[2013-01-29 18:17:32 | 000,018,800 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe

[2013-01-29 09:16:28 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2013-01-29 09:12:23 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-02-26 14:35:15 | 000,140,300 | ---- | C] () -- C:\Users\Compaq\Desktop\hosts.zip

[2013-02-25 19:57:47 | 000,003,080 | ---- | C] () -- C:\Users\Public\Desktop\sample_25-02-2013_1957.zip

[2013-02-25 19:30:21 | 000,066,541 | ---- | C] () -- C:\Users\Compaq\.recently-used.xbel

[2013-02-25 14:18:57 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X .lnk

[2013-02-25 14:18:57 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk

[2013-02-25 09:21:20 | 000,000,963 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2013-02-25 08:50:51 | 000,020,310 | ---- | C] () -- C:\Users\Compaq\Desktop\capture-20130225-085034.png

[2013-02-24 17:04:29 | 000,002,525 | ---- | C] () -- C:\Users\Compaq\Desktop\HiJackThis.lnk

[2013-02-24 08:24:22 | 000,000,177 | ---- | C] () -- C:\Users\Compaq\Desktop\Ad.url

[2013-02-21 21:00:40 | 000,001,676 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk

[2013-02-21 19:42:00 | 000,092,481 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_13104.jpg

[2013-02-21 19:41:16 | 000,110,362 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_74277.jpg

[2013-02-21 16:09:47 | 000,091,583 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_41770.jpg

[2013-02-21 14:49:10 | 000,098,427 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_41300.jpg

[2013-02-21 14:43:41 | 000,083,802 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_48962.jpg

[2013-02-21 14:40:36 | 000,091,720 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_92857.jpg

[2013-02-21 14:40:28 | 000,114,139 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_45383.jpg

[2013-02-21 11:47:34 | 000,091,199 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_77757.jpg

[2013-02-21 11:33:03 | 000,091,739 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_9644.jpg

[2013-02-21 11:32:30 | 000,103,932 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_39741.jpg

[2013-02-21 11:31:39 | 000,078,033 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_57353.jpg

[2013-02-21 11:09:03 | 000,124,158 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_94959.jpg

[2013-02-21 11:04:12 | 000,078,459 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_78699.jpg

[2013-02-21 11:02:36 | 000,078,365 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_88790.jpg

[2013-02-21 11:01:00 | 000,102,389 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_29528.jpg

[2013-02-21 10:41:47 | 000,099,296 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_37561.jpg

[2013-02-21 10:41:35 | 000,076,804 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_86319.jpg

[2013-02-21 10:40:51 | 000,076,733 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_16515.jpg

[2013-02-19 15:48:48 | 000,001,196 | ---- | C] () -- C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk

[2013-02-18 18:28:51 | 000,000,238 | ---- | C] () -- C:\Users\Compaq\Desktop\facebook.url

[2013-02-16 19:22:58 | 000,001,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk

[2013-02-16 19:22:58 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk

[2013-02-16 19:22:58 | 000,001,882 | ---- | C] () -- C:\Users\Compaq\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk

[2013-02-07 16:36:10 | 000,000,897 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK

[2013-02-07 16:35:04 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\lxdiinpa.dll

[2013-02-07 16:35:04 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdiiesc.dll

[2013-02-07 16:35:04 | 000,311,296 | ---- | C] ( ) -- C:\Windows\System32\lxdihcp.dll

[2013-02-07 16:35:04 | 000,294,912 | ---- | C] () -- C:\Windows\System32\lxdiinst.dll

[2013-02-07 16:35:03 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxdiserv.dll

[2013-02-07 16:35:03 | 000,942,080 | ---- | C] ( ) -- C:\Windows\System32\lxdiusb1.dll

[2013-02-07 16:35:03 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdiprox.dll

[2013-02-07 16:35:03 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdipplc.dll

[2013-02-07 16:35:02 | 000,614,400 | ---- | C] ( ) -- C:\Windows\System32\lxdipmui.dll

[2013-02-07 16:35:02 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\lxdilmpm.dll

[2013-02-07 16:35:01 | 000,965,785 | ---- | C] () -- C:\Windows\System32\lxdihelp.chm

[2013-02-07 16:35:01 | 000,671,744 | ---- | C] ( ) -- C:\Windows\System32\lxdihbn3.dll

[2013-02-07 16:35:01 | 000,320,432 | ---- | C] ( ) -- C:\Windows\System32\lxdiih.exe

[2013-02-07 16:35:01 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdigrd.dll

[2013-02-07 16:35:00 | 000,517,040 | ---- | C] ( ) -- C:\Windows\System32\lxdicoms.exe

[2013-02-07 16:34:59 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdicomc.dll

[2013-02-07 16:34:59 | 000,360,448 | ---- | C] ( ) -- C:\Windows\System32\lxdicomm.dll

[2013-02-07 16:34:58 | 000,340,912 | ---- | C] ( ) -- C:\Windows\System32\lxdicfg.exe

[2013-02-07 16:34:58 | 000,001,900 | ---- | C] () -- C:\Windows\System32\lxdi.loc

[2013-01-30 16:29:24 | 000,024,576 | ---- | C] () -- C:\Program Files\Lexmark 3500-4500 Series(271)

[2012-12-25 12:04:06 | 000,123,442 | ---- | C] () -- C:\Users\Compaq\fitness.gif

[2012-12-09 19:55:34 | 000,090,112 | ---- | C] () -- C:\Windows\System32\bsrlback.dll

[2012-12-09 19:55:34 | 000,090,112 | ---- | C] () -- C:\Windows\System32\bsreffs.dll

[2012-12-09 19:55:32 | 000,692,224 | ---- | C] () -- C:\Windows\System32\bsrmgcv.dll

[2012-12-09 19:55:32 | 000,192,512 | ---- | C] () -- C:\Windows\System32\bsrmgps.dll

[2012-12-09 19:55:32 | 000,081,920 | ---- | C] () -- C:\Windows\System32\bsrgvas.dll

[2012-12-09 19:55:24 | 000,585,728 | ---- | C] () -- C:\Windows\System32\bsratswf.dll

[2012-12-09 19:55:24 | 000,147,456 | ---- | C] () -- C:\Windows\System32\bsratwmv.dll

[2012-12-02 19:38:25 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2012-11-08 00:18:06 | 000,093,553 | ---- | C] () -- C:\Users\Compaq\final_bstSnapshot_82286.jpg

[2012-06-26 15:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2012-06-26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2012-06-26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2012-06-26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2012-06-26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2012-04-28 12:14:23 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll

[2011-12-24 13:02:12 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2011-12-24 12:57:49 | 000,034,936 | ---- | C] () -- C:\Windows\System32\uninstHelixYUV.exe

[2011-12-18 15:59:39 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib

[2011-12-15 15:24:04 | 003,726,375 | ---- | C] () -- C:\Users\Compaq\Ulead_GIF-X.Plugin_2.0.rar

[2011-11-29 14:07:14 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll

[2011-08-01 21:17:02 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin

[2011-05-28 15:41:30 | 000,000,598 | ---- | C] () -- C:\Users\Compaq\emma.xspf

[2011-04-26 21:30:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2011-04-26 21:30:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2011-04-26 21:30:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011-04-26 21:30:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011-04-26 21:30:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2011-04-25 23:06:58 | 000,148,195 | ---- | C] () -- C:\Program Files\Common Files\BookViewer.xap

[2011-04-08 13:57:44 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2011-02-22 21:11:27 | 000,221,892 | ---- | C] () -- C:\Users\Compaq\You are my Star a 1.dzp

[2011-02-22 21:03:48 | 001,721,089 | ---- | C] () -- C:\Users\Compaq\youmm.dzp

[2011-02-22 21:00:44 | 000,340,920 | ---- | C] () -- C:\Users\Compaq\YOU.dzp

[2011-02-22 19:44:34 | 004,305,056 | ---- | C] () -- C:\Users\Compaq\Vorhang 55 open p.dzp

[2011-02-22 19:32:56 | 000,800,703 | ---- | C] () -- C:\Users\Compaq\through mirror.dzp

[2009-06-16 22:11:22 | 000,000,552 | ---- | C] () -- C:\Users\Compaq\AppData\Local\d3d8caps.dat

[2009-05-08 20:40:27 | 000,008,984 | ---- | C] () -- C:\ProgramData\lxdi

[2009-04-24 11:56:16 | 000,007,052 | ---- | C] () -- C:\Users\Compaq\AppData\Local\d3d9caps.dat

[2009-04-22 20:45:47 | 000,004,144 | ---- | C] () -- C:\Users\Compaq\AppData\Roaming\wklnhst.dat

[2009-04-22 20:45:13 | 000,069,120 | ---- | C] () -- C:\Users\Compaq\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-03-06 00:37:04 | 000,000,286 | ---- | C] () -- C:\ProgramData\hpqp.ini

========== ZeroAccess Check ==========

[2006-11-02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2010-05-04 22:44:17 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Acapela Group

[2012-06-18 06:38:11 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Awads

[2012-10-06 19:40:37 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Azureus

[2013-02-19 15:50:52 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Belastingdienst

[2011-02-06 17:36:37 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\BitComet

[2010-05-26 23:15:08 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\DAZ 3D

[2012-02-09 10:54:14 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\DVDVideoSoft

[2012-02-09 10:53:41 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\DVDVideoSoftIEHelpers

[2012-09-13 10:30:32 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Ewoliv

[2009-12-23 07:11:24 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\ExtraFilm

[2011-04-28 09:19:47 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Fighters

[2013-01-15 10:51:29 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\FLVPlayer4Free

[2012-10-04 16:59:59 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\FrostWire

[2011-02-22 20:12:19 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\GetRightToGo

[2013-02-25 19:30:21 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\gtk-2.0

[2010-08-28 20:30:24 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\HamsterSoft

[2010-12-09 12:40:17 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Jasc

[2011-12-24 16:47:11 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Kazaa Lite

[2013-02-07 16:51:51 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Lexmark Productivity Studio

[2009-07-07 22:12:39 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\LimeWire Music

[2010-01-03 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Morpheus Software

[2012-06-18 07:27:46 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Nyon

[2013-02-04 12:04:52 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\PhotoScape

[2012-08-27 10:19:40 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Pixlromatic

[2012-10-04 21:50:28 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Raptr

[2011-06-16 16:36:15 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Reviversoft

[2012-09-07 19:29:12 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Samsung

[2010-01-16 23:34:07 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\SPAMfighter

[2013-02-25 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Systweak

[2012-07-10 14:47:07 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\TeamViewer

[2009-04-22 20:45:49 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Template

[2012-09-12 09:45:24 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\TuneUp Software

[2012-09-13 10:01:00 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Uccy

[2011-10-29 15:01:22 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Uniblue

[2013-02-26 14:49:33 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\uTorrent

[2010-03-17 19:48:04 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\VoipBuster

[2011-01-18 11:57:20 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\WebcamMax

[2012-09-11 17:36:12 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Wiisa

[2012-08-02 22:35:56 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Windows Live Writer

[2010-05-04 22:44:23 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Xtranormal

[2012-06-17 18:05:36 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Yxlen

[2011-07-10 14:56:59 | 000,000,000 | ---D | M] -- C:\Users\Compaq\AppData\Roaming\Zoner

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:C119EC96

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34

@Alternate Data Stream - 64 bytes -> C:\Users\Compaq\Documents\Freddy Maertens goes to Bruges.mp4:TOC.WMV

@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:0B4227B4

@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8

@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:901E30B2

@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:DFC5A2B2

@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:8D21982F

< End of report >

[signorita]

OTL Extras logfile created on: 26-2-2013 14:38:02 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Compaq\Desktop

Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,93 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 57,42% Memory free

6,07 Gb Paging File | 4,66 Gb Available in Paging File | 76,90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 223,00 Gb Total Space | 127,22 Gb Free Space | 57,05% Space Free | Partition Type: NTFS

Drive D: | 9,88 Gb Total Space | 1,72 Gb Free Space | 17,39% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_COMPAQ | User Name: Compaq | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-279592566-1776291336-1976008511-1000]

"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Lexmark 3500-4500 Series\app4r.exe" = C:\Program Files\Lexmark 3500-4500 Series\app4r.exe:*:Enabled:Lexmark Imaging Studio -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{18A1A743-4168-4BA3-ADE8-9898B5DBA17E}" = rport=137 | protocol=17 | dir=out | app=system |

"{300E21A1-1CF1-4D2A-9E0E-175E041A5614}" = rport=139 | protocol=6 | dir=out | app=system |

"{559A1832-A305-4651-90FD-130C23F8B142}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |

"{6E7FB010-0B8C-49AC-912E-8277DB88E4F2}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe |

"{79E5E98C-D2BB-4B12-A82B-228BB2A756C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{81FEE34A-4EA1-4A76-8114-81EFCBC9AAFA}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |

"{9481AAFF-260E-4A9A-A018-8EC1F3153FE0}" = lport=2869 | protocol=6 | dir=in | app=system |

"{97F919CB-820A-46EC-8981-198BC53DBB6F}" = lport=445 | protocol=6 | dir=in | app=system |

"{9B10ECF4-01A6-46E0-8A3F-3EC5BC6E5B82}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{9EADCE8E-4FF7-4254-B7C9-2C7275539151}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{9F9780BC-74AC-4508-83A5-0AB2DE6295C4}" = lport=137 | protocol=17 | dir=in | app=system |

"{AD2D2C31-3E53-417A-840E-4E164CF1FD17}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |

"{B4AF8737-9C02-45A6-BC9E-2789ABD883C4}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |

"{C17F01A6-F0DA-4776-9F37-E0E7908E74DE}" = lport=138 | protocol=17 | dir=in | app=system |

"{D58DEF67-94CF-4AA3-9D61-7DC021F5C75C}" = rport=138 | protocol=17 | dir=out | app=system |

"{E1963F80-02CA-4ADB-8F0D-BDB993100CA1}" = rport=445 | protocol=6 | dir=out | app=system |

"{E6FC7BCF-44D2-4F60-8FEC-EFE2A24ABA18}" = lport=139 | protocol=6 | dir=in | app=system |

"{EE34BBAD-DAF2-453F-BAA0-A81F29D6F121}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{FCC2CB3F-2AED-4C61-AE36-BF2191B37AE8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02D62730-888C-43AE-8DAB-B2291A455DB0}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe |

"{05E6743A-7946-434C-A90B-328D94B8ACC6}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{11E69078-DB13-4D51-864F-63FD11853F6A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{14AC5918-98E8-4E61-A7FE-D1A7CF55C860}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe |

"{152DD921-B268-4401-90C6-C93C63320480}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdiwbgw.exe |

"{180CA938-813E-449B-88B4-25A138A8AC7C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |

"{1AF91C02-18C6-4FD6-B71F-AA8028A9338F}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |

"{24EE4D6A-E3AE-4FAD-8359-FE8BDE905EC3}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicfg.exe |

"{2539C5FC-BF4E-4D25-A029-6255963016E2}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |

"{25B192E7-AE2E-42D3-A7CB-44198C69A129}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{2771DFE3-EF68-4540-840E-A72DB417197C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe |

"{308737A5-494B-457B-82F7-FD119DEB1143}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicfg.exe |

"{32D5D43B-89AF-41DE-833D-E13C610B175D}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicoms.exe |

"{33DBF006-B066-4565-9849-B4D4F6EC6C0D}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |

"{3D255840-61FF-42E0-8A81-B94A005AF981}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |

"{40E886DE-B900-4F9D-B805-84053D6185DF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe |

"{44A2381C-5D0F-4A08-9893-88329902832B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{4671CE95-D1B2-4C08-9BC2-C4780E3E01F1}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |

"{4746410F-9B46-45D6-97B2-2245AD68F782}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{49706F90-0608-454C-9209-302D617B70EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{4F478F9B-36A5-4A6A-AA33-EAA4BC9FE1FE}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicoms.exe |

"{50C920CE-0F8D-4ADE-99DF-EAFA1B0A61F2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{59DF1409-D38B-4CDF-A7B6-4950FC6502D1}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdijswx.exe |

"{5B84407C-B767-4F36-9545-5A06C9C8199B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe |

"{5C7DFC44-9B96-44B9-801C-4593CBC63FD5}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{5CD081A2-01B6-4C78-9179-EA5BB88A5789}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |

"{5D6E5DD4-322E-4CBD-ABB2-28931BA712DE}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |

"{61C430A5-4472-4857-9925-BB14F7B3560E}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |

"{634A4F69-F778-47EA-8975-D6F7548AB8BC}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicoms.exe |

"{642E8C84-18C2-4714-92C3-264DCE89B785}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |

"{680D0534-8250-4824-83E6-8F67771EC7ED}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{68464D96-DBB5-4C92-A4FA-EEEC6E39836A}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |

"{6E56F282-A0BA-49E0-BA79-10FF154C06B9}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{82448B05-9B1C-4A6F-B009-7C8ED72BF326}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |

"{84373634-DDF9-412B-80BB-7F243A59E853}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |

"{87836444-C58E-4D17-8538-427425CCDB1A}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |

"{88BBA5D4-122F-402C-A82D-416C1A1D07A6}" = protocol=6 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |

"{8ACAD506-D4AA-44A4-98BA-7E544985DBEC}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxditime.exe |

"{8EFC894A-1BE7-405C-8AD8-76B1169A6D55}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{9170C214-5F6D-4C16-937A-2108EB202C56}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |

"{92ECB321-1724-4286-A762-5FC24F7391CA}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdiamon.exe |

"{9CE9D743-6430-4FBF-9262-41FA2C00CB7D}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |

"{A6144261-2C93-43C7-8EF2-E01874B5689D}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |

"{A6413273-792C-44A5-AFC4-2634FF17852A}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |

"{A6D0E51A-2E21-4BFB-95E9-9554B4A600F6}" = protocol=17 | dir=in | app=c:\windows\system32\lxdiih.exe |

"{A9918AED-9743-460F-BB05-54D9CA21FAA7}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{A9D789A6-F049-48F5-A7BE-3CC3ADA28414}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe |

"{AD8AB678-218A-446D-B53C-54FF3650ACC5}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |

"{AE2A27BD-B121-46D6-AD61-3672F36A8E8F}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\wireless\lxdiwpss.exe |

"{B8337443-3177-4434-BD75-6F8941FE7183}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |

"{CB9D59B6-3392-488B-8977-EC31C8056600}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{D355BCDC-9ADB-44F6-AD3B-95637C605917}" = protocol=17 | dir=in | app=c:\program files\lexmark 3500-4500 series\lxdimon.exe |

"{D85FFEB6-8E48-4E1F-851C-93E24B9F6E78}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdijswx.exe |

"{DBC8D630-C586-4A17-91BE-A0A27774DF40}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{DD004F76-3C80-4FF0-8313-922A29349442}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicoms.exe |

"{E1D902CD-7498-452D-B58E-5D731B76E144}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdiwbgw.exe |

"{E38CFCF2-09BA-46F0-BCF2-BAFF2E15384D}" = protocol=17 | dir=in | app=c:\program files\lexmark fax solutions\faxctr.exe |

"{EE56D171-9EA1-4308-B34A-62550DEE50B3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{EF542A26-01BD-4C14-A322-BEB13A854588}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{F5D8432D-A08D-4637-8034-40A5757FF2D6}" = protocol=6 | dir=in | app=c:\windows\system32\lxdiih.exe |

"{F9BD8E96-AA89-47A3-8645-08D719A1F566}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |

"{FAAC0F7F-BC9C-4055-83BE-83DA08F33273}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |

"{FB3F69E0-4ED8-443B-A0D2-1FC5826B83BD}" = protocol=6 | dir=in | app=c:\program files\lexmark 3500-4500 series\app4r.exe |

"TCP Query User{1BB9250A-382A-408A-B564-057C3875B7D5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |

"TCP Query User{22BB3695-E01E-4CB3-ADB6-CB0527207ECF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{27F35F09-8719-4116-919A-B587CDBC889C}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |

"TCP Query User{33B57C6C-C9F4-4503-AE32-FCFD7405957B}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |

"TCP Query User{35BA2914-FDF2-4950-9C42-44399F22E1CD}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |

"TCP Query User{4C7F79BB-4107-4B07-85A5-CA12B214D98E}C:\program files\real\realplayer\recordingmanager.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe |

"TCP Query User{66C6071C-A04C-403A-8BA1-0D76036CDFE2}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |

"TCP Query User{7199B439-60DE-4A7A-91B9-2218308A25FF}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |

"TCP Query User{8009915E-B2F7-4B59-B91A-75C51FD10F4E}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"TCP Query User{9298CCBB-773E-4B55-B332-5ED40234559F}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"TCP Query User{B84CB8F4-E3D3-4E5F-91F6-9BAFF868974F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{DB4B4264-2ABF-42FC-B8DC-712D311E995B}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |

"TCP Query User{F9B79CAA-EF06-4305-A37E-0042204C6AC9}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |

"UDP Query User{169DCAE8-5882-4B1D-8926-C28874F5D519}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |

"UDP Query User{1885C449-0408-429C-AE6C-B34C1E2612CD}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{1F746344-883B-41FE-91AB-499B82F3F8ED}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |

"UDP Query User{1FF8279C-E160-4833-B00D-03506C8D3386}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |

"UDP Query User{422AEA87-810B-40EA-9BD9-04C8E78063B6}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"UDP Query User{4A67FEF2-5D65-4FB2-830D-4C9B539294D7}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |

"UDP Query User{5C374A73-239D-4E6C-BABD-D657641216AA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{67CDA50E-C28F-4428-B6E8-3A0EBFAF9F52}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |

"UDP Query User{8DC5352B-5E59-45A2-B270-2BF6648A3328}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |

"UDP Query User{B6653475-A5DF-443A-8447-40AFCB154A90}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"UDP Query User{D0900749-22B8-42DF-80BE-9AB70AEF2E6C}C:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe |

"UDP Query User{DA767932-CAA0-4E21-B507-0F523D5F47A4}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |

"UDP Query User{F6279A74-5F44-47C9-8E49-AF69C683E032}C:\program files\real\realplayer\recordingmanager.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\recordingmanager.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support

"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1

"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR

"{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack

"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java 6 Update 29

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update

"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2

"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup

"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh

"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module

"{41A63ADA-088B-1C2D-43B3-E4087FE79881}" = Pixlr-o-matic

"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7

"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E1E1394-F813-420E-A4D0-63D6FE26ACBE}" = BlueStacks

"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows

"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client NL-NL Language Pack

"{5158F1F5-FA1B-4D49-B546-55A5004B89BD}" = Microsoft Works

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion

"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8

"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003

"{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client

"{98EFD8F0-08DE-48DB-B922-A2EBAB711043}" = Nero 7 Ultra Edition

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A2090170-70B6-40D6-8B43-04ECDC641EA6}" = TuneUp Utilities Language Pack (nl-NL)

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime

"{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Nederlands

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player

"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB

"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118

"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager

"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack

"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader

"{DE4BF4BE-3CDC-43B5-BBDA-DDDA73103111}" = Corel PaintShop Photo Pro X3

"{DE8B9311-ADE7-4EDE-B121-326CAA3D225D}" = PSPPContent

"{DE99075E-7D25-4B96-B32E-BFE6FBFAA644}" = IPM_PSP_CL

"{DEAEB5DB-04FA-489D-94EF-8600898B93EE}" = ICA

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEF1928A-FC01-48E7-A7E6-4651D42EF6A1}" = PSPPRO_DCRAW

"{DEF8C145-CC4F-4DAA-AD5C-E707C07AEE50}" = IPM_PSP_COM

"{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}" = Microsoft Antimalware Service NL-NL Language Pack

"{FDFE5E63-116A-4655-9B4D-29F4AFE441B3}" = IncrediMail

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Aangifte inkomstenbelasting 2009" = Aangifte inkomstenbelasting 2009

"Aangifte inkomstenbelasting 2012" = Aangifte inkomstenbelasting 2012

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Acrobat 4.0" = Adobe Acrobat 4.0

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"AviSynth" = AviSynth 2.6

"Blue Coat K9 Web Protection" = Blue Coat K9 Web Protection

"BSRScreenRecorder5" = BSR Screen Recorder 5

"CCleaner" = CCleaner

"CNXT_AUDIO_HDA" = Conexant HD Audio

"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP

"Creative OA004" = Integrated Webcam Driver (1.00.03.0720)

"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228

"HDMI" = Intel® Graphics Media Accelerator Driver

"HelixYUVCodecs" = Helix YUV Codecs (remove only)

"IE New Window Maximizer_is1" = IE New Window Maximizer 2.4

"Imikimi Plugin" = Imikimi Plugin

"IncrediMail" = IncrediMail 2.0

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"Jasc Paint Shop Pro 8.06 Update Patch" = Jasc Paint Shop Pro 8.06 Update Patch

"Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series

"Lexmark Fax Solutions" = Lexmark Faxoplossingen

"LHTTSDUN" = L&H TTS3000 Nederlands

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100

"Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

"Microsoft Security Client" = Microsoft Security Essentials

"PaintStar_is1" = PaintStar 2.70

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"PhotoFiltre" = PhotoFiltre

"PhotoMail" = PhotoMail Maker

"PhotoScape" = PhotoScape

"PhotoToolkit_is1" = Photo! Editor 1.1

"Picasa 3" = Picasa 3

"Pixlromatic" = Pixlr-o-matic

"Popims Animator" = Popims Animator

"RealPlayer 16.0" = RealPlayer

"Sqirlz Water Reflections" = Sqirlz Water Reflections

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TeamViewer 8" = TeamViewer 8

"TuneUp Utilities 2012" = TuneUp Utilities 2012

"Uninstall_is1" = Uninstall 1.0.0.1

"uTorrent" = µTorrent

"VLC media player" = VLC media player 2.0.4

"WildTangent hp Master Uninstall" = My HP Games

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.00 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-279592566-1776291336-1976008511-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 25-2-2013 15:30:10 | Computer Name = PC_van_Compaq | Source = VSS | ID = 8194

Description =

Error - 25-2-2013 18:17:04 | Computer Name = PC_van_Compaq | Source = SideBySide | ID = 16842785

Description = Kan activeringscontext voor 'C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe'

niet maken. Kan afhankelijke assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"

niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose.

Error - 25-2-2013 18:17:04 | Computer Name = PC_van_Compaq | Source = SideBySide | ID = 16842785

Description = Kan activeringscontext voor 'C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe'

niet maken. Kan afhankelijke assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"

niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose.

Error - 25-2-2013 18:21:42 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013

Description =

Error - 25-2-2013 18:21:43 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013

Description =

Error - 26-2-2013 3:24:17 | Computer Name = PC_van_Compaq | Source = BstHdAndroidSvc | ID = 0

Description = Service kan niet worden gestart. System.ApplicationException: Cannot

start service. Service did not stop gracefully the last time it was run. bij

BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object

state)

Error - 26-2-2013 7:39:23 | Computer Name = PC_van_Compaq | Source = BstHdAndroidSvc | ID = 0

Description = Service kan niet worden gestart. System.ApplicationException: Cannot

start service. Service did not stop gracefully the last time it was run. bij

BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object

state)

Error - 26-2-2013 7:43:25 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013

Description =

Error - 26-2-2013 7:43:25 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013

Description =

Error - 26-2-2013 9:26:28 | Computer Name = PC_van_Compaq | Source = BstHdAndroidSvc | ID = 0

Description = Service kan niet worden gestart. System.ApplicationException: Cannot

start service. Service did not stop gracefully the last time it was run. bij

BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object

state)

Error - 26-2-2013 9:30:33 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013

Description =

Error - 26-2-2013 9:30:33 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013

Description =

Error - 26-2-2013 9:30:34 | Computer Name = PC_van_Compaq | Source = Windows Search Service | ID = 3013

Description =

[ System Events ]

Error - 26-2-2013 9:25:28 | Computer Name = PC_van_Compaq | Source = EventLog | ID = 6008

Description = De vorige afsluiting van het systeem om 14:24:24 op 26-2-2013 is onverwacht

gebeurd.

Error - 26-2-2013 9:25:35 | Computer Name = PC_van_Compaq | Source = HTTP | ID = 15021

Description =

Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7000

Description =

Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7009

Description =

Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7000

Description =

Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7009

Description =

Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7000

Description =

Error - 26-2-2013 9:27:06 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7023

Description =

Error - 26-2-2013 9:27:56 | Computer Name = PC_van_Compaq | Source = Service Control Manager | ID = 7026

Description =

Error - 26-2-2013 9:30:16 | Computer Name = PC_van_Compaq | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001

Description =

< End of report >

[juisterr]

OTL ziet er schoon uit dus dat geeft geen uitsluitsel.

Iets anders proberen, een fix met behulp van zoek.exe

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  copy /y "C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk" "C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk";b
  copy /y "C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk" "C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk";b
  shortcutfix;
  C:\Users\Compaq\AppData\Roaming\Awads;f
  C:\Users\Compaq\AppData\Roaming\Ewoliv;f
  C:\Users\Compaq\AppData\Roaming\Nyon;f
  C:\Users\Compaq\AppData\Roaming\Raptr;f
  C:\Users\Compaq\AppData\Roaming\Uccy;f
  C:\Users\Compaq\AppData\Roaming\Wiisa;f
  C:\Users\Compaq\AppData\Roaming\Yxlen;f
  
  
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

• 
  

26 februari 2013 aangepast door juisterr

[signorita]

Zoek.exe Version 4.0.0.1 Updated 25-02-2013

Tool run by Compaq on di 26-02-2013 at 23:06:06,28.

Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Batch Command(s) Run By Tool======================

==== Deleting Files \ Folders ======================

"C:\Users\Compaq\AppData\Roaming\Awads\anedk.syp" deleted

"C:\Users\Compaq\AppData\Roaming\Nyon\yxtu.tmp" deleted

"C:\Users\Compaq\AppData\Roaming\Wiisa\ohos.ixo" deleted

"C:\Users\Compaq\AppData\Roaming\Yxlen\unoco.yva" deleted

"C:\Users\Compaq\AppData\Roaming\Raptr\ltc\[help] Dwm.exe.log" deleted

"C:\Users\Compaq\AppData\Roaming\Raptr\ltc\[help] lxdiamon.exe.log" deleted

"C:\Users\Compaq\AppData\Roaming\Raptr\ltc\[help] PMBVolumeWatcher.exe.log" deleted

"C:\Users\Compaq\AppData\Roaming\Awads" deleted

"C:\Users\Compaq\AppData\Roaming\Ewoliv" deleted

"C:\Users\Compaq\AppData\Roaming\Nyon" deleted

"C:\Users\Compaq\AppData\Roaming\Raptr" deleted

"C:\Users\Compaq\AppData\Roaming\Uccy" deleted

"C:\Users\Compaq\AppData\Roaming\Wiisa" deleted

"C:\Users\Compaq\AppData\Roaming\Yxlen" deleted

"C:\Users\Compaq\AppData\Roaming\Raptr\ltc" deleted

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe

C:\Users\Public\Desktop\Adobe Reader X .lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Users\Public\Desktop\Lexmark Imaging Studio - 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe

C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\RealPlay.exe /launch:desktop

C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - c:\Users\Compaq\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 Help.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012 verwijderen.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\PC Helpforum - Gratis hulp bij computer problemen

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk - C:\Program Files\BlueStacks\HD-StartLauncher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games.lnk - C:\Program Files\IncrediMail\Bin\IncrediGamesStart.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail Gallery.lnk - C:\Program Files\IncrediMail\Bin\IncrediGalleryStart.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Letter Creator.lnk - C:\Program Files\IncrediMail\Bin\ImLc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail\Uninstall IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\EU Waste Electronics Information.LNK - C:\Windows\System32\spool\drivers\w32x86\3\EU_Waste_Electronic_Information.pdf

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Cartridge Diagnostic Wizard.LNK -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Imaging Studio.LNK - C:\Program Files\Lexmark 3500-4500 Series\App4R.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Lexmark Solution Center.LNK - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdipswx.exe /M=Lexmark 3500-4500 Series /T=100

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Release Notes.LNK - C:\Windows\System32\write.exe C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdirme.doc

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Uninstall Lexmark 3500-4500 Series.LNK - C:\Program Files\Lexmark 3500-4500 Series\Install\x86\Uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\User's Guide.LNK - C:\Program Files\Lexmark 3500-4500 Series\LXDIuser.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 3500-4500 Series\Wireless Configuration Utility.LNK - C:\Program Files\Lexmark 3500-4500 Series\Wireless\lxdiwpss.exe /ini=lxdiina.ini /title="Wireless Configuration Utility"

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk - C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files\Real\RealPlayer\realconverter.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files\Real\RealPlayer\realtrimmer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:start_menu

==== shortcuts in Quick Launch ======================

C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Users\Compaq\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

[juisterr]

Plaats even een nieuw gemaakt HijackThis logje aub en vertel even hoe het nu gaat.!

[signorita]

De tapak portal is er nog steeds.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:33:11, on 27-2-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16464)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe

C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe

C:\Program Files\BlueStacks\HD-Agent.exe

C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files\Samsung\Kies\Kies.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\IE New Window Maximizer\iemaximizer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\Program Files\IncrediMail\Bin\IncMail.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: ::1 localhost

O1 - Hosts: 216.239.32.20 www.google.ae # bck9

O1 - Hosts: 216.239.32.20 www.google.at # bck9

O1 - Hosts: 216.239.32.20 www.google.be # bck9

O1 - Hosts: 216.239.32.20 www.google.ca # bck9

O1 - Hosts: 216.239.32.20 www.google.ch # bck9

O1 - Hosts: 216.239.32.20 www.google.cl # bck9

O1 - Hosts: 216.239.32.20 www.google.co.il # bck9

O1 - Hosts: 216.239.32.20 www.google.co.in # bck9

O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9

O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9

O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9

O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9

O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9

O1 - Hosts: 216.239.32.20 www.google.co.za # bck9

O1 - Hosts: 216.239.32.20 www.google.com # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9

O1 - Hosts: 216.239.32.20 www.google.com.au # bck9

O1 - Hosts: 216.239.32.20 www.google.com.br # bck9

O1 - Hosts: 216.239.32.20 www.google.com.co # bck9

O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9

O1 - Hosts: 216.239.32.20 www.google.com.my # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ph # bck9

O1 - Hosts: 216.239.32.20 www.google.com.pk # bck9

O1 - Hosts: 216.239.32.20 www.google.com.sg # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tr # bck9

O1 - Hosts: 216.239.32.20 www.google.com.tw # bck9

O1 - Hosts: 216.239.32.20 www.google.com.ua # bck9

O1 - Hosts: 216.239.32.20 www.google.de # bck9

O1 - Hosts: 216.239.32.20 www.google.dk # bck9

O1 - Hosts: 216.239.32.20 www.google.es # bck9

O1 - Hosts: 216.239.32.20 www.google.fi # bck9

O1 - Hosts: 216.239.32.20 www.google.fr # bck9

O1 - Hosts: 216.239.32.20 www.google.it # bck9

O1 - Hosts: 216.239.32.20 www.google.lt # bck9

O1 - Hosts: 216.239.32.20 www.google.lv # bck9

O1 - Hosts: 216.239.32.20 www.google.nl # bck9

O1 - Hosts: 216.239.32.20 www.google.pl # bck9

O1 - Hosts: 216.239.32.20 www.google.pt # bck9

O1 - Hosts: 216.239.32.20 www.google.ro # bck9

O1 - Hosts: 216.239.32.20 www.google.ru # bck9

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"

O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"

O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe

O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://*.mcafee.com

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\browse~1\261123~1.78\{16cdf~1\browse~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Blue Coat Systems, Inc. - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer NL\EFUploadSrv.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe

O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: Secunia Update Agent - Unknown owner - C:\Program Files\Secunia\PSI\sua.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 14344 bytes

[juisterr]

Start OTL. <<<<<<<<<<

• In het Custom Scans/Fixes veld onderaan plak je het volgende:

  
  :commands
  [RESETHOSTS]
  [Reboot]

• Klik op Run Fix bovenaan.
  
• Laat het programma ongehinderd werken, herstart de computer als het klaar is.