HijackThis.nl • Toon onderwerp - HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles

Alle tijden zijn GMT + 1 uur [ Zomertijd ]

HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Moderator: Helper

Pagina 1 van 7

[ 92 berichten ]

Ga naar pagina 1, 2, 3, 4, 5 ... 7 Volgende

Afdrukweergave

Vorig onderwerp | Volgend onderwerp

Auteur

Bericht

JV3

Berichttitel: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: zo maart 11, 2012 12:32 am

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

Bij het willen opstarten van bepaalde programma's (exe-bestanden) herstart mijn computer automatisch opnieuw.
Ik heb dit aan de hand bij Spotnet, Spotify maar ook Gmer krijg ik bijvoorbeeld niet gestart. Andere programma's starten dan weer wel normaal. Ik kan uren op mijn compuster normaal werken, alleen bij bijvoorbeeld bovenstaande programma's herstart hij automatisch keer op keer. Geen virussen volgens AVG, malwarebytes laten lopen, vind niets.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:11, on 10/03/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\beheerder\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\beheerder\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\AVG\AVG10\avgfws.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgam.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - Default URLSearchHook is missing
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\beheerder\Local Settings\Application Data\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 10 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: Acronis Scheduler2Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Acronis Nonstop Backup-service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FortiClient SSL VPN (FortiSslvpnDaemon) - Fortinet Inc. - C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files\wLite\wService.exe

--
End of file - 11262 bytes

Omhoog

Abraham54

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: zo maart 11, 2012 12:39 am

Helper

Geregistreerd: ma feb 15, 2010 10:00 pm
Berichten: 4744
Woonplaats: Grootste stad vanTwente
Besturingssysteem: Windows 7 x64 Professional
Bescherming: Avira 2013 & OnlineArmor

Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:

Lees telkens elke instruktie eerst goed door.
De gegeven instrukties gelden alleen jouw Windows.
Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat mogelijk serieuze problemen in Windows veroorzaken.
Installeer geen nieuwe programma's, updates of nieuwe hardware terwijl we met de fix bezig zijn.
Gebruik ook geen andere programma's of tools dan diegenen waartoe ik opdracht geef.
Emoticons (smileys) a.u.b. uitzetten, wanneer je een log post.
Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken.
Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
Ook indien je iets niet begrijpt, meldt dat dan.
De fix, eenmaal gestart, dient afgewerkt te worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.

Stap •1•
Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"
Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"
Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
Herstart nu de computer.

Stap •2•
Welk programma: Malwarebytes MBAM
Waarvoor/waarom: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.

Download Malwarebytes MBAM via één van deze locaties:

Allereerst:

Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!

Malwarebytes MBAM opstarten:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
- Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

Let op:
- Malwarebytes verstrekt nu de volledige versie van MBAM.
- Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
- Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
- Zodoende zal MBAM als gratis versie verder te gebruiken zijn
Doe ook nog het volgende:
- Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
- Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".

Scannen:

Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.

Infecties gevonden:

Klik nu eerst op OK om de melding weg te klikken
Klik vervolgens rechtsonder op de knop Bekijk resultaten.
Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.

MBAM-Log:

Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.

Post aansluitend in je volgende bericht de inhoud van het MBAM-log.

Stap •3•
Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:

EmsisoftEmergencyKit-logfile
MBAM scanlog

_________________
Blijf jezelf; er zijn genoeg anderen.

Omhoog

JV3

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: zo maart 11, 2012 7:18 pm

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

Hallo,

Alvast bedankt voor je snelle reactie.
Hieronder logfile van MBAM . hij vind geen fouten :
Malwarebytes Anti-Malware (PRO) 1.60.1.1000
http://www.malwarebytes.org

Databaseversie: v2012.03.11.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
beheerder :: WORKGROUP [administrator]

Realtime bescherming: Ingeschakeld

11/03/2012 18:02:04
mbam-log-2012-03-11 (18-02-04).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 214426
Verstreken tijd: 6 minuut/minuten, 54 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

Hieronder log van Emsisioft :
Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 11/03/2012 0:06:59

Scaninstellingen:

Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\, E:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan

Scan gestart: 11/03/2012 11:41:57

c:\documents and settings\all users\menu start\programma's\HomeWatcher Ontdekt: Trace.Directory.HomeWatcher 2.0!A2
c:\program files\HomeWatcher Ontdekt: Trace.Directory.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Image Ontdekt: Trace.Directory.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template Ontdekt: Trace.Directory.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template\Backup Ontdekt: Trace.Directory.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Www Ontdekt: Trace.Directory.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Www\Pub Ontdekt: Trace.Directory.HomeWatcher 2.0!A2
c:\program files\PartyGaming Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\images Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\Language Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\Language\en_US Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US\Images Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US\Images\games Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US\Images\games\cardgames Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US\Images\games\cardgames\blackjack Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US\Images\games\cardgames\blackjack\blackjack Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US\Images\games\cardgames\multiplayerbj Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\Language\en_US\Images\games\cardgames\multiplayerbj\multiplayerblackjack Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Images Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Language Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Language\en_US Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Language\en_US\articles Ontdekt: Trace.Directory.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Language\en_US\images Ontdekt: Trace.Directory.PartyPoker!A2
c:\documents and settings\beheerder\menu start\programma's\PartyPoker Ontdekt: Trace.Directory.PartyPoker!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\HomeWatcher Help.lnk Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\HomeWatcher Remote.lnk Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\HomeWatcher.lnk Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\Remove HomeWatcher.lnk Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\alarm.wav Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\dumexec.exe Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\homewatcher.dat Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\HomeWatcher.exe Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\hw.CNT Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\HW.HLP Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\hwlarge.ico Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\hwsmall.ico Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\irunin.dat Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\irunin.ini Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\irunin.lng Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\iv32.cfg Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\iv50.cfg Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\mp42.cfg Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template\black.bmp Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template\main.htm Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template\overview.htm Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Www\HomeWatcherRemote.exe Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Www\index.html Ontdekt: Trace.File.HomeWatcher 2.0!A2
c:\documents and settings\beheerder\application data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk Ontdekt: Trace.File.PartyPoker!A2
c:\documents and settings\beheerder\bureaublad\PartyPoker.lnk Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\ARA.ini Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\DM.dll Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\images\habeas_webseal.gif Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\Language\en_US\lang_pack_en_US.txt Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\libeay32.dll Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\llh.dll Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\GRA.ini Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\PartyCasino.dll Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\sys.ini Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyGaming.exe Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\GRA.ini Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\INSTALL.LOG Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\install.sss Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Language\en_US\lang_pack_en_US.txt Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Notes.txt Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\PartyPoker.dll Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\poker.bin Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\ppunistall.bat Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\preloader.html Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\reminder.wav Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\ring.wav Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\RunApp.exe Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Sys.ini Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\TabConfig.txt Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\tap.wav Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\ssleay32.dll Ontdekt: Trace.File.PartyPoker!A2
c:\program files\PartyGaming\zlib1.dll Ontdekt: Trace.File.PartyPoker!A2
c:\documents and settings\beheerder\menu start\programma's\PartyPoker\PartyPoker.lnk Ontdekt: Trace.File.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\HomeWatcher.Com\HomeWatcher --> ThreadCheck Ontdekt: Trace.Registry.HomeWatcher 2.0!A2
Value: HKEY_CURRENT_USER\Software\HomeWatcher.Com\HomeWatcher --> VDev Ontdekt: Trace.Registry.HomeWatcher 2.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HomeWatcher --> DisplayName Ontdekt: Trace.Registry.HomeWatcher 2.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HomeWatcher --> UninstallString Ontdekt: Trace.Registry.HomeWatcher 2.0!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 1 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 10 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 2 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 4 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 5 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 6 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 7 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 9 Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> AdsLastKnownState Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> AppPath Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> FourColourDeck Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> id Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> InitialPort Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> InstallState Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> SL Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> TableType Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> useCount Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> AutoLoginToOtherGames Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> CFDialogShown Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> FreshInstall Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> OldCFformat Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> ButtonText Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> CLSID Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Default Visible Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Exec Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> HotIcon Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Icon Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuStatusBar Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuText Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Path Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> DisplayIcon Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> DisplayName Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> DisplayVersion Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallDate Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallLocation Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallSource Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallSourceFile Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> Publisher Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> SilentSettings Ontdekt: Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> UninstallString Ontdekt: Trace.Registry.PartyPoker!A2
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\All.Android.Paid.Apps.A-Z.644.MB.-.For.All.Android.Mobile.-.2011[1]\Apps\InstantRoot (1.04).apk/assets\raw\asroot Ontdekt: AndroidOS.Exploit.Asroot!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\All.Android.Paid.Apps.A-Z.644.MB.-.For.All.Android.Mobile.-.2011[1]\Apps\Recovery Flasher (1.1.3).apk/assets\raw\asroot Ontdekt: AndroidOS.Exploit.Asroot!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\All.Android.Paid.Apps.A-Z.644.MB.-.For.All.Android.Mobile.-.2011[1]\Apps\Recovery Flasher (1.1.3).apk/assets\raw\asroot2 Ontdekt: Exploit.Linux.Lotoor!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\AnDrOiDApps Game paket5[1]\a Walk and Text v1.3.7.apk/classes.dex Ontdekt: Trojan.AndroidOS.Pirater!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\Perfect Uninstaller 6338\Perfect Uninstaller\SETUP - Perfect Uninstaller 6.3.3.8.14.02.2011\SETUP.EXE Ontdekt: Riskware.Win32.PerfectUninstaller!A2
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\WebcamXP 5507 incl crack\WebcamXP 5.5.0.7 incl crack\keymaker.exe Ontdekt: Trojan-Proxy.Win32.Agent!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\WebcamXP 5507 incl crack\WebcamXP 5.5.0.7 incl crack\webcamXP PRO 5_Patch.exe Ontdekt: Backdoor.Gendal!IK
C:\Program Files\wLite\webcamXP PRO 5_Patch.exe Ontdekt: Backdoor.Gendal!IK
C:\Program Files\Zylom Games\Zuma Deluxe\Zuma.bak Ontdekt: Trojan-Downloader.Win32.Agent!IK
C:\Program Files\Zylom Games\Zuma Deluxe\Zuma.exe Ontdekt: Trojan-Downloader.Win32.Agent!IK

Gescand

Bestanden: 524044
Sporen: 456331
Cookies: 8
Processen: 54

Gevonden

Bestanden: 10
Sporen: 125
Cookies: 0
Processen: 0
Registersleutels: 0

Scan Geëindigd: 11/03/2012 14:31:16
Scantijd: 2:49:19

C:\Program Files\Zylom Games\Zuma Deluxe\Zuma.bak Verwijderd Trojan-Downloader.Win32.Agent!IK
C:\Program Files\Zylom Games\Zuma Deluxe\Zuma.exe Verwijderd Trojan-Downloader.Win32.Agent!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\WebcamXP 5507 incl crack\WebcamXP 5.5.0.7 incl crack\webcamXP PRO 5_Patch.exe Verwijderd Backdoor.Gendal!IK
C:\Program Files\wLite\webcamXP PRO 5_Patch.exe Verwijderd Backdoor.Gendal!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\WebcamXP 5507 incl crack\WebcamXP 5.5.0.7 incl crack\keymaker.exe Verwijderd Trojan-Proxy.Win32.Agent!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\Perfect Uninstaller 6338\Perfect Uninstaller\SETUP - Perfect Uninstaller 6.3.3.8.14.02.2011\SETUP.EXE Verwijderd Riskware.Win32.PerfectUninstaller!A2
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\AnDrOiDApps Game paket5[1]\a Walk and Text v1.3.7.apk/classes.dex Verwijderd Trojan.AndroidOS.Pirater!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\All.Android.Paid.Apps.A-Z.644.MB.-.For.All.Android.Mobile.-.2011[1]\Apps\Recovery Flasher (1.1.3).apk/assets\raw\asroot2 Verwijderd Exploit.Linux.Lotoor!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\All.Android.Paid.Apps.A-Z.644.MB.-.For.All.Android.Mobile.-.2011[1]\Apps\InstantRoot (1.04).apk/assets\raw\asroot Verwijderd AndroidOS.Exploit.Asroot!IK
C:\Documents and Settings\beheerder\Mijn documenten\Bestanden gedownload\All.Android.Paid.Apps.A-Z.644.MB.-.For.All.Android.Mobile.-.2011[1]\Apps\Recovery Flasher (1.1.3).apk/assets\raw\asroot Verwijderd AndroidOS.Exploit.Asroot!IK
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 1 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 10 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 2 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 4 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 5 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 6 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 7 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> 9 Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> AdsLastKnownState Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> AppPath Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> FourColourDeck Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> id Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> InitialPort Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> InstallState Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> SL Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> TableType Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker --> useCount Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> AutoLoginToOtherGames Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> CFDialogShown Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> FreshInstall Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\PartyGaming --> OldCFformat Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> ButtonText Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> CLSID Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Default Visible Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Exec Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> HotIcon Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Icon Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuStatusBar Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> MenuText Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} --> Path Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> DisplayIcon Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> DisplayName Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> DisplayVersion Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallDate Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallLocation Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallSource Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> InstallSourceFile Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> Publisher Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> SilentSettings Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PartyPoker --> UninstallString Verwijderd Trace.Registry.PartyPoker!A2
Value: HKEY_CURRENT_USER\Software\HomeWatcher.Com\HomeWatcher --> ThreadCheck Verwijderd Trace.Registry.HomeWatcher 2.0!A2
Value: HKEY_CURRENT_USER\Software\HomeWatcher.Com\HomeWatcher --> VDev Verwijderd Trace.Registry.HomeWatcher 2.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HomeWatcher --> DisplayName Verwijderd Trace.Registry.HomeWatcher 2.0!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HomeWatcher --> UninstallString Verwijderd Trace.Registry.HomeWatcher 2.0!A2
c:\documents and settings\beheerder\application data\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk Verwijderd Trace.File.PartyPoker!A2
c:\documents and settings\beheerder\bureaublad\PartyPoker.lnk Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\ARA.ini Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\DM.dll Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\images\habeas_webseal.gif Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\Language\en_US\lang_pack_en_US.txt Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\libeay32.dll Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\llh.dll Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\GRA.ini Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\PartyCasino.dll Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyCasino\sys.ini Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyGaming.exe Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\GRA.ini Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\INSTALL.LOG Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\install.sss Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Language\en_US\lang_pack_en_US.txt Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Notes.txt Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\PartyPoker.dll Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\poker.bin Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\ppunistall.bat Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\preloader.html Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\reminder.wav Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\ring.wav Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\RunApp.exe Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\Sys.ini Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\TabConfig.txt Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\PartyPoker\tap.wav Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\ssleay32.dll Verwijderd Trace.File.PartyPoker!A2
c:\program files\PartyGaming\zlib1.dll Verwijderd Trace.File.PartyPoker!A2
c:\documents and settings\beheerder\menu start\programma's\PartyPoker\PartyPoker.lnk Verwijderd Trace.File.PartyPoker!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\HomeWatcher Help.lnk Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\HomeWatcher Remote.lnk Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\HomeWatcher.lnk Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher\Remove HomeWatcher.lnk Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\alarm.wav Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\dumexec.exe Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\homewatcher.dat Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\HomeWatcher.exe Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\hw.CNT Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\HW.HLP Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\hwlarge.ico Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\hwsmall.ico Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\irunin.dat Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\irunin.ini Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\irunin.lng Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\iv32.cfg Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\iv50.cfg Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\mp42.cfg Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template\black.bmp Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template\main.htm Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Template\overview.htm Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Www\HomeWatcherRemote.exe Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\HomeWatcher\Www\index.html Verwijderd Trace.File.HomeWatcher 2.0!A2
c:\program files\PartyGaming Verwijderd Trace.Directory.PartyPoker!A2
c:\documents and settings\beheerder\menu start\programma's\PartyPoker Verwijderd Trace.Directory.PartyPoker!A2
c:\documents and settings\all users\menu start\programma's\HomeWatcher Verwijderd Trace.Directory.HomeWatcher 2.0!A2
c:\program files\HomeWatcher Verwijderd Trace.Directory.HomeWatcher 2.0!A2

Verwijderd

Bestanden: 10
Sporen: 125
Cookies: 0

Omhoog

Abraham54

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: zo maart 11, 2012 7:40 pm

Helper

Geregistreerd: ma feb 15, 2010 10:00 pm
Berichten: 4744
Woonplaats: Grootste stad vanTwente
Besturingssysteem: Windows 7 x64 Professional
Bescherming: Avira 2013 & OnlineArmor

Doe nu het volgende: download OTL naar je Bureaublad

OTL.com gebruiken:

Notabene: Sluit nu eerst alle andere nog openstaande programmavensters!
Het programma opstarten middels dubbelklikken op OTL.com.
Start verder geen andere programma's op en laat het programma ongestoord zijn werk doen.
Zet een vinkje bij Scan All Users.
Klik op de knop Quick Scan.
Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef.
De scan zal niet heel erg lang duren.
- Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is.
- OTL.Txt en Extras.Txt. Deze twee tekstbestanden zijn opgeslagen in dezelfde locatie als OTL.
- Kopieer en plak de inhoud van het OTL.Txt als eerste in je aansluitende bericht.
- Kopieer en plak tevens de inhoud van Extras.Txt vervolgens er bij.
OTL produceert behoorlijk grote logs, dus kan het gebeuren, dat je het log in twee of meerdere keren moet posten.

_________________
Blijf jezelf; er zijn genoeg anderen.

Omhoog

JV3

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: zo maart 11, 2012 9:03 pm

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

OTL logfile created on: 11/03/2012 19:51:07 - Run 1
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\beheerder\Bureaublad
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 52,80% Memory free
3,85 Gb Paging File | 3,12 Gb Available in Paging File | 81,13% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 55,22 Gb Free Space | 18,52% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 114,90 Gb Free Space | 24,67% Space Free | Partition Type: NTFS
Drive F: | 1,92 Gb Total Space | 0,63 Gb Free Space | 32,76% Space Free | Partition Type: FAT32

Computer Name: WORKGROUP | User Name: beheerder | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/11 19:50:35 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\beheerder\Bureaublad\OTL.com
PRC - [2012/02/02 02:44:30 | 003,329,824 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\beheerder\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/09/09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/09/07 12:20:04 | 001,244,936 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
PRC - [2011/09/07 12:19:58 | 002,117,384 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/09 18:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 09:48:48 | 000,825,960 | ---- | M] (Fortinet Inc.) -- C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 04:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2011/01/05 22:23:48 | 000,222,568 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010/10/24 19:48:49 | 003,975,088 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010/09/22 02:38:48 | 000,780,224 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/12/19 00:06:00 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/04/15 13:00:00 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/13 07:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/03/10 12:15:03 | 003,340,064 | ---- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_7de0ed9.dll
MOD - [2012/01/08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/07 12:20:12 | 000,011,016 | ---- | M] () -- C:\Program Files\Raxco\PerfectDisk\PDVmGuestPS.dll
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2009/12/21 02:42:16 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2007/04/13 07:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Win32 Services (SafeList) ==========

SRV - [2012/03/10 12:15:03 | 003,340,064 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012/01/31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/09/07 12:20:04 | 001,244,936 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV - [2011/09/07 12:19:58 | 002,117,384 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine)
SRV - [2011/03/09 18:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011/02/26 20:05:15 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/08 09:48:48 | 000,825,960 | ---- | M] (Fortinet Inc.) [Auto | Running] -- C:\WINDOWS\system32\FortiSSLVPNdaemon.exe -- (FortiSslvpnDaemon)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2011/01/05 22:23:48 | 000,222,568 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/10/24 19:48:49 | 003,975,088 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010/09/22 02:38:48 | 000,780,224 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/08/15 17:19:00 | 003,700,176 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/04/28 07:43:02 | 005,023,232 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\wLite\wService.exe -- (wxpSvc)
SRV - [2009/12/19 00:06:00 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Corporate.10.0)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2007/04/13 07:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/01/21 11:38:42 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\AeriaGames\Wolfteam\apf001.sys -- (apf001)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/07 14:48:36 | 000,066,832 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PDFsFilter.sys -- (PDFSFilter)
DRV - [2011/08/15 14:51:40 | 000,054,144 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dvdfab.sys -- (dvdfab)
DRV - [2011/08/04 14:16:16 | 000,138,768 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2011/05/27 18:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/14 19:07:28 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 05:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/01/05 22:23:40 | 000,042,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/12/21 06:55:02 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/12/21 06:55:02 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/12/21 06:55:02 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/11/19 12:25:42 | 000,066,944 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\thdudf.sys -- (thdudf)
DRV - [2010/10/24 19:48:54 | 000,163,232 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2010/10/24 19:48:33 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV - [2010/10/24 19:48:29 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010/10/24 19:48:10 | 000,170,464 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/09/08 12:31:44 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/09/08 12:29:24 | 000,009,216 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2010/07/12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2010/07/12 04:33:54 | 000,030,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/04/12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/21 15:53:06 | 000,036,384 | ---- | M] (Fortinet Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pppop.sys -- (pppop)
DRV - [2008/04/15 13:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/02/16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/01/02 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1390
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: "http://start.funmoods.com/?f=1&a=make"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.defaultenginename: "Search"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@FortinetCacheClean: C:\Program Files\Fortinet\SslvpnClient\npccplugin.dll (Fortinet Inc.)
FF - HKLM\Software\MozillaPlugins\@FortinetTunnelControl: C:\Program Files\Fortinet\SslvpnClient\nptcplugin.dll (Fortinet Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/02 19:41:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/20 21:18:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/20 21:18:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/01/20 21:18:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/01/20 21:18:05 | 000,000,000 | ---D | M]

[2010/12/19 20:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Extensions
[2010/09/10 20:49:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/02/20 22:47:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\extensions
[2011/07/17 09:26:34 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/12/21 20:40:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/03 13:30:53 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\extensions\engine@conduit.com
[2012/03/10 12:05:09 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\extensions\ffxtlbr@funmoods.com
[2011/07/17 09:23:34 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\searchplugins\bing.xml
[2011/03/14 19:08:01 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\searchplugins\daemon-search.xml
[2012/02/20 22:46:41 | 000,001,798 | ---- | M] () -- C:\Documents and Settings\beheerder\Application Data\Mozilla\Firefox\Profiles\35eliuof.default\searchplugins\funmoods.xml
[2012/03/10 13:16:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/13 23:06:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/28 22:59:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/10/04 18:47:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2012/03/10 13:16:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BEHEERDER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\35ELIUOF.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BEHEERDER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\35ELIUOF.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\BEHEERDER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\35ELIUOF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/02/02 19:41:20 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2012/03/10 13:16:28 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/07/08 08:48:49 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/10 13:16:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2005/09/05 11:11:48 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,001,892 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2010/01/01 09:00:00 | 000,004,558 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2010/01/01 09:00:00 | 000,001,111 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\vandale-nl.xml
[2010/01/01 09:00:00 | 000,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Documents and Settings\beheerder\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\

O1 HOSTS File: ([2012/03/06 20:10:28 | 000,441,468 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15174 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-842925246-162531612-1801674531-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\beheerder\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842925246-162531612-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..Trusted Domains: localhost ([]https in Vertrouwde websites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.131 195.130.131.131
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28DFD074-8CE1-4030-8E55-A6C7D7C83ADA}: DhcpNameServer = 195.130.130.131 195.130.131.131
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/09/07 16:37:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{162785de-10da-11e0-b709-d338767a28b8}\Shell - "" = AutoRun
O33 - MountPoints2\{162785de-10da-11e0-b709-d338767a28b8}\Shell\AutoRun\command - "" = F:\IRDApp.exe
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/11 19:50:35 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\beheerder\Bureaublad\OTL.com
[2012/03/10 19:41:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/03/10 19:41:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Menu Start\Programma's\HiJackThis
[2012/03/10 15:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/03/10 13:14:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\beheerder\Onlangs geopend
[2012/03/10 12:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/03/10 12:04:47 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/03/10 12:04:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Menu Start\Programma's\WinAVI Video Converter
[2012/03/10 12:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\Smash Frenzy 4
[2012/03/10 12:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Smash Frenzy 4
[2012/03/10 12:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\RER
[2012/03/10 12:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\RER
[2012/03/10 12:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\GEXA
[2012/03/10 12:04:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\GEXA
[2012/03/10 12:04:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Share
[2012/03/10 11:21:02 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/03/03 23:54:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/03/02 23:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2012/02/28 20:56:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Application Data\Uniblue
[2012/02/28 20:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2012/02/28 20:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2012/02/23 21:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java(2)
[2012/02/20 22:50:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Application Data\Funmoods
[2012/02/20 22:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\Funmoods
[2012/02/20 22:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Mijn documenten\Freemake
[2012/02/20 22:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2012/02/20 22:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake
[2012/02/19 17:08:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Local Settings\Application Data\IsolatedStorage
[2012/02/19 17:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Sublight
[2012/02/19 16:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\EMDB
[2012/02/19 16:26:20 | 000,000,000 | ---D | C] -- C:\Movie Label Databases
[2012/02/19 16:25:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Application Data\Movie Label
[2012/02/19 16:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Label 2011
[2012/02/16 23:37:08 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup
[2012/02/16 23:37:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\MozBackup
[2012/02/10 20:36:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\beheerder\Application Data\Symantec
[2012/02/10 20:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/02/10 20:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/02/10 20:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2012/02/10 20:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Ghost
[2012/02/10 20:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
[2011/03/21 23:24:06 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\beheerder\Application Data\pcouffin.sys
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/11 19:50:35 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\beheerder\Bureaublad\OTL.com
[2012/03/11 19:47:01 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/11 18:01:29 | 000,000,320 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2012/03/11 18:00:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/11 17:59:43 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012/03/11 17:59:42 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/11 17:59:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/11 15:09:14 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C07A5723-3BFA-4BBD-934C-01E3D3DE247F}.job
[2012/03/11 15:02:47 | 000,017,271 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/03/11 12:02:55 | 091,431,967 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/03/11 03:17:19 | 000,277,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/10 23:59:20 | 124,426,162 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\EmsisoftEmergencyKit.zip
[2012/03/10 23:01:32 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\HiJackThis.lnk
[2012/03/10 22:22:45 | 000,587,044 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2012/03/10 22:22:45 | 000,511,904 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/10 22:22:45 | 000,116,114 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2012/03/10 22:22:45 | 000,091,518 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/10 22:16:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/03/06 20:10:28 | 000,441,468 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/03/05 21:19:18 | 000,622,359 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012/03/02 23:06:01 | 000,273,344 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/03/02 23:06:01 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/03/02 23:04:38 | 000,273,344 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/03/02 23:00:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/02 22:56:03 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/02/24 20:06:13 | 000,022,229 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\BE56452614124188_Afschriften_t.pdf
[2012/02/24 19:49:07 | 001,184,973 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_0002_NEW.pdf
[2012/02/24 19:47:28 | 000,622,379 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_0001_NEW.pdf
[2012/02/24 19:43:41 | 000,693,641 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_NEW_0001.pdf
[2012/02/20 22:47:20 | 000,000,050 | ---- | M] () -- C:\user.js
[2012/02/20 22:06:40 | 000,001,189 | ---- | M] () -- C:\Documents and Settings\beheerder\Application Data\vso_ts_preview.xml
[2012/02/16 23:41:14 | 868,270,078 | ---- | M] () -- C:\Documents and Settings\beheerder\Mijn documenten\Thunderbird 10.0.1 (nl) - 2012-02-16.pcv
[2012/02/16 23:10:56 | 000,022,659 | ---- | M] () -- C:\Documents and Settings\beheerder\Mijn documenten\plantenpracht.PDF
[2012/02/12 01:45:02 | 088,886,245 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\Firmware_PV73100_v7.4.4.r7317_European.zip
[2012/02/11 20:25:18 | 000,356,362 | ---- | M] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_NEW.pdf
[2012/02/11 02:38:07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\[hdd dockingstation]
[2012/02/10 20:27:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_GenericMount_01009.Wdf
[2012/02/10 20:27:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/10 23:59:18 | 124,426,162 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\EmsisoftEmergencyKit.zip
[2012/03/10 21:59:33 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/03/10 19:41:53 | 000,002,455 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\HiJackThis.lnk
[2012/03/10 12:18:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/03/10 12:18:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/03/02 23:00:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/02 22:56:04 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/03/02 22:56:04 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/03/02 22:56:03 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/03/02 22:56:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/02/24 20:06:12 | 000,022,229 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\BE56452614124188_Afschriften_t.pdf
[2012/02/24 19:49:07 | 001,184,973 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_0002_NEW.pdf
[2012/02/24 19:47:28 | 000,622,379 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_0001_NEW.pdf
[2012/02/24 19:43:41 | 000,693,641 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_NEW_0001.pdf
[2012/02/20 22:47:20 | 000,000,050 | ---- | C] () -- C:\user.js
[2012/02/16 23:38:08 | 868,270,078 | ---- | C] () -- C:\Documents and Settings\beheerder\Mijn documenten\Thunderbird 10.0.1 (nl) - 2012-02-16.pcv
[2012/02/16 23:16:36 | 000,022,659 | ---- | C] () -- C:\Documents and Settings\beheerder\Mijn documenten\plantenpracht.PDF
[2012/02/13 23:50:10 | 011,889,855 | R--- | C] () -- C:\Documents and Settings\beheerder\Mijn documenten\RX-V671_Manual_Dutch.pdf
[2012/02/12 01:45:00 | 088,886,245 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\Firmware_PV73100_v7.4.4.r7317_European.zip
[2012/02/11 20:25:18 | 000,356,362 | ---- | C] () -- C:\Documents and Settings\beheerder\Bureaublad\IMG_NEW.pdf
[2012/02/11 02:38:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\[hdd dockingstation]
[2012/02/10 20:27:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_GenericMount_01009.Wdf
[2012/02/10 20:27:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/01/21 11:40:33 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys
[2012/01/21 11:40:33 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys
[2011/12/10 13:51:06 | 806,293,664 | ---- | C] () -- C:\Program Files\wolfteam_us_installer_20111103.exe
[2011/09/01 20:39:31 | 000,108,511 | ---- | C] () -- C:\Documents and Settings\beheerder\Application Data\mdbu.bin
[2011/03/25 23:48:55 | 000,667,136 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2011/03/21 23:24:06 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\beheerder\Application Data\inst.exe
[2011/03/21 23:24:06 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\beheerder\Application Data\pcouffin.cat
[2011/03/21 23:24:06 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\beheerder\Application Data\pcouffin.inf
[2011/03/21 23:15:34 | 000,001,189 | ---- | C] () -- C:\Documents and Settings\beheerder\Application Data\vso_ts_preview.xml
[2011/03/20 19:52:27 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2011/02/26 00:29:21 | 000,009,963 | ---- | C] () -- C:\WINDOWS\Kasboek.ini
[2011/02/16 21:49:44 | 003,009,382 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-842925246-162531612-1801674531-1003-0.dat
[2011/02/16 21:49:43 | 000,278,286 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/02/06 17:27:53 | 000,421,728 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/06 12:32:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/02/06 12:32:34 | 000,042,112 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/01/04 16:10:58 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/01/04 16:10:56 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/01/04 16:10:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/01/04 16:10:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/01/04 16:10:56 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010/10/23 20:27:19 | 000,052,836 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/19 20:38:56 | 000,000,108 | RHS- | C] () -- C:\WINDOWS\neoqaz2.dll
[2010/09/13 20:08:37 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2010/09/12 17:32:18 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/09/12 17:32:17 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/09/12 17:32:15 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/09/12 17:32:15 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/09/12 17:32:15 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/09/11 22:54:44 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2010/09/10 20:49:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/09/09 16:09:09 | 000,000,395 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/09/09 16:04:43 | 000,078,848 | ---- | C] () -- C:\Documents and Settings\beheerder\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/08 12:41:22 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2010/09/08 12:34:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010/09/07 18:29:10 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/09/07 18:28:13 | 000,277,352 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/07 16:39:19 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/09/07 16:35:40 | 000,021,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/05/07 18:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

========== LOP Check ==========

[2010/10/24 19:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/12/25 20:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2010/09/12 15:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2011/12/10 10:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/11/05 23:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2010/09/13 22:39:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/02/10 23:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2011/08/30 19:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CodedColor Common
[2011/05/11 20:31:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/14 19:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/01/02 13:15:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Emicsoft Studio
[2011/02/26 20:12:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2011/08/30 19:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fotogoed Designer
[2012/03/10 12:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2011/04/05 21:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin
[2011/06/10 23:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lan.Fs
[2011/05/07 18:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/04/09 18:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/10/27 11:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010/10/27 11:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2010/09/28 20:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2011/02/06 12:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/04/21 08:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2011/08/26 22:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpotGrit
[2012/03/09 20:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spotnet
[2011/11/02 13:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/11/18 22:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2011/03/19 15:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\webcamXP 5
[2010/12/23 23:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/03/01 21:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2012/03/10 12:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
[2010/09/28 16:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/10/25 22:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Acronis
[2011/02/07 20:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Ariane Software
[2011/11/24 23:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Ashampoo
[2011/02/18 21:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\AVG10
[2012/02/05 15:33:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Canon
[2010/10/03 22:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\CD-LabelPrint
[2011/04/08 21:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\cerasus.media
[2011/07/16 12:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\DAEMON Tools Lite
[2010/09/12 14:37:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\ESET
[2012/01/30 22:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\FileZilla
[2011/09/02 17:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Fotogoed Designer
[2010/09/21 21:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Foxit
[2010/09/21 21:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Foxit Software
[2012/02/20 22:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Funmoods
[2010/10/09 21:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\GlarySoft
[2012/01/25 19:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\gtk-2.0
[2011/12/25 20:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\HandBrake
[2011/03/19 15:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Hephaestus
[2010/09/16 21:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\ImgBurn
[2011/04/05 21:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\iWin
[2011/01/03 12:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Leadertech
[2011/04/19 18:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\LizardSystems
[2011/04/08 21:14:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\MastersOfMystery2
[2011/03/27 19:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\MB4
[2012/01/15 15:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Mobipocket
[2012/01/02 21:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\MoveFab
[2012/02/19 16:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Movie Label
[2011/04/08 20:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\MumboJumbo
[2011/08/30 19:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Obsidium
[2011/05/09 21:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\PriceGong
[2012/02/24 20:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\PrimoPDF
[2011/10/01 11:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Rovio
[2011/02/06 12:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Samsung
[2011/03/27 19:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\SmashFrenzy4
[2012/03/10 12:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Spotify
[2010/09/10 20:49:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Thunderbird
[2011/01/16 12:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Tific
[2011/12/08 22:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Total Media Converter
[2012/02/28 21:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Uniblue
[2011/03/01 21:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\VanDale
[2012/03/10 13:13:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Vso
[2012/03/10 12:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\WinAVI
[2011/03/20 17:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\beheerder\Application Data\Zylom
[2012/03/11 18:01:29 | 000,000,320 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2012/03/11 15:09:14 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C07A5723-3BFA-4BBD-934C-01E3D3DE247F}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1663E41B
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0348410E
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1822177
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00F7B10F
@Alternate Data Stream - 108 bytes -> C:\WINDOWS:

< End of report >

Omhoog

JV3

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: zo maart 11, 2012 9:04 pm

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

OTL Extras logfile created on: 11/03/2012 19:51:07 - Run 1
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Documents and Settings\beheerder\Bureaublad
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 52,80% Memory free
3,85 Gb Paging File | 3,12 Gb Available in Paging File | 81,13% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 55,22 Gb Free Space | 18,52% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 114,90 Gb Free Space | 24,67% Space Free | Partition Type: NTFS
Drive F: | 1,92 Gb Total Space | 0,63 Gb Free Space | 32,76% Space Free | Partition Type: FAT32

Computer Name: WORKGROUP | User Name: beheerder | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1045:TCP" = 1045:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SABnzbd\SABnzbd.exe" = C:\Program Files\SABnzbd\SABnzbd.exe:*:Enabled:SABnzbd 0.5.4 -- ()
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine -- ()
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\AeriaGames\WolfTeam\Wolfteam.bin" = C:\AeriaGames\WolfTeam\Wolfteam.bin:*:Enabled:WolfTeam -- (Softnyx Co., Ltd.)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Program Files\wLite\wLite.exe" = C:\Program Files\wLite\wLite.exe:*:Enabled:webcamXP -- (Moonware Studios)
"C:\Program Files\wLite\wService.exe" = C:\Program Files\wLite\wService.exe:*:Enabled:webcamXP Service -- (Moonware Studios)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Installer voor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\beheerder\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\beheerder\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)
"C:\Documents and Settings\beheerder\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\beheerder\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgam.exe" = C:\Program Files\AVG\AVG10\avgam.exe:*:Enabled:AVG Waarschuwingenbeheer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Persoonlijke e-mailscanner -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series" = Canon MP610 series
"{12947715-B6F0-4597-816F-5E13FB647921}_is1" = Spotnet
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1609038B-639D-48D6-84AA-482F07E0237E}" = A.C.Ryan MovieJukebox
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32A3A4F4-B792-11D6-A78A-00B0D0160220}" = Java(TM) SE Development Kit 6 Update 22
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D634FB6-42BB-42AB-A37A-DCFF95CD654D}" = Angry Birds Rio
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80843623-6460-4A3E-BFE6-6C66BDAE5178}" = Angry Birds
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0413-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Dutch) 12
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_ENTERPRISE_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007
"{90120000-00BA-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBB19C0-1FE1-4A4E-B25F-C9E1B0497EC5}" = Shaiya(US)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DBCAEDF-4853-437F-8B62-9C3B1267E9A4}" = AVG 2011
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.0
"{A34DCE59-0004-0000-2138-3F8A9926B752}" = FortiClient SSL VPN v4.0.2138
"{A3D5B54A-9792-404F-AE8B-BDA961EBA58E}" = PerfectDisk 12 Professional
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C20C2630-B3A7-44BA-BDD0-31E256AE490E}" = Windows Live Call
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}" = WinZip 15.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech-webcamsoftware
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.15.358
"{E533E637-FB3E-4F28-8B18-449CC9AB7235}" = AVG 2011
"{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Corporate Edition
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Aiseesoft iPad Converter Suite_is1" = Aiseesoft iPad Converter Suite
"Akamai" = Akamai NetSession Interface
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"AVG" = AVG 2011
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"BFG-Smash Frenzy 4" = Smash Frenzy 4
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"Combat Arms EU" = Combat Arms EU
"conduitEngine" = Conduit Engine
"Dorgem_is1" = Dorgem 2.1.0
"Duplicate Cleaner" = Duplicate Cleaner 2.1
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.3.2 (31/10/2011) Qt
"DVDFab Passkey 8_is1" = DVDFab Passkey 8.0.4.2 (09/12/2011)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.3
"fotogoed-nl_is1" = Fotogoed Designer 3.1.1
"Foxit Reader" = Foxit Reader
"Gebruikersregistratie voor Canon MP610 series" = Gebruikersregistratie voor Canon MP610 series
"GEXA" = GEXA
"Glary Utilities_is1" = Glary Utilities 2.35.0.1216
"HandBrake" = HandBrake 0.9.5
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform apparaatbeheer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InvelosDVDProfiler_is1" = DVD Profiler Version 3.7.2
"Kasboek" = Kasboek
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.3.0 (Full)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.60.1.1000
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 5.0.1 (x86 nl)" = Mozilla Firefox 5.0.1 (x86 nl)
"Mozilla Thunderbird 10.0 (x86 nl)" = Mozilla Thunderbird 10.0 (x86 nl)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.9
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"QuickPar" = QuickPar 0.9
"Replay Music3.70" = Replay Music
"RER VOB Converter_is1" = RER VOB Converter
"SABnzbd" = SABnzbd 0.6.14
"Spotnet Improver Local_is1" = Spotnet Improver Local v1.1
"Spotnet Launcher" = Spotnet Launcher
"SubMagic_is1" = SubMagic V0.71
"UnderCoverXP_is1" = UnderCoverXP 1.23
"Urban Terror_is1" = Urban Terror 4.1
"Van Dale Grote woordenboeken Duits" = Van Dale Grote woordenboeken Duits 2.1
"Van Dale Grote woordenboeken Engels" = Van Dale Grote woordenboeken Engels 2.1
"Van Dale Grote woordenboeken Frans" = Van Dale Grote woordenboeken Frans 2.1
"Van Dale Grote woordenboeken Nederlands" = Van Dale Grote woordenboeken Nederlands 2.1
"VLC media player" = VLC media player 1.1.11
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"WinAVI Video Converter" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"WolfTeam" = WolfTeam
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xplorer2p" = xplorer² professional 32 bit

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-842925246-162531612-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"badaa6cc42b0324f" = NZBMaster
"Spotify" = Spotify

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/03/2012 17:01:05 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3001
Description = De tekenreekswaarde van de naam van het prestatiemeteritem is onjuist
ingedeeld.
De verkeerde tekenreeks is 14780. De verkeerde indexwaarde is de eerste DWORD in
de sectie Gegevens. De laatste geldige indexwaarden zijn de tweede en derde DWORD
in de sectie Gegevens.

Error - 10/03/2012 17:01:05 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3011
Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de
SMSvcHost 4.0.0.0-service (SMSvcHost 4.0.0.0) is mislukt. De foutcode is de eerste
DWORD in de sectie Gegevens.

Error - 10/03/2012 17:01:05 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3001
Description = De tekenreekswaarde van de naam van het prestatiemeteritem is onjuist
ingedeeld.
De verkeerde tekenreeks is 14780. De verkeerde indexwaarde is de eerste DWORD in
de sectie Gegevens. De laatste geldige indexwaarden zijn de tweede en derde DWORD
in de sectie Gegevens.

Error - 10/03/2012 17:01:05 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3001
Description = De tekenreekswaarde van de naam van het prestatiemeteritem is onjuist
ingedeeld.
De verkeerde tekenreeks is 14780. De verkeerde indexwaarde is de eerste DWORD in
de sectie Gegevens. De laatste geldige indexwaarden zijn de tweede en derde DWORD
in de sectie Gegevens.

Error - 10/03/2012 17:01:05 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3011
Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de
MSDTC Bridge 4.0.0.0-service (MSDTC Bridge 4.0.0.0) is mislukt. De foutcode is de
eerste DWORD in de sectie Gegevens.

Error - 10/03/2012 17:22:44 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3001
Description = De tekenreekswaarde van de naam van het prestatiemeteritem is onjuist
ingedeeld.
De verkeerde tekenreeks is 14780. De verkeerde indexwaarde is de eerste DWORD in
de sectie Gegevens. De laatste geldige indexwaarden zijn de tweede en derde DWORD
in de sectie Gegevens.

Error - 10/03/2012 17:22:44 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3001
Description = De tekenreekswaarde van de naam van het prestatiemeteritem is onjuist
ingedeeld.
De verkeerde tekenreeks is 14780. De verkeerde indexwaarde is de eerste DWORD in
de sectie Gegevens. De laatste geldige indexwaarden zijn de tweede en derde DWORD
in de sectie Gegevens.

Error - 10/03/2012 17:22:44 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3011
Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de
ASP.NET_2.0.50727-service (ASP.NET_2.0.50727) is mislukt. De foutcode is de eerste
DWORD in de sectie Gegevens.

Error - 10/03/2012 17:22:45 | Computer Name = WORKGROUP | Source = LoadPerf | ID = 3001
Description = De tekenreekswaarde van de naam van het prestatiemeteritem is onjuist
ingedeeld.
De verkeerde tekenreeks is 14780. De verkeerde indexwaarde is de eerste DWORD in
de sectie Gegevens. De laatste geldige indexwaarden zijn de tweede en derde DWORD
in de sectie Gegevens.

Error - 10/03/2012 22:18:20 | Computer Name = WORKGROUP | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

[ SitNGoWizard Events ]
Error - 1/11/2010 6:13:59 | Computer Name = BITAC-97DAEB025 | Source = SitNGoWizard | ID = 1
Description = Invoke or BeginInvoke cannot be called on a control until the window
handle has been created.

Error - 1/11/2010 6:13:59 | Computer Name = BITAC-97DAEB025 | Source = SitNGoWizard | ID = 1
Description = at System.Windows.Forms.Control.MarshaledInvoke(Control caller,
Delegate method, Object[] args, Boolean synchronous) at System.Windows.Forms.Control.Invoke(Delegate
method, Object[] args) at System.Windows.Forms.Control.Invoke(Delegate method)

at SitNGoWizard.MainForm.OnPokerSiteTimerTick(Object sender, EventArgs e) at
System.Windows.Forms.Timer.OnTick(EventArgs e) at System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message&
m) at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr
wparam, IntPtr lparam)

Error - 1/11/2010 6:14:11 | Computer Name = BITAC-97DAEB025 | Source = SitNGoWizard | ID = 1
Description = Invoke or BeginInvoke cannot be called on a control until the window
handle has been created.

[ System Events ]
Error - 10/03/2012 6:53:31 | Computer Name = WORKGROUP | Source = DCOM | ID = 10005
Description = DCOM kreeg foutmelding '%1084' bij het starten van de StiSvc-service
met de argumenten '' om de server {A1F4E726-8CF1-11D1-BF92-0060081ED811} te starten

Error - 10/03/2012 6:53:32 | Computer Name = WORKGROUP | Source = DCOM | ID = 10005
Description = DCOM kreeg foutmelding '%1084' bij het starten van de StiSvc-service
met de argumenten '' om de server {A1F4E726-8CF1-11D1-BF92-0060081ED811} te starten

Error - 10/03/2012 6:55:55 | Computer Name = WORKGROUP | Source = DCOM | ID = 10005
Description = DCOM kreeg foutmelding '%1084' bij het starten van de MSIServer-service
met de argumenten '' om de server {000C101C-0000-0000-C000-000000000046} te starten

Error - 10/03/2012 6:57:35 | Computer Name = WORKGROUP | Source = DCOM | ID = 10005
Description = DCOM kreeg foutmelding '%1084' bij het starten van de EventSystem-service
met de argumenten '' om de server {1BE1F766-5536-11D1-B726-00C04FB926AF} te starten

Error - 10/03/2012 7:15:40 | Computer Name = WORKGROUP | Source = Service Control Manager | ID = 7024
Description = De Java Quick Starter-service is gestopt met de specifieke servicefout
1 (0x1).

Error - 10/03/2012 7:15:40 | Computer Name = WORKGROUP | Source = Service Control Manager | ID = 7011
Description = Time-out (30000 seconden) tijdens het wachten op een reactie op een
transactie van deze service: Akamai.

Error - 10/03/2012 7:52:41 | Computer Name = WORKGROUP | Source = Service Control Manager | ID = 7024
Description = De Java Quick Starter-service is gestopt met de specifieke servicefout
1 (0x1).

Error - 10/03/2012 9:58:54 | Computer Name = WORKGROUP | Source = Print | ID = 19
Description = Delen van printer is mislukt + 1722, printer Canon MP610 series Printer
sharenaam Printer4.

Error - 10/03/2012 13:11:29 | Computer Name = WORKGROUP | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: ViaIde

Error - 10/03/2012 22:18:40 | Computer Name = WORKGROUP | Source = System Error | ID = 1003
Description = Foutcode; 1000008e, parameter1: c0000005, parameter2: bd210d7c, parameter3:
b11d587c, parameter4: 00000000.

< End of report >

Omhoog

Abraham54

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: zo maart 11, 2012 10:04 pm

Helper

Geregistreerd: ma feb 15, 2010 10:00 pm
Berichten: 4744
Woonplaats: Grootste stad vanTwente
Besturingssysteem: Windows 7 x64 Professional
Bescherming: Avira 2013 & OnlineArmor

Sluit voordat je OTL de fix laat doen, eerst alle andere openstaande vensters!

Start OTL

Plak de volgende (vetgedrukte, blauwe tekst) onder Custom Scans/Fixes

:OTL

IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
IE - HKU\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
O3 - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-162531612-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
C:\WINDOWS\tasks\User_Feed_Synchronization-{C07A5723-3BFA-4BBD-934C-01E3D3DE247F}.job

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1663E41B
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0348410E
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A1822177
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:00F7B10F
@Alternate Data Stream - 108 bytes -> C:\WINDOWS:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

:Services

:Reg

:Files

:Commands
[purity]

[emptytemp]
[emptyflash]
[createrestorepoint]
[reboot]
Klik daarna bovenaan op de knop Run Fix
Laat het programma ongestoord zijn werk doen.
De pc zal na afloop opnieuw opgestart worden.
Post tevens de inhoud van het OTL-scanlog

_________________
Blijf jezelf; er zijn genoeg anderen.

Omhoog

JV3

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: ma maart 12, 2012 12:57 am

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

Hallo,

Heb de blauwe tekst gecopieerd en op run fix gedrukt. Ik krijg de melding "processes killilng Do not interrupt". Maar dat is nu al 3 uur bezig en ik zie geen enkele beweging. Ik denk dat mijn computer is vastgelopen. Mag ik hem gewoon af en opzetten of heb ik dan een probleem?

Zal hem deze nacht nog gewoon laten opstaan, maar het lijkt mij zeer lang te duren ' dus denk niet dat dit normaal is.

Alvast bedankt .
Groetjes

Omhoog

Abraham54

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: ma maart 12, 2012 12:27 pm

Helper

Geregistreerd: ma feb 15, 2010 10:00 pm
Berichten: 4744
Woonplaats: Grootste stad vanTwente
Besturingssysteem: Windows 7 x64 Professional
Bescherming: Avira 2013 & OnlineArmor

Laat weten wat je gedaan hebt.
Normaal gesproken, indien dit soort problemen ontstaan, dan de computer te laten herstarten.
Desnoods kan je proberen of het in Veilige modus wel wil werken.

_________________
Blijf jezelf; er zijn genoeg anderen.

Omhoog

JV3

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: ma maart 12, 2012 9:11 pm

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

ok, uiteindelijk is het gelukt in veilige modus. maar er is geen OTL.txt geopend ; ik vind dat ook nergens terug op mijn PC. weet jij waar dat kan staan ; OTL staat gewoon op mijn bureaublad, maar die nieuwe OTL na de runfix vind ik nergens. Kan hem dus ook niet meeposten aan u.

Omhoog

Abraham54

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: ma maart 12, 2012 9:37 pm

Helper

Geregistreerd: ma feb 15, 2010 10:00 pm
Berichten: 4744
Woonplaats: Grootste stad vanTwente
Besturingssysteem: Windows 7 x64 Professional
Bescherming: Avira 2013 & OnlineArmor

Start OTL dan weer op voor een nieuwe snelle scan.
En dat er geen tweede log opent, dat is dan normaal.
Post in ieder geval het log dat je krijgt.

_________________
Blijf jezelf; er zijn genoeg anderen.

Omhoog

JV3

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: ma maart 12, 2012 9:58 pm

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

Wou nieuwe scan doen, bij het aanklikken van OTL prgramma kwam opeens de OTL.txt tevoorschijn. Hier is ie dan ; zonder dat ik een nieuwe scan heb uitgevoerd.

All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_USERS\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Unable to set value : HKU\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E!
Registry key HKEY_USERS\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry key HKEY_USERS\S-1-5-21-842925246-162531612-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:1663E41B deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0348410E deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:A1822177 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:00F7B10F deleted successfully.
Unable to delete ADS C:\WINDOWS: .
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] not found.
File EY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temporary Internet Files folder emptied: 205171 bytes

User: Administrator.WORKGROUP
->Temporary Internet Files folder emptied: 12064027 bytes
->Flash cache emptied: 456 bytes

User: Administrator.WORKGROUP.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 12212445 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: beheerder
->Temp folder emptied: 62905438 bytes
->Temporary Internet Files folder emptied: 22284327 bytes
->Java cache emptied: 5379793 bytes
->FireFox cache emptied: 40102234 bytes
->Google Chrome cache emptied: 6239736 bytes
->Flash cache emptied: 1508 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33294 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 98418585 bytes

User: UpdatusUser
->Temporary Internet Files folder emptied: 32768 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351678 bytes
%systemroot%\System32 .tmp files removed: 6716 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1149518 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 216225801 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 458,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.WORKGROUP
->Flash cache emptied: 0 bytes

User: Administrator.WORKGROUP.000
->Flash cache emptied: 0 bytes

User: All Users

User: beheerder
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

OTL by OldTimer - Version 3.2.36.3 log created on 03122012_200244

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Omhoog

Abraham54

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: ma maart 12, 2012 10:42 pm

Helper

Geregistreerd: ma feb 15, 2010 10:00 pm
Berichten: 4744
Woonplaats: Grootste stad vanTwente
Besturingssysteem: Windows 7 x64 Professional
Bescherming: Avira 2013 & OnlineArmor

Mooi zo, dan gaan we naar de volgende stappen.

Stap •1•
Welk programma: TDSSStarter.exe
Waarvoor/waarom: Rootkitscanner
Moeilijkheidsgraad: geen
Download TDSSStarter naar het bureaublad.

"TDSSSStarter.exe" gebruiken:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start het tool middels dubbelklik op " TDSSStarter .exe".
- Windows Vista en Windows 7: start het tool middels rechtsklik op "TDSSStarter.exe" en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.

Stap •2•
Welk programma: ComboFix
Waarvoor/waarom: Zeer specialistische scanner om Windows diepgaand te onderzoeken
en zo mogelijk op te schonen.
Moeilijkheidsgraad: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden!
Download ComboFix via één van deze locaties:

Hier zie je hoe je ComboFix moet gebruiken.

Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Voor alle duidelijkheid nogmaals: ComboFix dient vanaf het bureaublad gestart te worden.

Opmerkingen:

Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).

ComboFix opstarten:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start ComboFix.exe middels dubbelklik op ComboFix.exe.
- Windows Vista en Windows 7: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor Als Administrator uitvoeren.

ComboFix is opgestart:

Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
Post de inhoud van dit logbestand in je volgende bericht.
Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt

Belangrijke opmerking:

Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
Illegal operation attempted on a registery key that has been marked for deletion.
Start dan de computer opnieuw op.

Stap •3•
Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:

TDSSKStarter-log
ComboFix.txt-log

_________________
Blijf jezelf; er zijn genoeg anderen.

Omhoog

JV3

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: di maart 13, 2012 12:22 am

Lid

Geregistreerd: za maart 10, 2012 8:56 pm
Berichten: 74
Woonplaats: DIEST
Besturingssysteem: 7 64-bit
Bescherming: NOD

logfile van TDSS hieronder. Combofix laten lopen zoals het hoord, met virusprogramma's en malware en firewal uit.
is volledige gelukt, en heeft computer heropgestart, maar ik vind geen Combofix.txt , Ook niet op c:/combofix.txt.

Wel zie ik via windows verkenner onder mijn c: combofix staan met daaronder weer opnieuw al mijn harde schijven en opnieuw op de c-schijf een icoontje met combofic met daaronder weer al mijn schijven enz.

22:44:49.0140 0556 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
22:44:49.0140 0556 ============================================================
22:44:49.0140 0556 Current date / time: 2012/03/12 22:44:49.0140
22:44:49.0140 0556 SystemInfo:
22:44:49.0140 0556
22:44:49.0140 0556 OS Version: 5.1.2600 ServicePack: 3.0
22:44:49.0140 0556 Product type: Workstation
22:44:49.0140 0556 ComputerName: WORKGROUP
22:44:49.0140 0556 UserName: beheerder
22:44:49.0140 0556 Windows directory: C:\WINDOWS
22:44:49.0140 0556 System windows directory: C:\WINDOWS
22:44:49.0140 0556 Processor architecture: Intel x86
22:44:49.0140 0556 Number of processors: 2
22:44:49.0140 0556 Page size: 0x1000
22:44:49.0140 0556 Boot type: Normal boot
22:44:49.0140 0556 ============================================================
22:44:51.0468 0556 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:44:51.0468 0556 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:44:51.0500 0556 Drive \Device\Harddisk2\DR4 - Size: 0x7B000000 (1.92 Gb), SectorSize: 0x200, Cylinders: 0xFA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:44:51.0500 0556 \Device\Harddisk0\DR0:
22:44:51.0515 0556 MBR used
22:44:51.0515 0556 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
22:44:51.0515 0556 \Device\Harddisk1\DR1:
22:44:51.0515 0556 MBR used
22:44:51.0515 0556 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:44:51.0515 0556 \Device\Harddisk2\DR4:
22:44:51.0515 0556 MBR used
22:44:51.0515 0556 \Device\Harddisk2\DR4\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x3D7FE0
22:44:51.0578 0556 Initialize success
22:44:51.0578 0556 ============================================================
22:44:51.0609 2736 ============================================================
22:44:51.0609 2736 Scan started
22:44:51.0609 2736 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
22:44:51.0609 2736 ============================================================
22:44:52.0906 2736 Abiosdsk - ok
22:44:52.0953 2736 abp480n5 - ok
22:44:53.0015 2736 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:44:54.0593 2736 ACPI - ok
22:44:54.0859 2736 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:44:54.0968 2736 ACPIEC - ok
22:44:55.0046 2736 adpu160m - ok
22:44:55.0078 2736 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:44:55.0171 2736 aec - ok
22:44:55.0265 2736 afcdp (0cba69e0bda9f55736239627e49df31a) C:\WINDOWS\system32\DRIVERS\afcdp.sys
22:44:55.0359 2736 afcdp - ok
22:44:55.0406 2736 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:44:55.0500 2736 AFD - ok
22:44:55.0515 2736 Aha154x - ok
22:44:55.0515 2736 aic78u2 - ok
22:44:55.0515 2736 aic78xx - ok
22:44:55.0531 2736 AliIde - ok
22:44:55.0531 2736 amsint - ok
22:44:55.0593 2736 apf001 (7b4beb577c5d0171f9b66f390ec29284) C:\AeriaGames\Wolfteam\apf001.sys
22:44:55.0625 2736 apf001 - ok
22:44:55.0625 2736 asc - ok
22:44:55.0625 2736 asc3350p - ok
22:44:55.0640 2736 asc3550 - ok
22:44:55.0671 2736 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:44:55.0750 2736 AsyncMac - ok
22:44:55.0796 2736 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:44:55.0906 2736 atapi - ok
22:44:55.0921 2736 Atdisk - ok
22:44:55.0937 2736 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:44:56.0015 2736 Atmarpc - ok
22:44:56.0250 2736 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:44:56.0796 2736 audstub - ok
22:44:56.0906 2736 Avgfwdx (0c5941af0b6bf2fdf378937392865217) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
22:44:56.0937 2736 Avgfwdx - ok
22:44:56.0953 2736 Avgfwfd (0c5941af0b6bf2fdf378937392865217) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
22:44:56.0968 2736 Avgfwfd - ok
22:44:57.0031 2736 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
22:44:57.0046 2736 AVGIDSDriver - ok
22:44:57.0078 2736 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
22:44:57.0078 2736 AVGIDSEH - ok
22:44:57.0109 2736 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
22:44:57.0109 2736 AVGIDSFilter - ok
22:44:57.0140 2736 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
22:44:57.0156 2736 AVGIDSShim - ok
22:44:57.0187 2736 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:44:57.0203 2736 Avgldx86 - ok
22:44:57.0218 2736 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:44:57.0234 2736 Avgmfx86 - ok
22:44:57.0250 2736 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:44:57.0265 2736 Avgrkx86 - ok
22:44:57.0281 2736 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:44:57.0296 2736 Avgtdix - ok
22:44:57.0312 2736 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:44:57.0406 2736 Beep - ok
22:44:57.0437 2736 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:44:57.0546 2736 cbidf2k - ok
22:44:57.0562 2736 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:44:57.0656 2736 CCDECODE - ok
22:44:57.0656 2736 cd20xrnt - ok
22:44:57.0687 2736 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:44:57.0781 2736 Cdaudio - ok
22:44:57.0812 2736 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:44:57.0937 2736 Cdfs - ok
22:44:57.0984 2736 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:44:58.0062 2736 Cdrom - ok
22:44:58.0093 2736 Changer - ok
22:44:58.0125 2736 CmdIde - ok
22:44:58.0140 2736 Cpqarray - ok
22:44:58.0140 2736 dac2w2k - ok
22:44:58.0156 2736 dac960nt - ok
22:44:58.0156 2736 DefragFS (f33959a8e4a8b689e2194f9531528994) C:\WINDOWS\system32\drivers\DefragFS.sys
22:44:58.0171 2736 DefragFS - ok
22:44:58.0187 2736 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:44:58.0296 2736 Disk - ok
22:44:58.0359 2736 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
22:44:58.0453 2736 dmboot - ok
22:44:58.0500 2736 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
22:44:58.0578 2736 dmio - ok
22:44:58.0609 2736 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:44:58.0703 2736 dmload - ok
22:44:58.0734 2736 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:44:58.0828 2736 DMusic - ok
22:44:58.0843 2736 dpti2o - ok
22:44:58.0859 2736 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:44:58.0953 2736 drmkaud - ok
22:44:58.0968 2736 dvdfab (12986452237021fd48b08f8e23f6a7ab) C:\WINDOWS\system32\drivers\dvdfab.sys
22:44:58.0984 2736 dvdfab - ok
22:44:59.0000 2736 EagleNT - ok
22:44:59.0000 2736 EagleXNt - ok
22:44:59.0031 2736 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
22:44:59.0046 2736 ElbyCDFL - ok
22:44:59.0062 2736 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
22:44:59.0062 2736 ElbyCDIO - ok
22:44:59.0093 2736 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:44:59.0187 2736 Fastfat - ok
22:44:59.0203 2736 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:44:59.0296 2736 Fdc - ok
22:44:59.0312 2736 FET5X86V (5faa391f5b4cd2c38be7ca270e13b444) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
22:44:59.0375 2736 FET5X86V - ok
22:44:59.0406 2736 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
22:44:59.0500 2736 FETNDIS - ok
22:44:59.0515 2736 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
22:44:59.0609 2736 Fips - ok
22:44:59.0640 2736 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:44:59.0718 2736 Flpydisk - ok
22:44:59.0750 2736 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:44:59.0859 2736 FltMgr - ok
22:44:59.0890 2736 FsUsbExDisk (10398b515653442a5b89fdf6a1d06180) C:\WINDOWS\system32\FsUsbExDisk.SYS
22:44:59.0906 2736 FsUsbExDisk - ok
22:44:59.0921 2736 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:45:00.0000 2736 Fs_Rec - ok
22:45:00.0031 2736 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:45:00.0125 2736 Ftdisk - ok
22:45:00.0140 2736 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
22:45:00.0234 2736 gameenum - ok
22:45:00.0250 2736 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:45:00.0281 2736 GEARAspiWDM - ok
22:45:00.0312 2736 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:45:00.0390 2736 Gpc - ok
22:45:00.0421 2736 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:45:00.0515 2736 HDAudBus - ok
22:45:00.0546 2736 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:45:00.0640 2736 hidusb - ok
22:45:00.0656 2736 hpn - ok
22:45:00.0687 2736 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:45:00.0703 2736 HTTP - ok
22:45:00.0718 2736 i2omgmt - ok
22:45:00.0718 2736 i2omp - ok
22:45:00.0734 2736 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:45:00.0843 2736 i8042prt - ok
22:45:00.0875 2736 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:45:00.0953 2736 Imapi - ok
22:45:00.0968 2736 ini910u - ok
22:45:01.0062 2736 IntcAzAudAddService (47f27af890da3e51c633fdd510910115) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:45:01.0281 2736 IntcAzAudAddService - ok
22:45:01.0281 2736 IntelIde - ok
22:45:01.0343 2736 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:45:01.0421 2736 intelppm - ok
22:45:01.0437 2736 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:45:01.0531 2736 Ip6Fw - ok
22:45:01.0546 2736 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:45:01.0625 2736 IpFilterDriver - ok
22:45:01.0640 2736 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:45:01.0734 2736 IpInIp - ok
22:45:01.0750 2736 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:45:01.0859 2736 IpNat - ok
22:45:01.0890 2736 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:45:01.0984 2736 IPSec - ok
22:45:02.0015 2736 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
22:45:02.0046 2736 irda - ok
22:45:02.0062 2736 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:45:02.0109 2736 IRENUM - ok
22:45:02.0125 2736 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
22:45:02.0171 2736 irsir - ok
22:45:02.0203 2736 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:45:02.0296 2736 isapnp - ok
22:45:02.0328 2736 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:45:02.0406 2736 Kbdclass - ok
22:45:02.0421 2736 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:45:02.0515 2736 kmixer - ok
22:45:02.0531 2736 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:45:02.0562 2736 KSecDD - ok
22:45:02.0578 2736 lbrtfdc - ok
22:45:02.0609 2736 LVPr2Mon (8be71d7edb8c7494913722059f760dd0) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
22:45:02.0625 2736 LVPr2Mon - ok
22:45:02.0671 2736 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
22:45:02.0671 2736 MBAMProtector - ok
22:45:02.0703 2736 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:45:02.0796 2736 mnmdd - ok
22:45:02.0812 2736 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
22:45:02.0921 2736 Modem - ok
22:45:02.0953 2736 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:45:03.0031 2736 Mouclass - ok
22:45:03.0046 2736 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:45:03.0218 2736 mouhid - ok
22:45:03.0281 2736 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:45:03.0375 2736 MountMgr - ok
22:45:03.0390 2736 mraid35x - ok
22:45:03.0406 2736 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:45:03.0484 2736 MRxDAV - ok
22:45:03.0531 2736 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:45:03.0562 2736 MRxSmb - ok
22:45:03.0593 2736 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:45:03.0671 2736 Msfs - ok
22:45:03.0718 2736 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:45:03.0796 2736 MSKSSRV - ok
22:45:03.0812 2736 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:45:03.0921 2736 MSPCLOCK - ok
22:45:03.0937 2736 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:45:04.0015 2736 MSPQM - ok
22:45:04.0031 2736 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:45:04.0125 2736 mssmbios - ok
22:45:04.0156 2736 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:45:04.0234 2736 MSTEE - ok
22:45:04.0265 2736 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
22:45:04.0343 2736 ms_mpu401 - ok
22:45:04.0375 2736 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:45:04.0406 2736 Mup - ok
22:45:04.0406 2736 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:45:04.0500 2736 NABTSFEC - ok
22:45:04.0531 2736 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:45:04.0609 2736 NDIS - ok
22:45:04.0625 2736 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:45:04.0703 2736 NdisIP - ok
22:45:04.0734 2736 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:45:04.0750 2736 NdisTapi - ok
22:45:04.0781 2736 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:45:04.0890 2736 Ndisuio - ok
22:45:04.0921 2736 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:45:05.0000 2736 NdisWan - ok
22:45:05.0015 2736 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:45:05.0062 2736 NDProxy - ok
22:45:05.0078 2736 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:45:05.0171 2736 NetBIOS - ok
22:45:05.0187 2736 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:45:05.0281 2736 NetBT - ok
22:45:05.0312 2736 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
22:45:05.0390 2736 nm - ok
22:45:05.0406 2736 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:45:05.0484 2736 Npfs - ok
22:45:05.0515 2736 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
22:45:05.0515 2736 NPPTNT2 ( UnsignedFile.Multi.Generic ) - warning
22:45:05.0515 2736 NPPTNT2 - detected UnsignedFile.Multi.Generic (1)
22:45:05.0546 2736 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:45:05.0640 2736 Ntfs - ok
22:45:05.0687 2736 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:45:05.0765 2736 Null - ok
22:45:05.0968 2736 nv (30913cbf518396912e54c2c9f1dd0f09) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:45:06.0359 2736 nv - ok
22:45:06.0390 2736 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:45:06.0484 2736 NwlnkFlt - ok
22:45:06.0500 2736 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:45:06.0593 2736 NwlnkFwd - ok
22:45:06.0625 2736 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
22:45:06.0703 2736 Parport - ok
22:45:06.0734 2736 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:45:06.0812 2736 PartMgr - ok
22:45:06.0843 2736 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
22:45:06.0937 2736 ParVdm - ok
22:45:06.0953 2736 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
22:45:07.0046 2736 PCI - ok
22:45:07.0046 2736 PCIDump - ok
22:45:07.0062 2736 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:45:07.0140 2736 PCIIde - ok
22:45:07.0187 2736 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:45:07.0265 2736 Pcmcia - ok
22:45:07.0281 2736 PDCOMP - ok
22:45:07.0281 2736 PDFRAME - ok
22:45:07.0328 2736 PDFSFilter (b7064e3ce97323573f447e596b515466) C:\WINDOWS\system32\DRIVERS\PDFsFilter.sys
22:45:07.0343 2736 PDFSFilter - ok
22:45:07.0343 2736 PDRELI - ok
22:45:07.0359 2736 PDRFRAME - ok
22:45:07.0359 2736 perc2 - ok
22:45:07.0359 2736 perc2hib - ok
22:45:07.0390 2736 pppop (4fb133321e33cf310b0010f7f3631536) C:\WINDOWS\system32\DRIVERS\pppop.sys
22:45:07.0406 2736 pppop - ok
22:45:07.0437 2736 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:45:07.0531 2736 PptpMiniport - ok
22:45:07.0531 2736 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:45:07.0625 2736 PSched - ok
22:45:07.0640 2736 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:45:07.0734 2736 Ptilink - ok
22:45:07.0750 2736 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:45:07.0765 2736 PxHelp20 - ok
22:45:07.0765 2736 ql1080 - ok
22:45:07.0781 2736 Ql10wnt - ok
22:45:07.0781 2736 ql12160 - ok
22:45:07.0796 2736 ql1240 - ok
22:45:07.0796 2736 ql1280 - ok
22:45:07.0812 2736 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:45:07.0921 2736 RasAcd - ok
22:45:07.0937 2736 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:45:07.0968 2736 Rasirda - ok
22:45:07.0984 2736 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:45:08.0062 2736 Rasl2tp - ok
22:45:08.0078 2736 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:45:08.0156 2736 RasPppoe - ok
22:45:08.0171 2736 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:45:08.0250 2736 Raspti - ok
22:45:08.0281 2736 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:45:08.0359 2736 Rdbss - ok
22:45:08.0375 2736 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:45:08.0453 2736 RDPCDD - ok
22:45:08.0484 2736 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:45:08.0578 2736 rdpdr - ok
22:45:08.0609 2736 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:45:08.0656 2736 RDPWD - ok
22:45:08.0687 2736 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:45:08.0765 2736 redbook - ok
22:45:08.0796 2736 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\WINDOWS\system32\drivers\SCDEmu.sys
22:45:08.0812 2736 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
22:45:08.0812 2736 SCDEmu - detected UnsignedFile.Multi.Generic (1)
22:45:08.0843 2736 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:45:08.0906 2736 Secdrv - ok
22:45:08.0937 2736 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:45:09.0015 2736 serenum - ok
22:45:09.0031 2736 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
22:45:09.0109 2736 Serial - ok
22:45:09.0140 2736 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:45:09.0234 2736 Sfloppy - ok
22:45:09.0250 2736 Simbad - ok
22:45:09.0281 2736 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:45:09.0468 2736 SLIP - ok
22:45:09.0546 2736 snapman (85bada660d57bc5aef52b11cabd6d8f9) C:\WINDOWS\system32\DRIVERS\snapman.sys
22:45:09.0562 2736 snapman - ok
22:45:09.0593 2736 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:45:09.0687 2736 SONYPVU1 - ok
22:45:09.0687 2736 Sparrow - ok
22:45:09.0718 2736 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:45:09.0812 2736 splitter - ok
22:45:09.0859 2736 sptd (614deea4bdcec3fd5a07bdc705723ad7) C:\WINDOWS\System32\Drivers\sptd.sys
22:45:09.0859 2736 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: 614deea4bdcec3fd5a07bdc705723ad7
22:45:09.0859 2736 sptd ( LockedFile.Multi.Generic ) - warning
22:45:09.0859 2736 sptd - detected LockedFile.Multi.Generic (1)
22:45:09.0875 2736 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
22:45:09.0921 2736 sr - ok
22:45:09.0953 2736 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:45:10.0000 2736 Srv - ok
22:45:10.0031 2736 ssadbus (6d83ff6722baf7e82a4521dbec363e5a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
22:45:10.0062 2736 ssadbus - ok
22:45:10.0109 2736 ssadmdfl (5ae42e90f99749e0e35b9989a2d0275c) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
22:45:10.0125 2736 ssadmdfl - ok
22:45:10.0156 2736 ssadmdm (9285d8aba50a4d6482b1574448f9eb76) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
22:45:10.0156 2736 ssadmdm - ok
22:45:10.0250 2736 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:45:10.0343 2736 streamip - ok
22:45:10.0359 2736 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:45:10.0453 2736 swenum - ok
22:45:10.0468 2736 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:45:10.0562 2736 swmidi - ok
22:45:10.0562 2736 symc810 - ok
22:45:10.0578 2736 symc8xx - ok
22:45:10.0578 2736 sym_hi - ok
22:45:10.0593 2736 sym_u3 - ok
22:45:10.0609 2736 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:45:10.0687 2736 sysaudio - ok
22:45:10.0734 2736 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:45:10.0812 2736 Tcpip - ok
22:45:10.0875 2736 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:45:10.0968 2736 TDPIPE - ok
22:45:11.0000 2736 tdrpman273 (431801fcc97034e04a6eff81136578d7) C:\WINDOWS\system32\DRIVERS\tdrpm273.sys
22:45:11.0031 2736 tdrpman273 - ok
22:45:11.0078 2736 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:45:11.0171 2736 TDTCP - ok
22:45:11.0203 2736 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:45:11.0281 2736 TermDD - ok
22:45:11.0328 2736 thdudf (9d4bbd6e27b5562aea8295de7134e386) C:\WINDOWS\system32\DRIVERS\thdudf.sys
22:45:11.0328 2736 thdudf ( UnsignedFile.Multi.Generic ) - warning
22:45:11.0328 2736 thdudf - detected UnsignedFile.Multi.Generic (1)
22:45:11.0359 2736 timounter (a34d7024bb7140ec785c86bc065d4f60) C:\WINDOWS\system32\DRIVERS\timntr.sys
22:45:11.0390 2736 timounter - ok
22:45:11.0390 2736 TosIde - ok
22:45:11.0406 2736 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
22:45:11.0484 2736 uagp35 - ok
22:45:11.0515 2736 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:45:11.0593 2736 Udfs - ok
22:45:11.0609 2736 ultra - ok
22:45:11.0625 2736 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:45:11.0718 2736 Update - ok
22:45:11.0750 2736 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:45:11.0781 2736 USBAAPL - ok
22:45:11.0812 2736 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:45:11.0921 2736 usbaudio - ok
22:45:11.0937 2736 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:45:12.0015 2736 usbccgp - ok
22:45:12.0046 2736 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:45:12.0140 2736 usbehci - ok
22:45:12.0171 2736 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:45:12.0250 2736 usbhub - ok
22:45:12.0281 2736 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:45:12.0375 2736 usbprint - ok
22:45:12.0390 2736 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:45:12.0484 2736 usbscan - ok
22:45:12.0500 2736 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:45:12.0593 2736 USBSTOR - ok
22:45:12.0625 2736 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:45:12.0703 2736 usbuhci - ok
22:45:12.0734 2736 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:45:12.0812 2736 usbvideo - ok
22:45:12.0859 2736 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:45:12.0953 2736 VgaSave - ok
22:45:12.0953 2736 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:45:13.0031 2736 ViaIde - ok
22:45:13.0062 2736 videX32 (f95c0fcfbcbda6d8f202d2df4052f88d) C:\WINDOWS\system32\DRIVERS\videX32.sys
22:45:13.0078 2736 videX32 - ok
22:45:13.0093 2736 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
22:45:13.0187 2736 VolSnap - ok
22:45:13.0218 2736 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:45:13.0296 2736 Wanarp - ok
22:45:13.0312 2736 WDICA - ok
22:45:13.0328 2736 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:45:13.0406 2736 wdmaud - ok
22:45:13.0468 2736 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:45:13.0500 2736 WpdUsb - ok
22:45:13.0531 2736 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:45:13.0609 2736 WSTCODEC - ok
22:45:13.0640 2736 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:45:13.0656 2736 WudfPf - ok
22:45:13.0671 2736 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:45:13.0687 2736 WudfRd - ok
22:45:13.0703 2736 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
22:45:13.0875 2736 \Device\Harddisk0\DR0 - ok
22:45:13.0890 2736 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
22:45:13.0968 2736 \Device\Harddisk1\DR1 - ok
22:45:13.0968 2736 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk2\DR4
22:45:14.0578 2736 \Device\Harddisk2\DR4 - ok
22:45:14.0578 2736 Boot (0x1200) (dded0455b14cbb8678f7409d2589e7ca) \Device\Harddisk0\DR0\Partition0
22:45:14.0578 2736 \Device\Harddisk0\DR0\Partition0 - ok
22:45:14.0593 2736 Boot (0x1200) (da24b7ccc880e0a370eb90186bf0a465) \Device\Harddisk1\DR1\Partition0
22:45:14.0593 2736 \Device\Harddisk1\DR1\Partition0 - ok
22:45:14.0593 2736 Boot (0x1200) (011ad73a029d87b0c2fcee8202b0fdfb) \Device\Harddisk2\DR4\Partition0
22:45:14.0593 2736 \Device\Harddisk2\DR4\Partition0 - ok
22:45:14.0593 2736 ============================================================
22:45:14.0593 2736 Scan finished
22:45:14.0593 2736 ============================================================
22:45:15.0515 2644 Deinitialize success

==============================================
System Restore Point Check:

TDSSKiller Starter Restore Point Created Succesfully
==============================================
EOF

Omhoog

Abraham54

Berichttitel: Re: HERSTART PC BIJ OPENEN BEPAALDE TOEPASSINGEN

Geplaatst: di maart 13, 2012 10:34 am

Helper

Geregistreerd: ma feb 15, 2010 10:00 pm
Berichten: 4744
Woonplaats: Grootste stad vanTwente
Besturingssysteem: Windows 7 x64 Professional
Bescherming: Avira 2013 & OnlineArmor

Kan jij screenprints posten van alles wat je via verkenner van ComboFix vindt?

Want ik vind dit wel een heel raar verhaal wat ComboFix bij jou gedaan heeft.

_________________
Blijf jezelf; er zijn genoeg anderen.

Omhoog

Pagina 1 van 7

[ 92 berichten ]

Ga naar pagina 1, 2, 3, 4, 5 ... 7 Volgende

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles

Alle tijden zijn GMT + 1 uur [ Zomertijd ]

Wie is er online

Gebruikers op dit forum: Geen geregistreerde gebruikers. en 2 gasten

Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum