Het is nu vr jul 25, 2014 12:25 pm

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles




Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 9 berichten ] 
Auteur Bericht
BerichtGeplaatst: wo sep 12, 2012 3:16 pm 
Offline
Lid

Geregistreerd: di sep 11, 2012 5:41 pm
Berichten: 5
Besturingssysteem: Windows 7
Bescherming: F-Secure
De PC die vooral door mijn kinderen wordt gebruikt, maar ook door mij voor mijn website, is ongelooflijk traag geworden en lijkt steeds aan de slag terwijl er niemand aanzit. Mijn zoon speelt veel online spellen en mijn dochter kijkt graag films en series op de PC. We gebruiken verschillende browsers, ik Firefox. Vooral bij Firefox heb ik ook last van popupvensters van adserverplus en doubleclicknet. Ik ben niet heel onhandig met PC's, maar ik krijg het niet opgelost. Ik zou het heel fijn vinden als jullie mij ermee kunnen helpen.

Ik heb al veel op internet gezocht. De virusscanner F-Secure ziet niets. Ad-Aware ook niet. (Ad-Aware heb ik gisteren geprobeerd te verwijderen, maar zie ik nu weer staan. Ga ik naar kijken.) atieclxx.exe heeft bij mij de (afwijkende?) grootte 522 k. Aan het hosts-bestandje in de drivers\etc map heb ik inmiddels de regels:
127.0.0.1 localhost
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad.doubleclick.be
127.0.0.1 ad.doubleclick.com
127.0.0.1 ad.doubleclick.de
127.0.0.1 ad.doubleclick.nl
toegevoegd. Het enige is, dat het venster nu geen inhoud meer bevat, en soms een foutmelding (Firefox kan geen verbinding maken met de server op ad.doubleclick.net.)

Hier komen de logs.

Malwarebytes Anti-Malware Databaseversie: v2012.09.11.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
M.Bouwens :: GAMESDESIGNPC [administrator]

Realtime bescherming: Ingeschakeld

11-9-2012 16:56:46
mbam-log-2012-09-11 (16-56-46).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 305021
Verstreken tijd: 7 minuut/minuten, 17 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 1
C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 9
C:\$Recycle.Bin\S-1-5-21-3766735717-3127052058-815072437-1004\$RNGTLEP.exe (PUP.Adbundler) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Martijn\AppData\Roaming\data.dat (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Martijn\AppData\Roaming\lovely.ini (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll_1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll_2 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.


OTL:
OTL logfile created on: 11-9-2012 17:28:03 - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\M.Bouwens\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

4,00 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 61,17% Memory free
8,00 Gb Paging File | 6,36 Gb Available in Paging File | 79,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 47,11 Gb Free Space | 24,13% Space Free | Partition Type: NTFS
Drive D: | 736,20 Gb Total Space | 556,56 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Drive E: | 5,48 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: GAMESDESIGNPC | User Name: M.Bouwens | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-09-11 17:13:01 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\M.Bouwens\Desktop\OTL.com
PRC - [2012-09-07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-09-07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-09-07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-07-17 22:50:37 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-07-05 11:09:13 | 001,027,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2012-07-05 11:09:13 | 000,560,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2012-06-21 13:29:36 | 000,163,536 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\fshoster32.exe
PRC - [2012-03-15 18:00:44 | 000,213,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012-03-15 15:55:34 | 000,062,160 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
PRC - [2011-08-19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2009-12-03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2006-12-19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012-08-06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-07-28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-09-14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009-09-14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-09-11 06:47:28 | 000,531,280 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-09-08 13:10:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-09-07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-08-30 12:35:18 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-08-14 22:55:58 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-17 22:50:37 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-21 13:29:36 | 000,163,536 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2012-03-15 18:00:44 | 000,213,672 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012-03-15 18:00:38 | 000,914,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\program\fsdfwd.exe -- (FSDFWD)
SRV - [2012-03-15 15:55:34 | 000,062,160 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011-08-19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2006-12-19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-09-07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012-08-15 17:36:49 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2012-08-10 14:02:00 | 000,058,424 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fsccsys.sys -- (fsccsys1346916769)
DRV:64bit: - [2012-07-28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-07-28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-05-14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-03-15 18:00:38 | 000,095,112 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW)
DRV:64bit: - [2012-03-15 18:00:38 | 000,046,024 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES)
DRV:64bit: - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-08-19 11:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011-08-19 11:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011-05-10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-05-07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010-05-07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010-01-28 16:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-08-13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009-07-14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009-07-14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009-01-09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2007-04-11 16:35:46 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2007-04-11 16:35:30 | 000,056,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007-04-11 16:35:22 | 000,053,520 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007-04-11 16:34:58 | 000,035,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2007-01-26 17:04:36 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k)
DRV - [2012-07-05 11:09:46 | 000,199,888 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012-07-05 11:09:13 | 000,062,032 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012-07-05 11:06:33 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2012-03-15 18:00:28 | 000,015,016 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... fba642e91b
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 56 18 88 CE 32 2F CC 01 [binary data]
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=bca6ae2400000000000090fba642e91b
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{2A4DCCA4-3040-4E41-8228-143CF790F760}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_nlNL418
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_Prot"
FF - prefs.js..extensions.enabledAddons: {A001AE6F-2978-4C71-95D5-79F3E08898C2}:6.23
FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.2.2
FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
FF - prefs.js..extensions.enabledAddons: {ba14329e-9550-4989-b3f2-9732e92d17cc}:10.10.27.6
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&affID=101241&mntrId=bca6ae2400000000000090fba642e91b&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.nl/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-05-25 19:34:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-05-25 19:34:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\litmus-ff@f-secure.com\ [2012-09-06 09:32:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-09-11 16:37:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-09-08 13:10:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-08-06 08:18:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012-08-15 17:39:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-09-11 16:37:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-09-08 13:10:42 | 000,000,000 | ---D | M]

[2011-02-05 20:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Extensions
[2011-02-05 20:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-09-11 16:36:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions
[2012-09-11 14:40:58 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011-09-07 07:21:27 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012-03-07 18:12:45 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com
[2012-09-08 13:50:40 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012-09-01 17:47:32 | 001,625,368 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\firebug@software.joehewitt.com.xpi
[2011-07-03 17:12:56 | 000,031,155 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\{A001AE6F-2978-4C71-95D5-79F3E08898C2}.xpi
[2012-09-05 15:56:13 | 001,268,546 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\01e5db4d4b4e067ef2417404c7741115_expire
[2012-08-30 11:40:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2012-07-01 10:54:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\21d2bb231d3c04f5b6434220b2b1cb9e_expire
[2012-08-12 18:15:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\234f49c8fe7e33af5dceeaad5c34535a_expire
[2012-09-11 12:47:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2012-08-12 16:58:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e_expire
[2012-08-12 18:15:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\33333495813ef00227cafb4ac9f79647_expire
[2012-08-19 20:14:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\38c81c572ae8cdf0daccb2d724501760_expire
[2012-07-07 06:37:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\409dc4ca65bcc01439d855c7dd3360ea_expire
[2012-08-29 08:29:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire
[2012-09-07 17:39:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2012-09-01 17:43:32 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\51648deb16dc2ab21274a098e9784677_expire
[2012-09-11 17:05:36 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5a045276b203490f3399872b324a22b8_expire
[2012-09-05 11:23:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire
[2012-09-11 12:47:50 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\656bf02a99a3ba2fbf237f6152b7f3de_expire
[2012-07-01 10:54:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\680670b86f0b67567a12d8162b67b978_expire
[2012-09-08 16:12:13 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\7f7fb214217f3a4fd9085138d58a2c10_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\83ed2d62b3629381be4ff461166e8480_expire
[2012-09-11 12:47:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\924d47e6f7775d82becea30059272aae_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9427ec76680fe9fd7bce2c039b763ad3_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9dc8414e1b352cbe0663cc5f2b2490fb_expire
[2012-09-11 12:47:48 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\aaff3303cdd7526dcb9cd1bc7f49fa7a_expire
[2012-09-11 16:31:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\aeee69848edcb080584c8630e879efda_expire
[2012-08-19 20:14:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b_expire
[2012-09-11 12:48:20 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cc635a6b9f0f6cd38afb553c8282d650_expire
[2012-09-11 16:31:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d31fee2103d18244b731b1623650ec2e_expire
[2012-08-29 08:29:32 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire
[2012-09-11 12:48:20 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e02b35320e5111f1b626466c13c70a0a_expire
[2012-05-21 08:20:33 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e254d853f7703ee609adb09d0f102cd9_expire
[2012-08-26 14:29:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7215b147326809c45f6cf0952274624_expire
[2012-09-11 12:48:18 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e797b807b4545245d85048f0398296a9_expire
[2012-09-11 12:47:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ed0c923c82a39debf5c71d22f5ef3dc7_expire
[2012-09-05 11:23:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ed531ec1571712303d105d497dac8280_expire
[2012-09-11 12:47:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2012-09-11 16:31:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f254e56f8c066ef3bf0783e046dc7ecd_expire
[2012-09-07 17:39:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2012-07-07 06:37:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fd2c7cc8d016692e3593f7d629441035_expire
[2012-09-07 17:39:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
[2011-09-07 07:21:21 | 000,003,915 | ---- | M] () -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\searchplugins\sweetim.xml
[2012-09-08 13:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-09-11 16:37:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-09-08 13:10:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-04-14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012-03-07 18:13:07 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012-08-30 13:01:28 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-05-10 08:09:23 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012-05-10 08:09:23 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012-05-10 08:09:23 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========

CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={35CC411C-D911-11E0-829E-90FBA642E91B}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://home.sweetim.com/?barid={35CC411C-D911-11E0-829E-90FBA642E91B}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: (Enabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: YouTube = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Zoeken = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Google Zoeken = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: SiteAdvisor = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
CHR - Extension: SiteAdvisor = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\
CHR - Extension: DivX HiQ = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Skype Toolbars = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: Gmail = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-09-08 13:42:49 | 000,000,992 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.doubleclick.be
O1 - Hosts: 127.0.0.1 ad.doubleclick.com
O1 - Hosts: 127.0.0.1 ad.doubleclick.de
O1 - Hosts: 127.0.0.1 ad.doubleclick.nl
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [F-Secure Hoster (54599)] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HP Update 3400C] C:\sj652\hpupdate.exe 3400C File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\M.Bouwens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Marieke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Willemijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/NL/Core/ ... _Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{674A0CD4-2478-4228-A136-FFD5B09A04C8}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-10-14 10:23:09 | 000,054,544 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009-09-21 21:58:33 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-09-11 17:13:51 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\M.Bouwens\Desktop\OTL.com
[2012-09-11 16:54:55 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Roaming\Malwarebytes
[2012-09-11 16:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-09-11 16:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-09-11 16:54:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-09-11 16:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-09-11 16:44:10 | 000,000,000 | ---D | C] -- C:\TDSSStarter
[2012-09-11 16:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012-09-11 14:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-09-11 14:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2012-09-11 14:37:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012-09-11 14:37:39 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Local\Conduit
[2012-09-11 14:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2012-09-11 14:35:25 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\.swt
[2012-09-11 14:35:22 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Roaming\Azureus
[2012-09-09 21:15:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012-09-08 13:51:06 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Local\adawarebp
[2012-09-08 13:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-09-06 09:32:49 | 000,058,424 | ---- | C] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fsccsys.sys
[2012-09-02 21:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-09-02 21:08:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012-08-31 13:59:30 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\.thumbnails
[2012-08-30 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Local\webkit
[2012-08-26 12:18:46 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\Autodesk
[2012-08-26 12:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Softimage
[2012-08-26 12:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2012-08-19 12:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012-08-19 12:16:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012-08-19 12:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-09-11 17:21:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3766735717-3127052058-815072437-1003UA.job
[2012-09-11 17:16:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-09-11 17:15:33 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-11 17:15:33 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-11 17:13:01 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\M.Bouwens\Desktop\OTL.com
[2012-09-11 17:08:20 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-09-11 17:07:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-11 17:07:46 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-11 16:54:43 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-09-11 16:35:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-09-11 14:42:20 | 000,002,093 | ---- | M] () -- C:\Users\M.Bouwens\Desktop\HijackThis.lnk
[2012-09-11 14:37:33 | 000,001,848 | ---- | M] () -- C:\Users\M.Bouwens\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2012-09-11 14:37:32 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2012-09-09 21:16:45 | 000,001,190 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012-09-09 11:21:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3766735717-3127052058-815072437-1003Core.job
[2012-09-08 13:42:49 | 000,000,992 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-09-08 13:29:17 | 000,002,044 | ---- | M] () -- C:\Users\M.Bouwens\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-09-07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-09-05 15:17:14 | 000,016,999 | ---- | M] () -- C:\Users\M.Bouwens\AppData\Local\recently-used.xbel
[2012-09-02 21:08:34 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012-09-02 07:39:34 | 000,002,110 | ---- | M] () -- C:\Users\M.Bouwens\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012-08-26 12:18:32 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Softimage_Mod_Tool_7.5.lnk
[2012-08-15 17:39:10 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-08-15 17:36:49 | 000,056,016 | ---- | M] () -- C:\Windows\SysNative\drivers\fsbts.sys
[2012-08-15 13:54:55 | 000,336,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-08-15 12:09:06 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-09-11 16:54:43 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-09-11 14:42:20 | 000,002,093 | ---- | C] () -- C:\Users\M.Bouwens\Desktop\HijackThis.lnk
[2012-09-09 21:16:45 | 000,001,190 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012-09-05 15:17:14 | 000,016,999 | ---- | C] () -- C:\Users\M.Bouwens\AppData\Local\recently-used.xbel
[2012-08-26 12:17:06 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Softimage_Mod_Tool_7.5.lnk
[2012-08-26 12:13:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\XSIChooser.exe
[2012-08-15 12:09:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\HRUPPROG.DIE.NOW
[2012-07-17 22:46:49 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-17 22:46:46 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-17 22:46:45 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-07-05 11:06:33 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012-07-05 11:06:00 | 000,019,505 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2012-04-30 13:34:30 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2012-04-08 07:19:30 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012-04-06 03:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-04-06 03:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-03-09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-27 17:44:54 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012-02-21 18:05:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-12-03 21:29:32 | 001,705,740 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-10-25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-08-19 11:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011-08-19 11:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011-08-19 11:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011-02-06 12:22:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-02-05 21:49:32 | 000,000,017 | ---- | C] () -- C:\Users\M.Bouwens\AppData\Local\resmon.resmoncfg

========== LOP Check ==========

[2012-06-09 18:01:14 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Epson
[2011-06-28 17:54:32 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\.minecraft
[2012-09-11 14:36:56 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\Azureus
[2012-02-14 08:44:32 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\Babylon
[2011-02-05 22:24:03 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\DisplayTune
[2011-10-28 18:36:42 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\Epson
[2012-09-05 15:55:52 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\FileZilla
[2011-03-31 11:38:06 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\IrfanView
[2011-03-21 12:38:27 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\Leadertech
[2011-02-06 10:50:18 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\OpenOffice.org
[2011-02-05 20:19:02 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\Thunderbird
[2011-03-13 14:07:53 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\Uniblue
[2011-11-08 16:51:04 | 000,000,000 | ---D | M] -- C:\Users\M.Bouwens\AppData\Roaming\wargaming.net
[2011-02-05 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\Marieke\AppData\Roaming\DisplayTune
[2011-11-27 10:06:25 | 000,000,000 | ---D | M] -- C:\Users\Marieke\AppData\Roaming\Epson
[2011-02-06 10:57:05 | 000,000,000 | ---D | M] -- C:\Users\Marieke\AppData\Roaming\OpenOffice.org
[2011-10-20 12:53:43 | 000,000,000 | ---D | M] -- C:\Users\Marieke\AppData\Roaming\Origin
[2011-02-06 12:45:07 | 000,000,000 | ---D | M] -- C:\Users\Marieke\AppData\Roaming\Thunderbird
[2012-09-09 18:45:15 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\.minecraft
[2012-07-26 14:45:01 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\.techniclauncher
[2012-09-10 07:55:27 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\Ad-Aware Antivirus
[2012-05-05 16:03:52 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\Atari
[2012-02-01 20:18:11 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\Bioshock
[2012-09-11 16:57:24 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\cnbzoj
[2011-10-30 10:26:30 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\Epson
[2012-02-29 16:26:35 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\Firefly Studios
[2011-06-05 16:01:22 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\IrfanView
[2011-11-20 17:29:58 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\mc1.8mods
[2011-11-04 17:11:24 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\minecraftfout
[2012-01-15 14:41:43 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\NationRed
[2011-02-06 11:00:22 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\OpenOffice.org
[2012-02-29 18:00:40 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\RotMG.Production
[2012-06-27 12:21:12 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\SPORE
[2011-03-18 20:15:16 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\Thunderbird
[2011-06-23 17:38:52 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\wfkkcai
[2011-06-27 11:48:07 | 000,000,000 | ---D | M] -- C:\Users\Martijn\AppData\Roaming\wtrxg
[2011-04-28 15:52:08 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\.minecraft
[2012-04-30 13:12:45 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\Atari
[2012-06-01 14:26:09 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\Azureus
[2011-10-29 11:48:28 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\Epson
[2011-10-22 15:31:30 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\IrfanView
[2011-02-06 11:02:07 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\OpenOffice.org
[2012-03-01 18:04:01 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\RotMG.Production
[2012-06-28 17:00:15 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\SPORE
[2011-03-04 09:17:55 | 000,000,000 | ---D | M] -- C:\Users\Willemijn\AppData\Roaming\Thunderbird
[2011-03-09 17:16:43 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\BearShareNAG.job
[2012-07-16 07:30:37 | 000,032,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Heb ik hiermee voldoende informatie gegeven? Succes en alvast bedankt voor je inspanningen!! Vriendelijke groet


Omhoog
 Profiel  
 
BerichtGeplaatst: wo sep 12, 2012 3:18 pm 
Offline
Lid

Geregistreerd: di sep 11, 2012 5:41 pm
Berichten: 5
Besturingssysteem: Windows 7
Bescherming: F-Secure
een log die er niet inpaste:
16:44:14.0174 5708 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:44:14.0175 5708 ============================================================
16:44:14.0175 5708 Current date / time: 2012/09/11 16:44:14.0175
16:44:14.0175 5708 SystemInfo:
16:44:14.0175 5708
16:44:14.0175 5708 OS Version: 6.1.7601 ServicePack: 1.0
16:44:14.0175 5708 Product type: Workstation
16:44:14.0175 5708 ComputerName: GAMESDESIGNPC
16:44:14.0175 5708 UserName: M.Bouwens
16:44:14.0175 5708 Windows directory: C:\Windows
16:44:14.0175 5708 System windows directory: C:\Windows
16:44:14.0175 5708 Running under WOW64
16:44:14.0175 5708 Processor architecture: Intel x64
16:44:14.0175 5708 Number of processors: 4
16:44:14.0175 5708 Page size: 0x1000
16:44:14.0175 5708 Boot type: Normal boot
16:44:14.0175 5708 ============================================================
16:44:28.0925 5708 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:44:28.0963 5708 ============================================================
16:44:28.0963 5708 \Device\Harddisk0\DR0:
16:44:28.0981 5708 MBR partitions:
16:44:28.0981 5708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:44:28.0981 5708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800
16:44:28.0981 5708 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x5C066000
16:44:28.0981 5708 ============================================================
16:44:29.0244 5708 C: <-> \Device\Harddisk0\DR0\Partition2
16:44:29.0713 5708 D: <-> \Device\Harddisk0\DR0\Partition3
16:44:29.0714 5708 ============================================================
16:44:29.0714 5708 Initialize success
16:44:29.0714 5708 ============================================================
16:44:32.0085 6036 ============================================================
16:44:32.0085 6036 Scan started
16:44:32.0085 6036 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
16:44:32.0085 6036 ============================================================
16:44:43.0431 6036 ================ Scan system memory ========================
16:44:43.0432 6036 ================ Scan services =============================
16:44:46.0507 6036 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:44:49.0011 6036 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
16:44:49.0686 6036 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:44:50.0210 6036 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:44:54.0215 6036 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:44:54.0699 6036 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:44:55.0111 6036 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:44:55.0428 6036 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:44:55.0713 6036 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:44:59.0974 6036 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:45:00.0469 6036 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:45:00.0694 6036 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:45:01.0043 6036 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:45:01.0212 6036 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:45:01.0960 6036 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:45:02.0329 6036 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
16:45:02.0618 6036 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:45:03.0952 6036 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:45:05.0882 6036 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:45:11.0239 6036 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:45:11.0440 6036 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:45:11.0722 6036 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:45:11.0949 6036 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:45:12.0188 6036 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:45:12.0410 6036 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:45:12.0690 6036 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:45:12.0977 6036 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:45:13.0269 6036 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:45:13.0495 6036 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:45:13.0770 6036 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:45:13.0920 6036 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:45:14.0393 6036 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:45:14.0556 6036 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:45:14.0782 6036 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:45:14.0986 6036 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:45:15.0105 6036 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
16:45:15.0582 6036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:45:15.0978 6036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:45:16.0274 6036 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:45:16.0710 6036 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:45:19.0555 6036 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:45:19.0778 6036 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:45:19.0912 6036 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:45:20.0233 6036 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:45:20.0749 6036 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:45:21.0136 6036 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:45:21.0426 6036 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:45:21.0709 6036 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:45:21.0899 6036 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:45:22.0148 6036 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:45:22.0247 6036 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:45:22.0438 6036 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:45:22.0672 6036 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:45:22.0801 6036 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:45:22.0905 6036 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:45:23.0042 6036 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:45:23.0186 6036 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:45:23.0346 6036 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:45:23.0717 6036 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:45:23.0931 6036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:45:24.0144 6036 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:45:24.0369 6036 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:45:24.0685 6036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:45:24.0922 6036 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:45:25.0222 6036 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:45:25.0334 6036 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:45:27.0012 6036 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:45:27.0139 6036 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:45:27.0267 6036 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:45:27.0497 6036 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:45:27.0628 6036 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:45:27.0771 6036 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:45:27.0947 6036 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:45:28.0136 6036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:45:28.0486 6036 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:45:28.0722 6036 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:45:28.0929 6036 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:45:29.0157 6036 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:45:29.0308 6036 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:45:29.0395 6036 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:45:29.0588 6036 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:45:29.0835 6036 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:45:30.0076 6036 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:45:30.0286 6036 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:45:30.0536 6036 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:45:30.0964 6036 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:45:31.0473 6036 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:45:31.0691 6036 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:45:31.0954 6036 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:45:32.0154 6036 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:45:32.0353 6036 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
16:45:32.0473 6036 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
16:45:32.0473 6036 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
16:45:32.0616 6036 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50STB.EXE
16:45:32.0797 6036 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50RPB.EXE
16:45:32.0945 6036 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:45:33.0099 6036 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:45:33.0403 6036 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:45:34.0588 6036 [ 57D4AEE885E105164FD0F2494D385527 ] F-Secure Gatekeeper C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
16:45:34.0841 6036 [ 1D973683C7745E0E6C017B10260F1E0E ] F-Secure HIPS C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys
16:45:34.0953 6036 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:45:35.0218 6036 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:45:35.0586 6036 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:45:35.0802 6036 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:45:35.0979 6036 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:45:36.0097 6036 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:45:36.0182 6036 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:45:36.0355 6036 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:45:36.0501 6036 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:45:36.0704 6036 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:45:37.0003 6036 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:45:37.0144 6036 [ F59F2C574AA5D84477EB89F87C938F16 ] fsbts C:\Windows\system32\Drivers\fsbts.sys
16:45:37.0276 6036 [ C3F7E66C994B9BCD4292C4858270CB4F ] fsccsys1346916769 C:\Windows\System32\drivers\fsccsys.sys
16:45:37.0440 6036 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:45:37.0613 6036 [ D5B93369D05FEE822B0B07FB7841D9D4 ] FSDFWD C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\Program\fsdfwd.exe
16:45:37.0888 6036 [ 3C00A1E37C035EBB8A879CB844750F9C ] FSES C:\Windows\system32\drivers\fses.sys
16:45:38.0022 6036 [ 20D9FC3EC20096EC6D6202CA97D35946 ] FSFW C:\Windows\system32\drivers\fsdfw.sys
16:45:38.0247 6036 [ 17BE4BAEC3D4FE887BC5F446FEF4FD97 ] fshoster C:\Program Files (x86)\F-Secure\fshoster32.exe
16:45:38.0439 6036 [ C2251C602EDFC49E71D13D660AB7F625 ] FSMA C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
16:45:38.0623 6036 [ B50C3AD8A850FA494D87AF943C011F2F ] FSORSPClient C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
16:45:38.0766 6036 [ 19F4DB34EE317657FB23235DC673F694 ] fsvista C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
16:45:38.0875 6036 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:45:38.0994 6036 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:45:39.0134 6036 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:45:39.0272 6036 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:45:39.0427 6036 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:45:39.0837 6036 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:40.0099 6036 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:45:40.0268 6036 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:45:40.0464 6036 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:45:40.0782 6036 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:45:41.0084 6036 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:45:41.0267 6036 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:45:41.0471 6036 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:45:41.0552 6036 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:45:41.0649 6036 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:45:41.0715 6036 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:45:41.0883 6036 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:45:42.0103 6036 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:45:42.0299 6036 [ CE44DF269892C152E9FA68CA4DAD8671 ] HiPatchService D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
16:45:42.0455 6036 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
16:45:42.0455 6036 HiPatchService - detected UnsignedFile.Multi.Generic (1)
16:45:42.0482 6036 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:45:42.0640 6036 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:45:42.0812 6036 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:45:42.0980 6036 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:45:43.0181 6036 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:45:43.0512 6036 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:45:43.0648 6036 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:45:43.0831 6036 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:45:44.0043 6036 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:45:44.0143 6036 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:45:44.0143 6036 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:45:44.0270 6036 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:45:44.0489 6036 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:45:44.0551 6036 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:45:44.0750 6036 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:45:44.0874 6036 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:45:44.0969 6036 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:45:45.0098 6036 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:45:45.0197 6036 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:45:45.0393 6036 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:45:45.0528 6036 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:45:45.0693 6036 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:45:45.0858 6036 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:45:45.0939 6036 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:45:45.0996 6036 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:45:46.0077 6036 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:45:46.0138 6036 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:45:46.0215 6036 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:45:46.0272 6036 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:45:46.0346 6036 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:45:46.0521 6036 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:45:46.0622 6036 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:45:46.0860 6036 [ 5746399C73B372F0C8E9D3A0CC3B2D8F ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
16:45:46.0929 6036 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:45:47.0058 6036 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:45:47.0127 6036 [ 97CAAA9FD47AF67E590552C34CE2D9B1 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:45:47.0175 6036 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:45:47.0262 6036 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:45:47.0401 6036 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:45:47.0500 6036 [ 1A3C49B3EDBA8F8FAF49AD5679813321 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:45:47.0561 6036 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:45:47.0599 6036 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:45:47.0644 6036 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:45:47.0684 6036 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:45:47.0736 6036 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:45:47.0849 6036 [ D67F18191C0CED7212D771190F032158 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:45:47.0909 6036 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:45:47.0951 6036 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:45:48.0037 6036 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
16:45:48.0645 6036 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
16:45:49.0192 6036 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:45:49.0265 6036 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:45:49.0313 6036 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:45:49.0410 6036 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:45:49.0477 6036 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:45:49.0555 6036 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:45:49.0639 6036 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:45:49.0703 6036 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:45:49.0807 6036 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:45:49.0917 6036 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:45:50.0031 6036 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:45:50.0156 6036 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:45:50.0308 6036 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:45:50.0595 6036 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:45:50.0705 6036 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:45:50.0840 6036 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:45:51.0039 6036 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:45:51.0157 6036 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:45:51.0218 6036 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:45:51.0254 6036 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:45:51.0301 6036 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:45:51.0383 6036 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:45:51.0490 6036 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:45:51.0564 6036 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:45:51.0695 6036 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:45:51.0801 6036 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:45:51.0857 6036 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:45:51.0956 6036 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:45:52.0113 6036 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:45:52.0198 6036 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:45:52.0285 6036 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:45:52.0357 6036 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:45:52.0422 6036 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:45:52.0604 6036 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:45:53.0032 6036 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:45:53.0262 6036 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:45:53.0431 6036 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:45:53.0525 6036 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:45:53.0648 6036 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:45:53.0809 6036 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:45:53.0941 6036 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:45:54.0223 6036 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:45:54.0340 6036 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:45:54.0390 6036 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:45:54.0586 6036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:54.0649 6036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:54.0684 6036 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:45:54.0835 6036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:54.0873 6036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:45:54.0927 6036 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:45:55.0004 6036 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:45:55.0159 6036 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:45:55.0242 6036 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:45:55.0340 6036 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:45:55.0466 6036 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:45:55.0719 6036 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:45:55.0884 6036 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:45:56.0017 6036 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:45:56.0119 6036 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:45:56.0289 6036 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:45:56.0594 6036 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:45:56.0689 6036 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:45:56.0761 6036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:45:56.0873 6036 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:45:56.0978 6036 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:45:57.0120 6036 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:45:57.0243 6036 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:45:57.0336 6036 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:45:57.0406 6036 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:45:57.0486 6036 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:45:57.0625 6036 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:45:57.0677 6036 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:45:58.0723 6036 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:45:58.0883 6036 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:45:59.0139 6036 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:45:59.0385 6036 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:45:59.0531 6036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:45:59.0722 6036 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:46:00.0009 6036 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:46:00.0241 6036 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:46:00.0350 6036 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:46:00.0423 6036 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:46:00.0491 6036 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:46:00.0579 6036 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:46:00.0827 6036 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:46:01.0068 6036 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:46:01.0193 6036 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:46:01.0264 6036 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:46:01.0342 6036 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:46:01.0446 6036 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:01.0505 6036 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:46:01.0637 6036 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:01.0749 6036 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:46:01.0889 6036 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:02.0019 6036 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:46:02.0141 6036 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:46:02.0269 6036 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:46:02.0387 6036 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:02.0475 6036 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:46:02.0523 6036 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:46:02.0588 6036 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:46:02.0721 6036 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:46:02.0784 6036 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:46:02.0879 6036 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:46:03.0019 6036 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
16:46:03.0070 6036 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
16:46:03.0128 6036 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:46:03.0205 6036 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:46:03.0305 6036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:46:03.0564 6036 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:46:03.0712 6036 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:46:03.0740 6036 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:46:03.0784 6036 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:46:03.0896 6036 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:46:04.0003 6036 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:46:04.0310 6036 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:46:04.0782 6036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:46:04.0866 6036 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:46:04.0935 6036 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:46:05.0017 6036 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:46:05.0188 6036 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:46:05.0307 6036 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:46:05.0401 6036 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:46:05.0467 6036 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:46:05.0588 6036 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:46:05.0799 6036 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:46:05.0885 6036 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:46:05.0935 6036 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:46:05.0989 6036 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:46:06.0075 6036 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:46:06.0145 6036 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:46:06.0267 6036 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:46:06.0396 6036 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:46:06.0492 6036 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:46:07.0164 6036 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:46:07.0648 6036 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:46:07.0820 6036 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:46:07.0909 6036 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:46:07.0997 6036 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:46:08.0206 6036 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:46:08.0620 6036 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:46:08.0929 6036 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:46:09.0092 6036 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:46:09.0338 6036 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:46:09.0451 6036 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:46:09.0580 6036 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:46:09.0666 6036 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:46:09.0836 6036 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:46:10.0015 6036 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:46:10.0162 6036 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:46:10.0325 6036 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:46:10.0747 6036 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:46:11.0029 6036 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:46:11.0107 6036 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:46:11.0248 6036 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:46:11.0628 6036 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:46:11.0998 6036 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:46:12.0311 6036 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:46:12.0440 6036 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:46:12.0497 6036 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:46:12.0608 6036 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:46:12.0744 6036 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:46:12.0920 6036 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:46:13.0141 6036 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:46:13.0251 6036 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:46:13.0413 6036 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:46:13.0650 6036 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:46:13.0784 6036 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:13.0870 6036 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:46:14.0006 6036 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:46:14.0129 6036 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:46:14.0274 6036 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:46:14.0421 6036 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:46:14.0471 6036 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:46:14.0534 6036 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:46:14.0652 6036 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:46:14.0832 6036 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:46:15.0027 6036 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:46:15.0144 6036 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:46:15.0206 6036 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
16:46:15.0206 6036 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
16:46:15.0247 6036 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:46:15.0354 6036 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:15.0463 6036 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:46:15.0525 6036 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:46:15.0603 6036 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:46:15.0779 6036 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:46:15.0871 6036 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:46:15.0946 6036 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:46:16.0087 6036 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:16.0203 6036 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:46:16.0403 6036 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:46:16.0576 6036 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:46:16.0757 6036 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:46:16.0819 6036 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:46:16.0886 6036 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:46:17.0105 6036 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:17.0164 6036 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:46:17.0233 6036 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:46:17.0289 6036 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:46:17.0378 6036 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:46:17.0531 6036 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:46:17.0646 6036 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:46:17.0731 6036 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:46:18.0078 6036 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:46:18.0368 6036 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:46:18.0536 6036 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:46:18.0716 6036 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:46:18.0855 6036 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:46:18.0950 6036 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:46:19.0226 6036 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:46:19.0702 6036 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:46:19.0915 6036 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:46:20.0006 6036 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:46:20.0194 6036 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:46:20.0338 6036 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:46:20.0538 6036 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:46:20.0721 6036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:46:20.0831 6036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:46:20.0971 6036 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:46:21.0097 6036 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:46:21.0217 6036 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:46:21.0314 6036 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:46:21.0393 6036 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:21.0485 6036 [ 297B242A1A75BAF5BB24530B3C31EC5A ] whfltr2k C:\Windows\system32\DRIVERS\whfltr2k.sys
16:46:21.0607 6036 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:46:21.0705 6036 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:46:21.0938 6036 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:46:22.0225 6036 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:22.0391 6036 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:46:22.0976 6036 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:46:23.0322 6036 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:46:23.0643 6036 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:46:23.0797 6036 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:46:23.0920 6036 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:46:24.0018 6036 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:46:24.0111 6036 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:46:24.0217 6036 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:46:24.0344 6036 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
16:46:24.0459 6036 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:46:24.0633 6036 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:46:24.0727 6036 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:24.0824 6036 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:46:24.0891 6036 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:46:24.0971 6036 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:46:25.0076 6036 ================ Scan global ===============================
16:46:25.0119 6036 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:46:25.0150 6036 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:46:25.0168 6036 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
16:46:25.0195 6036 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:46:25.0211 6036 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:46:25.0216 6036 ================ Scan MBR ==================================
16:46:25.0220 6036 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:46:27.0766 6036 ================ Scan VBR ==================================
16:46:27.0809 6036 [ 145D7B7BB8A736A683A4CB3C6ABDB609 ] \Device\Harddisk0\DR0\Partition1
16:46:27.0949 6036 [ 18F2130EB0E5446E81441A93E91E8E8C ] \Device\Harddisk0\DR0\Partition2
16:46:28.0065 6036 [ 6548BBEDFEDE1069596A2C90D6D34281 ] \Device\Harddisk0\DR0\Partition3
16:46:28.0184 6036 ================ Scan UEFI extensions ======================
16:46:28.0184 6036 ================ Scan active images ========================
16:46:28.0184 6036 ============================================================
16:46:28.0184 6036 Scan finished
16:46:28.0184 6036 ============================================================
16:46:28.0995 4248 Deinitialize success
.
==============================================
System Restore Point Check:
.
TDSSKiller Starter Restore Point Created Succesfully
==============================================
Registry Export
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
==============================================
EOF


Groet!


Omhoog
 Profiel  
 
BerichtGeplaatst: wo sep 12, 2012 6:18 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33463
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro
Download OTL naar je Bureaublad
  • Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
  • Zet een vinkje bij Scan All Users.
  • Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
    • Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
BerichtGeplaatst: wo sep 12, 2012 7:48 pm 
Offline
Lid

Geregistreerd: di sep 11, 2012 5:41 pm
Berichten: 5
Besturingssysteem: Windows 7
Bescherming: F-Secure
Beste Helper,

Ik krijg geen extras-file meer? Kan dat komen omdat ik bijvoorbeeld programma's als steam voor online spellen via Taakbeheer heb afgesloten?
Als je wat hebt aan die van gisteren, doe ik die in een volgend bericht. Hij stond eronder, maar toen was het bericht te lang.

Nogmaals: ik ben heel blij dat ik geholpen word. Misschien bestaat er ook een instructie om dit soort problemen in de toekomst te voorkomen?

OTL logfile created on: 12-9-2012 19:24:03 - Run 4
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\M.Bouwens\Desktop\Problemen oplossen
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

4,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 58,54% Memory free
8,00 Gb Paging File | 5,82 Gb Available in Paging File | 72,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 56,07 Gb Free Space | 28,72% Space Free | Partition Type: NTFS
Drive D: | 736,20 Gb Total Space | 556,50 Gb Free Space | 75,59% Space Free | Partition Type: NTFS

Computer Name: GAMESDESIGNPC | User Name: M.Bouwens | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (SafeList) ==========

PRC - [2012-09-11 17:13:01 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\M.Bouwens\Desktop\Problemen oplossen\OTL.com
PRC - [2012-09-07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-09-07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-09-07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-07-17 22:50:37 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-07-05 11:09:13 | 001,027,792 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2012-07-05 11:09:13 | 000,560,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2012-06-21 13:29:36 | 000,163,536 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\fshoster32.exe
PRC - [2012-03-15 18:00:44 | 000,213,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012-03-15 15:55:34 | 000,062,160 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
PRC - [2011-08-19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2006-12-19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2012-08-06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012-07-28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009-09-14 07:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009-09-14 07:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-09-12 18:50:50 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-09-08 13:10:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-09-07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-08-30 12:35:18 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-08-29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-08-14 22:55:58 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012-08-13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-17 22:50:37 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-21 13:29:36 | 000,163,536 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2012-03-15 18:00:44 | 000,213,672 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012-03-15 18:00:38 | 000,914,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FWES\program\fsdfwd.exe -- (FSDFWD)
SRV - [2012-03-15 15:55:34 | 000,062,160 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011-08-19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-05-14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2006-12-19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-09-07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012-08-15 17:36:49 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2012-08-10 14:02:00 | 000,058,424 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fsccsys.sys -- (fsccsys1346916769)
DRV:64bit: - [2012-07-28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012-07-28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012-05-14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012-03-15 18:00:38 | 000,095,112 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fsdfw.sys -- (FSFW)
DRV:64bit: - [2012-03-15 18:00:38 | 000,046,024 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fses.sys -- (FSES)
DRV:64bit: - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012-03-05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-08-19 11:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011-08-19 11:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-05-07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010-05-07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010-01-28 16:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009-08-13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009-07-14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009-07-14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009-01-09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2007-04-11 16:35:46 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2007-04-11 16:35:30 | 000,056,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007-04-11 16:35:22 | 000,053,520 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007-04-11 16:34:58 | 000,035,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2007-01-26 17:04:36 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k)
DRV - [2012-07-05 11:09:46 | 000,199,888 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2012-07-05 11:09:13 | 000,062,032 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2012-07-05 11:06:33 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2012-03-15 18:00:28 | 000,015,016 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... fba642e91b
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 56 18 88 CE 32 2F CC 01 [binary data]
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=bca6ae2400000000000090fba642e91b
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{2A4DCCA4-3040-4E41-8228-143CF790F760}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_nlNL418
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_Prot"
FF - prefs.js..extensions.enabledAddons: {A001AE6F-2978-4C71-95D5-79F3E08898C2}:6.23
FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.2.2
FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
FF - prefs.js..extensions.enabledAddons: {ba14329e-9550-4989-b3f2-9732e92d17cc}:10.10.27.6
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&affID=101241&mntrId=bca6ae2400000000000090fba642e91b&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.nl/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-05-25 19:34:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-05-25 19:34:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\litmus-ff@f-secure.com\ [2012-09-06 09:32:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-09-11 16:37:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-09-08 13:10:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-08-06 08:18:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012-08-15 17:39:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-09-11 16:37:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-09-08 13:10:42 | 000,000,000 | ---D | M]

[2011-02-05 20:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Extensions
[2011-02-05 20:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-09-11 16:36:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions
[2012-09-11 14:40:58 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011-09-07 07:21:27 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012-03-07 18:12:45 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com
[2012-09-08 13:50:40 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012-09-01 17:47:32 | 001,625,368 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\firebug@software.joehewitt.com.xpi
[2011-07-03 17:12:56 | 000,031,155 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\{A001AE6F-2978-4C71-95D5-79F3E08898C2}.xpi
[2012-09-05 15:56:13 | 001,268,546 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\01e5db4d4b4e067ef2417404c7741115_expire
[2012-08-30 11:40:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2012-07-01 10:54:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\21d2bb231d3c04f5b6434220b2b1cb9e_expire
[2012-08-12 18:15:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\234f49c8fe7e33af5dceeaad5c34535a_expire
[2012-09-12 13:59:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2012-08-12 16:58:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2e74403c227112bec523796d5a77d77e_expire
[2012-08-12 18:15:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\33333495813ef00227cafb4ac9f79647_expire
[2012-08-19 20:14:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\38c81c572ae8cdf0daccb2d724501760_expire
[2012-07-07 06:37:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\409dc4ca65bcc01439d855c7dd3360ea_expire
[2012-08-29 08:29:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire
[2012-09-07 17:39:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2012-09-01 17:43:32 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\51648deb16dc2ab21274a098e9784677_expire
[2012-09-12 18:52:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5a045276b203490f3399872b324a22b8_expire
[2012-09-05 11:23:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire
[2012-09-12 13:59:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\656bf02a99a3ba2fbf237f6152b7f3de_expire
[2012-07-01 10:54:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\680670b86f0b67567a12d8162b67b978_expire
[2012-09-08 16:12:13 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\7f7fb214217f3a4fd9085138d58a2c10_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\83ed2d62b3629381be4ff461166e8480_expire
[2012-09-12 13:59:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\924d47e6f7775d82becea30059272aae_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9427ec76680fe9fd7bce2c039b763ad3_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\9dc8414e1b352cbe0663cc5f2b2490fb_expire
[2012-09-12 13:59:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\aaff3303cdd7526dcb9cd1bc7f49fa7a_expire
[2012-09-12 18:52:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\aeee69848edcb080584c8630e879efda_expire
[2012-08-19 20:14:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b_expire
[2012-09-12 13:59:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cc635a6b9f0f6cd38afb553c8282d650_expire
[2012-09-12 18:52:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d31fee2103d18244b731b1623650ec2e_expire
[2012-08-29 08:29:32 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire
[2012-09-12 13:59:39 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e02b35320e5111f1b626466c13c70a0a_expire
[2012-05-21 08:20:33 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e254d853f7703ee609adb09d0f102cd9_expire
[2012-08-26 14:29:35 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e7215b147326809c45f6cf0952274624_expire
[2012-09-12 13:59:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e797b807b4545245d85048f0398296a9_expire
[2012-09-12 13:59:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2012-05-29 07:58:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ed0c923c82a39debf5c71d22f5ef3dc7_expire
[2012-09-05 11:23:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ed531ec1571712303d105d497dac8280_expire
[2012-09-12 13:59:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2012-09-12 18:52:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f254e56f8c066ef3bf0783e046dc7ecd_expire
[2012-09-07 17:39:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2012-07-07 06:37:59 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fd2c7cc8d016692e3593f7d629441035_expire
[2012-09-07 17:39:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
[2011-09-07 07:21:21 | 000,003,915 | ---- | M] () -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\searchplugins\sweetim.xml
[2012-09-08 13:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012-09-11 16:37:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-09-08 13:10:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-04-14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012-03-07 18:13:07 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012-08-30 13:01:28 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-05-10 08:09:23 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012-05-10 08:09:23 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012-05-10 08:09:23 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========

CHR - default_search_provider: SweetIM Search (Enabled)
CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={35CC411C-D911-11E0-829E-90FBA642E91B}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://home.sweetim.com/?barid={35CC411C-D911-11E0-829E-90FBA642E91B}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: (Enabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: YouTube = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Zoeken = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Google Zoeken = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: SiteAdvisor = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
CHR - Extension: SiteAdvisor = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\
CHR - Extension: DivX HiQ = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Skype Toolbars = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
CHR - Extension: Gmail = C:\Users\M.Bouwens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-09-08 13:42:49 | 000,000,992 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 ad.doubleclick.net
O1 - Hosts: 127.0.0.1 ad.doubleclick.be
O1 - Hosts: 127.0.0.1 ad.doubleclick.com
O1 - Hosts: 127.0.0.1 ad.doubleclick.de
O1 - Hosts: 127.0.0.1 ad.doubleclick.nl
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\BPP\iescript\BaseLitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [F-Secure Hoster (54599)] C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [HP Update 3400C] C:\sj652\hpupdate.exe 3400C File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Advanced Wheel Mouse\wh_exec.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Marieke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Willemijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/NL/Core/ ... _Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/Messenger ... E_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{674A0CD4-2478-4228-A136-FFD5B09A04C8}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 14 Days ==========

[2012-09-12 17:38:40 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\Desktop\Problemen oplossen
[2012-09-11 16:54:55 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Roaming\Malwarebytes
[2012-09-11 16:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-09-11 16:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-09-11 16:54:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-09-11 16:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-09-11 16:44:10 | 000,000,000 | ---D | C] -- C:\TDSSStarter
[2012-09-11 16:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012-09-11 14:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012-09-11 14:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2012-09-11 14:37:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012-09-11 14:37:39 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Local\Conduit
[2012-09-11 14:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2012-09-11 14:35:25 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\.swt
[2012-09-11 14:35:22 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Roaming\Azureus
[2012-09-09 21:15:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012-09-08 13:51:06 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Local\adawarebp
[2012-09-08 13:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-09-06 09:32:49 | 000,058,424 | ---- | C] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fsccsys.sys
[2012-09-02 21:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-09-02 21:08:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012-08-31 13:59:30 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\.thumbnails
[2012-08-30 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Local\webkit
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2012-09-12 19:21:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3766735717-3127052058-815072437-1003UA.job
[2012-09-12 19:16:11 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-09-12 18:35:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-09-12 17:39:42 | 000,002,110 | ---- | M] () -- C:\Users\M.Bouwens\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012-09-12 16:03:09 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-09-12 13:39:40 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-09-12 13:39:40 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-09-12 13:32:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-09-12 13:32:08 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2012-09-11 14:37:33 | 000,001,848 | ---- | M] () -- C:\Users\M.Bouwens\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2012-09-11 14:37:32 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2012-09-09 21:16:45 | 000,001,190 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012-09-09 11:21:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3766735717-3127052058-815072437-1003Core.job
[2012-09-08 13:42:49 | 000,000,992 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-09-08 13:29:17 | 000,002,044 | ---- | M] () -- C:\Users\M.Bouwens\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-09-07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-09-05 15:17:14 | 000,016,999 | ---- | M] () -- C:\Users\M.Bouwens\AppData\Local\recently-used.xbel
[2012-09-02 21:08:34 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012-08-30 12:35:18 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-08-30 12:35:18 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-09-09 21:16:45 | 000,001,190 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012-09-05 15:17:14 | 000,016,999 | ---- | C] () -- C:\Users\M.Bouwens\AppData\Local\recently-used.xbel
[2012-08-26 12:13:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\XSIChooser.exe
[2012-07-17 22:46:49 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-17 22:46:46 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-17 22:46:45 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012-07-05 11:06:33 | 000,042,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2012-07-05 11:06:00 | 000,019,505 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2012-04-30 13:34:30 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2012-04-08 07:19:30 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2012-04-06 03:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-04-06 03:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-03-09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-02-27 17:44:54 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012-02-21 18:05:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-12-03 21:29:32 | 001,705,740 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-10-25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011-09-28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-08-19 11:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011-08-19 11:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011-08-19 11:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011-02-06 12:22:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-02-05 21:49:32 | 000,000,017 | ---- | C] () -- C:\Users\M.Bouwens\AppData\Local\resmon.resmoncfg

< End of report >

Groet!


Omhoog
 Profiel  
 
BerichtGeplaatst: do sep 13, 2012 1:08 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33463
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro
Start OTL
  • Plak het volgende onder Custom Scans/Fixes

    Citaat:
    :OTL
    IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... fba642e91b
    IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=bca6ae2400000000000090fba642e91b
    IE - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\SearchScopes\{2A4DCCA4-3040-4E41-8228-143CF790F760}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_Prot"

    FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&affID=101241&mntrId=bca6ae2400000000000090fba642e91b&q="
    [2011-09-07 07:21:27 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
    [2011-09-07 07:21:21 | 000,003,915 | ---- | M] () -- C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\searchplugins\sweetim.xml

    [2012-03-07 18:13:07 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    CHR - default_search_provider: SweetIM Search (Enabled)
    CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={35CC411C-D911-11E0-829E-90FBA642E91B}
    CHR - homepage: http://home.sweetim.com/?barid={35CC411C-D911-11E0-829E-90FBA642E91B}
    O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKU\S-1-5-21-3766735717-3127052058-815072437-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)

    O4 - HKLM..\Run: [HP Update 3400C] C:\sj652\hpupdate.exe 3400C File not found
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O8:64bit: - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
    O8 - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found

    [2012-09-11 14:37:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2012-09-11 14:37:39 | 000,000,000 | ---D | C] -- C:\Users\M.Bouwens\AppData\Local\Conduit

    :Services

    :Reg

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Klik daarna bovenaan op de knop Run Fix
  • Laat het programma ongestoord zijn werk doen. De pc zal na afloop opnieuw opgestart worden.

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
BerichtGeplaatst: do sep 13, 2012 3:58 pm 
Offline
Lid

Geregistreerd: di sep 11, 2012 5:41 pm
Berichten: 5
Besturingssysteem: Windows 7
Bescherming: F-Secure
Beste probleemoplosser,

Ik heb OTL het script hierboven laten uitvoeren en twee keer laten rebooten. Het venster toonde het volgende verslag:

All processes killed
========== OTL ==========
HKU\S-1-5-21-3766735717-3127052058-815072437-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll moved successfully.
HKEY_USERS\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2A4DCCA4-3040-4E41-8228-143CF790F760}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A4DCCA4-3040-4E41-8228-143CF790F760}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "http://search.babylon.com/?babsrc=HP_Prot" removed from browser.startup.homepage
Prefs.js: "http://search.babylon.com/?babsrc=adbartrp&affID=101241&mntrId=bca6ae2400000000000090fba642e91b&q=" removed from keyword.URL
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\skin folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\nl-NL folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\it-IT folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\fr-FR folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\es-ES folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\en-US folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\de-DE folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\content folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\Firefox\Profiles\u5h13b1c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\Users\M.Bouwens\AppData\Roaming\mozilla\firefox\profiles\u5h13b1c.default\searchplugins\sweetim.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_USERS\S-1-5-21-3766735717-3127052058-815072437-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
File C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Update 3400C deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Zoek op het web\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Zoek op het web\ not found.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
C:\Users\M.Bouwens\AppData\Local\Conduit\CT2504091 folder moved successfully.
C:\Users\M.Bouwens\AppData\Local\Conduit folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-configuratie
De DNS-omzettingscache is leeggemaakt.
C:\Users\M.Bouwens\Desktop\Problemen oplossen\cmd.bat deleted successfully.
C:\Users\M.Bouwens\Desktop\Problemen oplossen\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gast
->Temp folder emptied: 534764 bytes
->Temporary Internet Files folder emptied: 8589926 bytes
->Google Chrome cache emptied: 18800419 bytes
->Flash cache emptied: 615 bytes

User: M.Bouwens
->Temp folder emptied: 81383508 bytes
->Temporary Internet Files folder emptied: 93172019 bytes
->Java cache emptied: 16216 bytes
->FireFox cache emptied: 153535040 bytes
->Google Chrome cache emptied: 369097646 bytes
->Flash cache emptied: 53532 bytes

User: M2A1A~1~BOU
->Temp folder emptied: 0 bytes

User: Marieke
->Temp folder emptied: 61020902 bytes
->Temporary Internet Files folder emptied: 61821555 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 216974187 bytes
->Google Chrome cache emptied: 370980616 bytes
->Flash cache emptied: 25369 bytes

User: Martijn
->Temp folder emptied: 2314160770 bytes
->Temporary Internet Files folder emptied: 2100987497 bytes
->Java cache emptied: 240327 bytes
->FireFox cache emptied: 339761348 bytes
->Google Chrome cache emptied: 393065692 bytes
->Flash cache emptied: 90771 bytes

User: Public

User: Willemijn
->Temp folder emptied: 4343454912 bytes
->Temporary Internet Files folder emptied: 750067452 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 196900601 bytes
->Google Chrome cache emptied: 372588957 bytes
->Flash cache emptied: 117985 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 818986143 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36036730 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 12.496,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Gast
->Flash cache emptied: 0 bytes

User: M.Bouwens
->Flash cache emptied: 0 bytes

User: M2A1A~1~BOU

User: Marieke
->Flash cache emptied: 0 bytes

User: Martijn
->Flash cache emptied: 0 bytes

User: Public

User: Willemijn
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.61.3 log created on 09132012_153036

Files\Folders moved on Reboot...
C:\Users\M.Bouwens\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Zou het nu over moeten zijn? Of neem ik nog een volgende stap? Bedankt weer, met vriendelijke groet!


Omhoog
 Profiel  
 
BerichtGeplaatst: do sep 13, 2012 4:35 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33463
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro
In principe heb ik dacht ik al de slechte gevonden items verwijderd, zeg maar of het echt weg is anders zoeken we verder.

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
BerichtGeplaatst: do sep 13, 2012 9:19 pm 
Offline
Lid

Geregistreerd: di sep 11, 2012 5:41 pm
Berichten: 5
Besturingssysteem: Windows 7
Bescherming: F-Secure
Ik ga morgen uitgebreider proberen. Dank je voor je werkzaamheden!

Groet


Omhoog
 Profiel  
 
BerichtGeplaatst: wo sep 19, 2012 8:17 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33463
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro
6 dagen verder, hoe gaat het nu ?

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
Geef de vorige berichten weer:  Sorteer op  
Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 9 berichten ] 

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles


Wie is er online

Gebruikers op dit forum: Bing [Bot] en 2 gasten


Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum

Ga naar:  
Powered by phpBB® Forum Software © phpBB Group
phpBB.nl Vertaling