Het is nu vr apr 18, 2014 11:44 pm

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles




Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 20 berichten ]  Ga naar pagina 1, 2  Volgende
Auteur Bericht
 Berichttitel: trage pc
BerichtGeplaatst: zo jan 13, 2013 4:04 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
mijn pc start sinds een tijdje heel traag op. maar het vreemde is de ene keer is ie traag de andere keer niet.

hier is mijn logfile:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:00:02, on 13-1-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112555 ... 0f410655c4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Spotify] "C:\Users\Chris\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - Startup: Dropbox.lnk = Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17371 bytes


alvast bedankt,

chris keesom


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: ma jan 14, 2013 4:49 pm 
Offline
Helper

Geregistreerd: di okt 12, 2010 3:33 pm
Berichten: 1957
Besturingssysteem: XP prof.
Bescherming: Avira AntiVir
Hallo en welkom.

Wil je het logje van MBAM ook nog posten?
De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logbestanden" tab te klikken in het programma.

1) Download AdwCleaner by Xplode en sla het op je Bureaublad op.

Afbeelding

  • Sluit alle openstaande vensters.
  • Dubbelklik op "adwcleaner.exe" om de tool te starten.
    Windows 7 en Windows Vista gebruikers:
    Rechtsklik op adwcleaner.exe -> Uitvoeren als Administrator om de tool te starten.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Information op OK
  • Klik bij AdwCleaner – Restart Required op OK

Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.

2) Download DDS van sUBS van één van deze locaties en sla het op je Bureaublad op.
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.


Afbeelding

DDS is een diagnosetool en maakt gebruik van scripts.

Schakel je beveiligings software uit voordat je DDS uitvoert!
(hier of hier kan je lezen hoe je dat doet.)

Dubbelklik op DDS om de tool te starten.

Er worden nu automatisch twee log bestanden op het Bureablad opgeslagen:

* DDS.txt
* Attach.txt


Post alleen het logje DDS.txt mee in je volgende bericht.

Erkuip


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: ma jan 14, 2013 6:19 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Databaseversie: v2013.01.14.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Chris :: ACERPC-PC [administrator]

14-1-2013 16:33:16
MBAM-log-2013-01-14 (17-19-04).txt

Scan type: Volledige scan (C:\|D:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 419184
Verstreken tijd: 45 minuut/minuten, 25 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Geen actie ondernomen.

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)


de andere logbestanden volgen nog


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: ma jan 14, 2013 6:25 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
# AdwCleaner v2.105 - Verslag gemaakt op 14/01/2013 om 17:21:17
# Geactualiseerd op 08/01/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Chris - ACERPC-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Chris\Desktop\adwcleaner (1).exe
# Optie [Verwijderen]


***** [Diensten] *****


***** [Files / Mappen] *****

File Verwijdert : C:\END
File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Map Verwijdert : C:\Program Files (x86)\Babylon
Map Verwijdert : C:\Program Files (x86)\DealPly
Map Verwijdert : C:\Program Files\Babylon
Map Verwijdert : C:\ProgramData\Babylon
Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Map Verwijdert : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Map Verwijdert : C:\Users\Chris\AppData\Local\Temp\Software
Map Verwijdert : C:\Users\Chris\AppData\Roaming\Babylon
Map Verwijdert : C:\Users\Chris\AppData\Roaming\yourfiledownloader

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\BabylonToolbar
Sleutel Verwijdert : HKCU\Software\Conduit
Sleutel Verwijdert : HKCU\Software\DealPly
Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijdert : HKCU\Software\YourFileDownloader
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Sleutel Verwijdert : HKLM\Software\Babylon
Sleutel Verwijdert : HKLM\Software\BabylonToolbar
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Sleutel Verwijdert : HKLM\Software\DealPly
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Sleutel Verwijdert : HKLM\Software\YourFileDownloader
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=112555 ... 0f410655c4 --> hxxp://www.google.com

-\\ Mozilla Firefox v10.0.1 (en-US)

File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\fbrivbic.default\prefs.js

Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Verwijdert : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Verwijdert : user_pref("browser.search.order.1", "Search the web (Babylon)");
Verwijdert : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=112555&tt=220512_53all&babsr[...]
Verwijdert : user_pref("extensions.BabylonToolbar_i.newTab", true);
Verwijdert : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112555&tt=22051[...]
Verwijdert : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=112555&tt=220512_53all&babsrc=KW_ss&mntrI[...]

-\\ Google Chrome v24.0.1312.52

File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[S2].txt - [9503 octets] - [14/01/2013 17:21:17]

########## EOF - C:\AdwCleaner[S2].txt - [9563 octets] ##########


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: ma jan 14, 2013 6:30 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
en dan de laatste:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_37
Run by Chris at 17:28:01 on 2013-01-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6127.3755 [GMT 1:00]
.
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Spotify] "C:\Users\Chris\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Spotify Web Helper] "C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &D&ownload &met BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload alles met BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{46602A32-3FE8-4D62-854D-01035E699F64} : DHCPNameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{5E5BD946-C951-4CF0-9628-601EC0B8D139} : DHCPNameServer = 212.54.35.25 212.54.40.25
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://acer.msn.com
x64-mDefault_Page_URL = hxxp://acer.msn.com
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\fbrivbic.default\
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2011-8-4 62496]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2009-10-5 87600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-7-31 254528]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2011-8-4 38288]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-10 203776]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2011-8-9 202576]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-9-22 974944]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-10-27 13336]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-28 398184]
R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-27 2655768]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-10-27 243232]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-2-10 115216]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-2-15 24176]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-10-27 1014624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-28 682344]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2012-12-27 14448]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-12-27 155320]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-18 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-14 15:32:36 -------- d-----w- C:\Users\Chris\AppData\Local\Programs
2013-01-14 09:28:56 -------- d-----w- C:\Users\Chris\AppData\Local\{03CC2D31-2DE5-4664-9B82-2047ABBD7F0D}
2013-01-13 13:51:04 -------- d-----w- C:\Users\Chris\AppData\Local\{A4417D19-FA9F-4D78-836C-5F1D9AFCE52C}
2013-01-11 11:06:11 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7FAEB92D-551A-4217-9E8C-1D20350DFB27}\mpengine.dll
2013-01-11 11:04:27 -------- d-----w- C:\Users\Chris\AppData\Local\{6063EDB8-5856-4653-AC05-236AFD2B8FC9}
2013-01-10 10:39:50 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-10 10:39:50 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-10 10:39:26 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-10 10:39:24 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-10 10:39:22 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-10 10:39:21 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-10 10:39:11 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-10 10:39:11 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-10 10:39:08 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-01-10 10:39:05 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2013-01-10 10:37:57 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-10 10:32:20 15739912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-01-10 10:29:11 -------- d-----w- C:\Users\Chris\AppData\Local\{579B85E1-54F5-4A88-BD92-C947C1A6856D}
2013-01-08 12:24:15 -------- d-----w- C:\Users\Chris\AppData\Local\{827D0F3F-B8BC-484B-B9A4-3103A52A9F84}
2013-01-07 13:39:28 -------- d-----w- C:\Users\Chris\AppData\Local\{CE4418D2-7804-4C6E-9FAF-F7601C877C30}
2013-01-06 09:46:09 -------- d-----w- C:\Users\Chris\AppData\Local\{EB58D360-20A0-4FC6-A680-AD4782EBA6FF}
2013-01-04 10:13:03 -------- d-----w- C:\Users\Chris\AppData\Local\{CDF8EE4B-4BA3-4F6C-AE93-7EB9FE61E1F9}
2013-01-03 21:46:13 -------- d-----w- C:\Users\Chris\AppData\Local\{C1F3D60B-B9F6-4534-B76C-951C846BE9BB}
2013-01-03 09:45:38 -------- d-----w- C:\Users\Chris\AppData\Local\{C5C7D345-24F7-41DD-88AC-2A724D192F8B}
2013-01-02 10:05:39 -------- d-----w- C:\Users\Chris\AppData\Local\{9A338BC5-E3F8-4B61-BBEA-7910101EFD37}
2013-01-01 12:04:32 -------- d-----w- C:\Users\Chris\AppData\Local\{93C9624C-84ED-4169-8E03-AE2282458B1F}
2012-12-31 10:34:42 -------- d-----w- C:\Users\Chris\AppData\Local\{7466F260-AD1C-42A9-A351-930950F055FB}
2012-12-29 08:48:53 -------- d-----w- C:\Users\Chris\AppData\Local\{8AD03334-22F7-4CEE-8C90-F49625D34857}
2012-12-28 10:05:57 -------- d-----w- C:\Users\Chris\AppData\Local\{9750A374-D9B5-4063-BA0F-C30B28368C52}
2012-12-27 14:24:44 -------- d-----w- C:\Users\Chris\AppData\Local\Sony
2012-12-27 14:00:17 27760 ----a-w- C:\Windows\System32\drivers\ggsemc.sys
2012-12-27 14:00:17 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2012-12-27 14:00:17 14448 ----a-w- C:\Windows\System32\drivers\ggflt.sys
2012-12-27 13:59:29 -------- d-----w- C:\ProgramData\Sony Ericsson
2012-12-27 13:59:23 -------- d-----w- C:\Program Files (x86)\Sony Ericsson
2012-12-27 13:51:03 -------- d-----w- C:\Program Files (x86)\Sony
2012-12-27 10:23:24 -------- d-----w- C:\Users\Chris\AppData\Local\{644D6D98-5670-4995-AE82-FF5CA4176070}
2012-12-27 09:18:15 -------- d-----w- C:\Users\Chris\AppData\Local\{829346A2-DBF8-4364-870E-B343A7260206}
2012-12-26 09:31:27 -------- d-----w- C:\Users\Chris\AppData\Local\{FB79A7AC-6354-4B5A-A2FF-DB9767684349}
2012-12-25 11:08:13 -------- d-----w- C:\Users\Chris\AppData\Local\{C0F298FC-0199-4E8D-9A58-ADE30CF5DFA8}
2012-12-24 13:21:48 -------- d-----w- C:\Users\Chris\AppData\Roaming\GoforFiles
2012-12-24 13:21:48 -------- d-----w- C:\Program Files (x86)\GoforFiles
2012-12-24 09:58:49 -------- d-----w- C:\Users\Chris\AppData\Local\{32303584-09C5-47DC-B5A5-217F8842F6E7}
2012-12-23 12:18:21 -------- d-----w- C:\Users\Chris\AppData\Local\{6BA96DF7-9D78-4A44-9CCB-B444B896F2DB}
2012-12-22 10:26:18 -------- d-----w- C:\Users\Chris\AppData\Local\{54EC3565-87BB-414F-91A1-15C0D1EB078F}
2012-12-21 14:16:59 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 14:16:59 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 14:16:59 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 14:16:58 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-21 09:49:23 -------- d-----w- C:\Users\Chris\AppData\Local\{17FF35CE-8CB6-4794-91A2-AD46B40E178D}
2012-12-20 15:50:35 -------- d-----w- C:\Users\Chris\AppData\Local\{DB2AA294-C68E-4D56-910A-F6E0D80D8AE0}
2012-12-20 09:20:33 -------- d-----w- C:\Users\Chris\AppData\Local\{31688F49-7351-44C1-BD7D-B02BBF5EB04D}
2012-12-19 14:24:02 -------- d-----w- C:\Users\Chris\AppData\Local\{5A8C2A1E-E88D-45B5-92B8-3590808FFD9E}
2012-12-18 13:38:01 -------- d-----w- C:\Users\Chris\AppData\Local\{58BBBD4C-7D53-4EBE-BB10-8114612B2B84}
2012-12-17 12:53:18 -------- d-----w- C:\Users\Chris\AppData\Local\{51B811E5-8079-46BC-B17C-CA3F10D073A5}
2012-12-16 13:52:50 -------- d-----w- C:\Users\Chris\AppData\Local\{BC5576AC-AA78-4EC6-8637-09071D7295BD}
.
==================== Find3M ====================
.
2013-01-10 10:33:07 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 10:33:07 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-14 15:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-12-05 18:55:27 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-12-05 18:55:27 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
.
============= FINISH: 17:28:53,27 ===============


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: ma jan 14, 2013 9:24 pm 
Offline
Helper

Geregistreerd: di okt 12, 2010 3:33 pm
Berichten: 1957
Besturingssysteem: XP prof.
Bescherming: Avira AntiVir
Heb je de gevonden infecties in MBAM ook laten verwijderen?

1) Start MalwareBytes' Anti-Malware

  • Klik op het tabblad "Update" en vervolgens op "Controleer op updates"
  • Klik op het tabblad "scanner"
  • Kies de optie "snelle scan" en klik op "scannen"
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, klik daarna op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Indien MBAM vraagt om een herstart, doe dit dan ook.
Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
In dat geval post je dus de twee logs.

De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logbestanden" tab te klikken in het programma.

Bij problemen!!! (Lees de onderstaande instructies)

2) Download( of Update) en installeer Ccleaner

Start CCleaner op.
  • Klik in de linkse kolom op Opties.
  • Selecteer "Geavanceerd".
  • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur.
  • Selecteer "Instellingen".
  • Haal het vinkje weg voor Computer automatisch schoonmaken tijdens het opstarten".
  • Klik in de linkse kolom op Cleaner.
  • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
  • Klik in de linkse kolom op Register.
  • Klik op Scan naar problemen.
  • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen... en OK.

Herstart de computer( als dat nog niet gebeurd is).

Is er verbetering nu?

Erkuip


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: di jan 15, 2013 2:29 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
het gaat al beter maar zo af en toe heeft ie nog zijn kuren.
ik heb de stofzuiger er vandaag ok maar even doorheengehaald(wat ook wel eens nodig was, maar ik zie nog niet echt of dat nut heeft.
het vreemde is gewoon dat me pc het de ene dag wel heeft en de andere dag niet.
als hij traag is dan doet hij er gewoon een half uur over voordat hij opgestart is en dan als hij eenmaal opgestart ie is desnelheid van me pc gewoon dus dat is al een verbetering want eerst was dat niet zo. dus ik denk dat het ook ergens met het opstarten een fout zit ofziets.

bedankt tot nu toe!

chris


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: di jan 15, 2013 2:30 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
oh ja en van mbam had ik even pnieuw gedaan en de gevonden fout verwijdert


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: di jan 15, 2013 4:14 pm 
Offline
Helper

Geregistreerd: di okt 12, 2010 3:33 pm
Berichten: 1957
Besturingssysteem: XP prof.
Bescherming: Avira AntiVir
Dan mag je de volgende stappen uitvoeren:

1) Download Security Check (miror) by screen317 en sla het op je Bureaublad op.
  • Start Security Check
  • Volg de Instructies in het scherm
  • Aan het eind verschijnt een log (checkup.txt) plaats de inhoud ervan in je volgende bericht.

2) Download OTL en sla het op je Bureaublad op.
  • Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
  • Zet een vinkje bij Scan All Users.
  • Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
    • Plaats de inhoud van deze logs in je volgende bericht.

Erkuip


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: di jan 15, 2013 6:32 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
security check:

Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
ESET Smart Security 5.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 4.6
Malwarebytes Anti-Malware versie 1.70.0.1100
TuneUp Utilities Language Pack (nl-NL)
Java(TM) 6 Update 37
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 10.0.1 Firefox out of Date!
Google Chrome 23.0.1271.97
Google Chrome 24.0.1312.52
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: di jan 15, 2013 6:40 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
OTL logfile created on: 1/15/2013 5:33:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

5.98 Gb Total Physical Memory | 3.68 Gb Available Physical Memory | 61.53% Memory free
11.96 Gb Paging File | 9.26 Gb Available in Paging File | 77.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 922.95 Gb Total Space | 793.89 Gb Free Space | 86.02% Space Free | Partition Type: NTFS
Drive D: | 922.97 Gb Total Space | 891.97 Gb Free Space | 96.64% Space Free | Partition Type: NTFS

Computer Name: ACERPC-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/15 17:28:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.com
PRC - [2012/12/29 00:02:24 | 028,539,392 | ---- | M] (Dropbox, Inc.) -- C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/19 10:20:53 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/09/12 11:17:12 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012/09/05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012/04/30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/15 07:19:14 | 000,307,200 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011/02/25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011/01/07 23:36:36 | 000,361,768 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2010/12/03 07:00:42 | 000,618,600 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
PRC - [2010/12/01 20:35:06 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
PRC - [2010/10/05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/09/14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/14 02:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/05/27 03:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/05/27 03:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
PRC - [2010/03/26 09:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/03/11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/03/11 00:22:04 | 000,599,408 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/03/11 00:21:16 | 000,300,400 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/10 13:43:26 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll
MOD - [2013/01/10 13:43:26 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll
MOD - [2013/01/10 13:30:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 13:29:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/10 13:29:55 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 13:29:44 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/10 13:29:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 13:29:39 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 13:29:38 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 13:29:33 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/08 01:06:22 | 000,460,392 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
MOD - [2013/01/08 01:06:21 | 012,459,624 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013/01/08 01:06:19 | 004,012,648 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
MOD - [2013/01/08 01:05:29 | 000,598,120 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\libglesv2.dll
MOD - [2013/01/08 01:05:28 | 000,124,520 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\libegl.dll
MOD - [2013/01/08 01:05:25 | 001,553,000 | ---- | M] () -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll
MOD - [2012/11/27 15:13:40 | 000,585,728 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012/11/07 16:25:36 | 000,204,288 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012/07/26 11:51:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
MOD - [2012/04/30 10:57:42 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012/04/30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012/04/04 14:33:24 | 000,139,776 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
MOD - [2012/03/16 12:51:02 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
MOD - [2012/02/13 09:53:50 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/07/07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2011/04/29 23:25:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/03 07:00:42 | 000,618,600 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MOD - [2010/12/03 04:44:54 | 000,151,656 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
MOD - [2010/11/13 00:33:28 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/01/11 15:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/09/22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011/01/10 10:03:43 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/12/28 09:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/01/10 11:33:10 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/01/18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/03/02 05:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/05 14:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 14:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/09/14 02:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/27 03:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 22:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/27 15:00:17 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012/12/27 15:00:17 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011/08/04 09:20:38 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2011/08/04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/08/04 09:20:38 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2011/08/04 09:20:38 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/31 08:03:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/06/15 09:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/10 10:31:20 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/10 09:28:18 | 000,295,424 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 07:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/09/14 02:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/11 04:40:06 | 001,014,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/10/05 10:08:44 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_nlNL442
IE - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: thepiratebay@mafiaafire.com:0.2.2.23.17022012
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/17 18:25:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/02 13:29:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/02 13:29:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/02/14 18:56:16 | 000,000,000 | ---D | M]

[2012/07/05 17:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2012/07/05 17:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/07/12 18:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\fbrivbic.default\extensions
[2012/07/05 17:42:36 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\fbrivbic.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/05/26 16:34:48 | 000,211,071 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\fbrivbic.default\extensions\thepiratebay@mafiaafire.com.xpi
[2012/10/30 15:25:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/20 19:12:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/08 18:52:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/30 15:25:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012/02/08 21:13:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/03/11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/03/11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/03/11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/03/11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2010/03/11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2010/03/11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/02/08 18:12:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/08 18:12:58 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.nl/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.nl/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Angry Birds = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: MalaysiaBay Redirector = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmdoddcdidelnlglppigljlmnkgafjjf\0.3_0\
CHR - Extension: Click 2 Save = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\joflephghgcingaagiooigffklhemdhm\1.1_0\
CHR - Extension: Ti\u00EBsto = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmeobddjkkgkglnogihcaejaleikhdh\2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2011/08/25 18:55:46 | 000,001,052 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001..\Run: [Spotify] C:\Users\Chris\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3155389230-2953849437-1278466465-1001..\Run: [Spotify Web Helper] C:\Users\Chris\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: &D&ownload &met BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload alles met BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: &D&ownload &met BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload alles met BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.35.25 212.54.40.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46602A32-3FE8-4D62-854D-01035E699F64}: DhcpNameServer = 212.54.35.25 212.54.40.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E5BD946-C951-4CF0-9628-601EC0B8D139}: DhcpNameServer = 212.54.35.25 212.54.40.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0f005811-502c-11e2-ab15-f80f410655c4}\Shell - "" = AutoRun
O33 - MountPoints2\{0f005811-502c-11e2-ab15-f80f410655c4}\Shell\AutoRun\command - "" = N:\Startme.exe
O33 - MountPoints2\{3b7a1b43-bb3d-11e0-a28f-f80f410655c4}\Shell - "" = AutoRun
O33 - MountPoints2\{3b7a1b43-bb3d-11e0-a28f-f80f410655c4}\Shell\AutoRun\command - "" = L:\Installer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/15 17:28:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.com
[2013/01/15 13:19:08 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\logfiles
[2013/01/15 13:18:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{A8F88C6C-5E6B-439E-8F14-A375299DB0DD}
[2013/01/14 19:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2013/01/14 19:11:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2013/01/14 16:38:35 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Chris\Desktop\dds.com
[2013/01/14 16:32:36 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Programs
[2013/01/14 10:28:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{03CC2D31-2DE5-4664-9B82-2047ABBD7F0D}
[2013/01/13 14:58:55 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Chris\Desktop\HijackThis.exe
[2013/01/13 14:51:04 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{A4417D19-FA9F-4D78-836C-5F1D9AFCE52C}
[2013/01/11 12:04:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{6063EDB8-5856-4653-AC05-236AFD2B8FC9}
[2013/01/10 11:29:11 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{579B85E1-54F5-4A88-BD92-C947C1A6856D}
[2013/01/08 13:24:15 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{827D0F3F-B8BC-484B-B9A4-3103A52A9F84}
[2013/01/07 14:39:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{CE4418D2-7804-4C6E-9FAF-F7601C877C30}
[2013/01/06 10:46:09 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{EB58D360-20A0-4FC6-A680-AD4782EBA6FF}
[2013/01/04 11:13:03 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{CDF8EE4B-4BA3-4F6C-AE93-7EB9FE61E1F9}
[2013/01/03 22:46:13 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{C1F3D60B-B9F6-4534-B76C-951C846BE9BB}
[2013/01/03 10:45:38 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{C5C7D345-24F7-41DD-88AC-2A724D192F8B}
[2013/01/02 11:05:39 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{9A338BC5-E3F8-4B61-BBEA-7910101EFD37}
[2013/01/01 13:04:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{93C9624C-84ED-4169-8E03-AE2282458B1F}
[2012/12/31 11:34:42 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{7466F260-AD1C-42A9-A351-930950F055FB}
[2012/12/29 09:48:53 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{8AD03334-22F7-4CEE-8C90-F49625D34857}
[2012/12/28 11:05:57 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{9750A374-D9B5-4063-BA0F-C30B28368C52}
[2012/12/27 15:24:44 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Sony
[2012/12/27 15:00:17 | 000,027,760 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012/12/27 15:00:17 | 000,014,448 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012/12/27 14:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2012/12/27 14:59:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2012/12/27 14:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012/12/27 14:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012/12/27 14:51:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012/12/27 11:23:24 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{644D6D98-5670-4995-AE82-FF5CA4176070}
[2012/12/27 10:18:15 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{829346A2-DBF8-4364-870E-B343A7260206}
[2012/12/26 10:31:27 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{FB79A7AC-6354-4B5A-A2FF-DB9767684349}
[2012/12/25 12:08:13 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{C0F298FC-0199-4E8D-9A58-ADE30CF5DFA8}
[2012/12/24 14:21:48 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\GoforFiles
[2012/12/24 14:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GoforFiles
[2012/12/24 10:58:49 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{32303584-09C5-47DC-B5A5-217F8842F6E7}
[2012/12/23 13:18:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{6BA96DF7-9D78-4A44-9CCB-B444B896F2DB}
[2012/12/22 11:26:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{54EC3565-87BB-414F-91A1-15C0D1EB078F}
[2012/12/21 10:49:23 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{17FF35CE-8CB6-4794-91A2-AD46B40E178D}
[2012/12/20 16:50:35 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{DB2AA294-C68E-4D56-910A-F6E0D80D8AE0}
[2012/12/20 10:20:33 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{31688F49-7351-44C1-BD7D-B02BBF5EB04D}
[2012/12/19 15:24:02 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{5A8C2A1E-E88D-45B5-92B8-3590808FFD9E}
[2012/12/18 14:38:01 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{58BBBD4C-7D53-4EBE-BB10-8114612B2B84}
[2012/12/17 13:53:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\{51B811E5-8079-46BC-B17C-CA3F10D073A5}
[2011/09/28 08:12:17 | 001,090,952 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Chris\AppData\Roaming\mbam.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/15 17:32:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/15 17:30:16 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/15 17:30:16 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/15 17:28:53 | 004,202,706 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013/01/15 17:28:53 | 001,667,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/15 17:28:53 | 001,261,716 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013/01/15 17:28:53 | 001,088,244 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/15 17:28:53 | 000,006,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/15 17:28:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.com
[2013/01/15 17:24:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/15 17:23:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/15 17:23:28 | 523,116,543 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/15 13:40:03 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3155389230-2953849437-1278466465-1001UA.job
[2013/01/15 13:22:05 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/15 13:20:48 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/01/14 19:11:48 | 000,001,087 | ---- | M] () -- C:\Users\Chris\Desktop\SpywareBlaster.lnk
[2013/01/14 18:59:42 | 000,881,914 | ---- | M] () -- C:\Users\Chris\Desktop\SecurityCheck.exe
[2013/01/14 16:38:22 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Chris\Desktop\dds.com
[2013/01/14 16:36:46 | 000,554,087 | ---- | M] () -- C:\Users\Chris\Desktop\adwcleaner (1).exe
[2013/01/14 16:32:45 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/14 16:30:32 | 000,002,373 | ---- | M] () -- C:\Users\Chris\Desktop\Google Chrome.lnk
[2013/01/14 10:46:59 | 001,337,008 | ---- | M] () -- C:\Users\Chris\Desktop\DSC_0031.jpg
[2013/01/14 10:46:11 | 000,952,148 | ---- | M] () -- C:\Users\Chris\Desktop\DSC_0030.jpg
[2013/01/13 14:58:58 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Chris\Desktop\HijackThis.exe
[2013/01/06 16:35:22 | 000,089,726 | ---- | M] () -- C:\Users\Chris\Documents\Ticket (1).pdf
[2013/01/06 16:35:20 | 000,089,725 | ---- | M] () -- C:\Users\Chris\Documents\Ticket.pdf
[2013/01/04 23:40:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3155389230-2953849437-1278466465-1001Core.job
[2012/12/29 09:49:40 | 000,000,187 | ---- | M] () -- C:\Windows\wininit.ini
[2012/12/29 09:49:37 | 000,001,054 | ---- | M] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/12/29 09:49:30 | 000,001,022 | ---- | M] () -- C:\Users\Chris\Desktop\Dropbox.lnk
[2012/12/27 15:16:51 | 000,006,446 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/12/27 15:09:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2012/12/27 15:09:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2012/12/27 15:00:17 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012/12/27 15:00:17 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012/12/27 14:51:08 | 000,002,106 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/14 19:11:48 | 000,001,087 | ---- | C] () -- C:\Users\Chris\Desktop\SpywareBlaster.lnk
[2013/01/14 18:59:39 | 000,881,914 | ---- | C] () -- C:\Users\Chris\Desktop\SecurityCheck.exe
[2013/01/14 16:36:42 | 000,554,087 | ---- | C] () -- C:\Users\Chris\Desktop\adwcleaner (1).exe
[2013/01/14 10:56:46 | 001,337,008 | ---- | C] () -- C:\Users\Chris\Desktop\DSC_0031.jpg
[2013/01/14 10:56:41 | 000,952,148 | ---- | C] () -- C:\Users\Chris\Desktop\DSC_0030.jpg
[2013/01/06 16:35:22 | 000,089,726 | ---- | C] () -- C:\Users\Chris\Documents\Ticket (1).pdf
[2013/01/06 16:35:19 | 000,089,725 | ---- | C] () -- C:\Users\Chris\Documents\Ticket.pdf
[2012/12/29 09:49:34 | 000,000,187 | ---- | C] () -- C:\Windows\wininit.ini
[2012/12/27 15:09:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2012/12/27 15:09:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2012/12/27 14:51:08 | 000,002,106 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012/07/12 13:35:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/07/12 12:16:55 | 000,000,000 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\.NANotifyHere
[2012/07/06 09:47:46 | 000,002,727 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpowerAMP Mp4 Codec.dat
[2012/07/06 09:47:13 | 000,133,632 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012/07/06 09:47:13 | 000,017,686 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2012/07/05 17:27:40 | 000,003,584 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/24 15:47:54 | 000,007,601 | ---- | C] () -- C:\Users\Chris\AppData\Local\Resmon.ResmonCfg
[2012/03/02 17:32:51 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2011/12/13 14:52:55 | 000,158,176 | ---- | C] () -- C:\Windows\Plagiarism-Finder Uninstaller.exe
[2011/09/28 08:12:22 | 000,071,680 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\chrtmp
[2011/09/06 12:32:00 | 000,006,446 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/31 12:23:25 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/07/31 12:23:08 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/05/07 02:35:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/02/10 07:57:24 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/10/27 12:08:21 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/06/29 09:02:10 | 000,000,000 | ---D | M] -- C:\Users\acer pc\AppData\Roaming\OEM
[2011/07/12 08:13:05 | 000,000,000 | ---D | M] -- C:\Users\acer pc\AppData\Roaming\PowerCinema
[2011/07/02 15:35:53 | 000,000,000 | ---D | M] -- C:\Users\acer pc\AppData\Roaming\Windows Live Writer
[2012/10/08 18:45:57 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\2K Sports
[2012/11/20 18:28:01 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Assassin's Creed III
[2012/12/31 16:10:34 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\BitComet
[2013/01/02 16:17:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DAEMON Tools Lite
[2012/07/12 11:33:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\dBpoweramp
[2013/01/15 17:24:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Dropbox
[2012/07/05 17:42:54 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DVDVideoSoft
[2012/02/18 19:20:45 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/02/14 18:57:17 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ESET
[2012/12/24 14:22:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\GoforFiles
[2012/11/02 13:50:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\ICAClient
[2011/09/15 21:55:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2012/07/05 17:31:44 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\LimeWire
[2012/07/05 17:20:46 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\MusicNet
[2011/07/28 19:11:49 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OEM
[2011/07/31 11:03:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PlayFirst
[2011/07/31 08:04:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PowerCinema
[2011/07/31 12:23:05 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PunkBuster
[2012/11/06 18:31:28 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Sports Interactive
[2013/01/15 17:25:10 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Spotify
[2012/09/28 12:00:20 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\SystemRequirementsLab
[2012/11/20 18:29:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Theta
[2011/08/25 16:22:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Ubisoft
[2011/10/04 15:35:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:05D195EC
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: di jan 15, 2013 6:41 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
OTL Extras logfile created on: 1/15/2013 5:33:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

5.98 Gb Total Physical Memory | 3.68 Gb Available Physical Memory | 61.53% Memory free
11.96 Gb Paging File | 9.26 Gb Available in Paging File | 77.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 922.95 Gb Total Space | 793.89 Gb Free Space | 86.02% Space Free | Partition Type: NTFS
Drive D: | 922.97 Gb Total Space | 891.97 Gb Free Space | 96.64% Space Free | Partition Type: NTFS

Computer Name: ACERPC-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3F1543BA-25EA-4678-B875-87D806D35E88}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{44A86C1E-4788-4597-96ED-C37A00F3BE0F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4AB8FB5B-B8F9-467A-8A3A-A4003C60DA1C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C07237E-9485-4A7B-BBF1-E10ACA85AD74}" = rport=139 | protocol=6 | dir=out | app=system |
"{4F9037A4-DC53-4B58-8FBC-2EE8082BA80F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4FFB8D17-B6C1-4FF4-BE4B-C0C3D8B27E3C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{570E3FBF-1868-4ABD-8273-D6E7E2891F5A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{620C1505-236C-40D8-8C10-92B28700DA85}" = lport=20944 | protocol=6 | dir=in | name=bitcomet 20944 tcp |
"{707E0F07-B9DB-4B8E-8067-D1452915E2E4}" = rport=137 | protocol=17 | dir=out | app=system |
"{75E0D637-F319-4387-8961-1C639BF19141}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7BEAE826-64DB-46B2-B007-34F22118BF40}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{83CF533C-3B7F-4571-843D-7B4028BEBDA5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{86D6EAF9-ED2E-4F30-AA78-AD0F325B3074}" = lport=2869 | protocol=6 | dir=in | app=system |
"{939C9F30-B610-4C64-B9E2-EDCD529EB512}" = lport=139 | protocol=6 | dir=in | app=system |
"{A8F291B6-CFB5-4996-A683-791B642CE359}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{ABA3668E-DD6C-4C21-A960-59B9A44BA08D}" = lport=137 | protocol=17 | dir=in | app=system |
"{B34556ED-D402-4ED2-A177-7F2CC35A49AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B52CAEB9-E733-4426-BFE3-198E7B2B5E1B}" = lport=20944 | protocol=17 | dir=in | name=bitcomet 20944 udp |
"{BD07BFA1-1E7E-4DCF-ADAC-2FCEACACF55F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C0A2F83A-117F-4AB1-B7E9-2BB0FB0A6CA1}" = rport=445 | protocol=6 | dir=out | app=system |
"{CC90E749-B0E3-4C92-BE0A-D11F04546144}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1795D30-EF56-4D7F-A967-545226235090}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4C7C894-2943-4055-91A9-D4E2E9200AAC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F0623D6E-6929-4605-A370-4070195E9A58}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F9C26CB7-AB1D-401D-A355-EB78E12ABCEE}" = rport=138 | protocol=17 | dir=out | app=system |
"{FC267688-1CB1-4FEA-A705-1F15617E6846}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC667CD0-DB2E-49DB-94EA-BA65E8804E78}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06BF0D94-F974-432A-BE47-A5A2922B653E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{06D9B086-474B-4F25-A076-BE6F35E2D057}" = protocol=6 | dir=in | app=c:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe |
"{12928AC7-0EE0-459D-9B4B-94150A05337A}" = protocol=6 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"{15A04792-949D-4125-B8D4-CC8564646983}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C9FC9F9-DCB3-4B5C-BE01-8BA157D97FFE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{23B8281A-1BA4-4D92-899B-390EEF760E17}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{276786D1-E60A-4FAC-89B0-58912369895E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{32173816-C470-47EF-89B3-5A2BA8A6151F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3776057B-67A4-4F54-8A0E-EB301749D43D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3CA49ADF-1DC5-46BC-821E-BABBDA232B5A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{46EB630F-DE84-497F-93A8-4B225CCF1C03}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49C19652-EE62-467D-9CDB-BF1209F13470}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{5BED5B8B-2C55-477D-9412-D30B30FB9E97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5ED0C7B1-2038-4AF8-B53F-A50D1B8E184C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6189C2E6-AF75-4DB1-BE45-211321E94760}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6853980A-4BBE-4324-9703-275497EF3E1D}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{6886B31C-D860-41AF-BD87-8AA916969386}" = protocol=17 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"{7213C733-6D1E-4893-BDD0-CED542EFAC5A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7E4EEBD1-2AB0-432D-A259-7BC6DE83B4BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82035A00-15DC-4E35-8D20-19AD1472CBE0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8775AF14-C84B-4E99-8B54-7C31A636938E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{8C8E6218-90E8-4073-900A-71DF5C3E82FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F0935CD-3290-498B-BFAF-397BA06771AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{910B0D4C-82CC-477E-B549-9BD5066E0896}" = protocol=17 | dir=in | app=d:\games\fifa manager 13\manager13.exe |
"{9C38AC5D-AFE2-4032-998E-3DFBD1744CC8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D1FAD92-DB82-4D09-B15E-91BB85247D85}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9E445E43-DB85-439E-A511-2479401E89B1}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A87A32CF-FE32-4CD0-8E26-B6BEE8698948}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACE79ECA-C229-4FE8-B85A-400E5CDC3770}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B112A427-82C7-494D-9FC6-535B536E1F74}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BB0F2341-0BEF-43F2-B78D-56C45137BD0D}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{C06EBEFC-3F24-4E74-8FE4-DA72F48DDFE7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C540EBC1-B2B8-43EC-A144-CEA048E9DE9A}" = protocol=17 | dir=in | app=c:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe |
"{C59F9EC7-5507-4A98-8167-48BB554A2FD3}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\arcadedeluxeagent.exe |
"{CC28975E-5E01-42DB-A193-CFD3AAA2F383}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{CFCCE3DD-02BA-41D8-AB8A-9C886A0830F6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D1632147-098C-41FC-93EC-3FB5CBB5014B}" = protocol=6 | dir=in | app=d:\games\fifa manager 13\manager13.exe |
"{DC11C032-2E40-45EC-8478-89C2927CD6E4}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{DC73E67F-EBD7-481E-9AC9-16B5C9D53ECE}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{DCD63B99-13FC-4853-A7B6-2D7775E724F6}" = protocol=6 | dir=out | app=system |
"{DE0A06DA-D487-49D5-9043-5113ECCE3CBB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E278699F-CDF4-4B4C-97A5-9A68461F9F1F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E392C129-61EF-4EC5-BFAE-9AD3AA90A5F5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F33893C3-44A7-4E0A-B2EA-943A3BB38775}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F6F10A50-1EB9-4E93-93A1-3AEF440FCF49}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F73D87BE-1A40-41C3-AA63-7944BD41FC9D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F90B4F40-8727-4D80-A3A0-B10A71F78299}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{16B85ADB-C7A9-4399-8F27-7D0A52260820}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{502DA55B-8B8E-4FAB-93C2-D5240C4CA49F}D:\games\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=d:\games\need for speed the run\need for speed the run.exe |
"TCP Query User{66CB547A-F0DC-4131-99F5-100901D9932F}C:\users\chris\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\chris\appdata\roaming\spotify\spotify.exe |
"UDP Query User{A3A87189-ABDB-4D6D-AEF9-4A714FDFBA1A}C:\users\chris\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\chris\appdata\roaming\spotify\spotify.exe |
"UDP Query User{D59E4BE8-B07E-4206-B314-28FDE2C1FCA7}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{F0CCB9AF-FE4E-4FA1-AF0C-A7EBFFCA649C}D:\games\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=d:\games\need for speed the run\need for speed the run.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021B6358-4373-3FC0-A0B4-4709B7E0D3E5}" = Microsoft .NET Framework 4 Extended NLD Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{5586CBEA-C071-4616-B809-6E11815D2190}" = ESET Smart Security
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B7F9AFA9-C855-0AF4-3238-E338D16DE1E6}" = ccc-utility64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F4DBEFD1-1E91-64A9-520E-C68D19E51A3A}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Extended - NLD
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix online plug-in (Web)
"{0764244D-B5B4-FE84-72EB-D30D020AA0BF}" = CCC Help Italian
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0AB0FD1B-0C6C-A192-1ED5-F4800F00B773}" = CCC Help Hungarian
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BDA096C-3550-4F7D-8612-A7AAA3D35712}_is1" = FLV to MP3 Converter
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AA583C0-4BAD-D55D-3AB6-8A5A141B7A26}" = CCC Help Chinese Standard
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2274ED79-8F51-3EBA-A505-BCE355090EA6}" = CCC Help Thai
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{290e41fc-4190-48c3-965b-85f76ac4364d}" = Nero 9 Essentials
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{3368F8D0-CC3A-4872-B585-04748C0D1D8E}" = CCC Help German
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3668C840-CA7C-F7AC-816B-3B8F7B7CA413}" = CCC Help Korean
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaEspresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{51EB1680-EDB7-6874-7129-4C983D9E9D74}" = CCC Help Norwegian
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{55E2E85A-48F9-B94D-5407-DF7869C88C37}" = CCC Help Portuguese
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5D3435E8-AAC5-CD53-585A-EE0ECC0C7D65}" = CCC Help Spanish
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{63E65FF4-5CCB-EDB0-5327-2F859E309BA4}" = CCC Help English
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C2B0E3E-3625-4FAB-B7D5-A516218741A5}" = CCC Help Finnish
"{6D841B2A-6629-AD72-33A2-92F81D1C8F92}" = CCC Help Swedish
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix online plug-in (USB)
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78D80EAF-1ADB-46A8-AF6F-EBB18B6ADBCE}" = ISO Creator 1.0
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DFC1BD7-9AA1-4191-8C7B-ACD95B127BC5}" = TuneUp Utilities Language Pack (nl-NL)
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FIFA Manager 13
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix online plug-in (DV)
"{8229EB52-BF74-E006-8D4E-A6735737DCC7}" = Catalyst Control Center Localization All
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
"{90140000-0015-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
"{90140000-0016-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
"{90140000-0018-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
"{90140000-0019-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
"{90140000-001A-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
"{90140000-001B-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0413-1000-0000000FF1CE}_Office14.SingleImage_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
"{90140000-002C-0413-0000-0000000FF1CE}_Office14.SingleImage_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
"{90140000-006E-0413-0000-0000000FF1CE}_Office14.SingleImage_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
"{90140000-00A1-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire
"{91FD9139-EFE6-81AD-3CDB-0EC531953BDB}" = CCC Help Czech
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9A8CF74A-7CDD-096C-81FC-CAA4A25C6B96}" = CCC Help Chinese Traditional
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AD3D31C4-DF57-D055-5BE3-EF602E2C51C1}" = CCC Help Dutch
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C6F14A1D-A1A2-2812-9DF2-6BDE53821884}" = Catalyst Control Center InstallProxy
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D019764D-4690-1790-05C1-8BCB6E0DAA62}" = CCC Help Greek
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2223157-A5F5-061C-88E1-681DCD8558AF}" = CCC Help Japanese
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DE35B2C9-35AF-E4B6-3F0E-DDC3417C0365}" = CCC Help Polish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E75B5672-3D53-1D60-6B4B-9F74342BD12B}" = ccc-core-static
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix online plug-in (HDX)
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0C9EB74-EF5B-9154-6619-663FDE7768FE}" = CCC Help Russian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F7D5760B-4C4C-C6DE-42F1-94515A5C9167}" = CCC Help French
"{FAC20146-EBEA-867B-24CF-5E678EB5E216}" = CCC Help Danish
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AltoMP3 Gold" = AltoMP3 Gold 5.20
"Assassin's Creed III_R.G. Mechanics_is1" = Assassin's Creed III
"BitComet_x64" = BitComet 1.29 64-bit
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CleanUp!" = CleanUp!
"DAEMON Tools Lite" = DAEMON Tools Lite
"dBpowerAMP Mp4 Codec" = dBpowerAMP Mp4 Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DivX Setup" = DivX Setup
"Dream Aquarium_is1" = Dream Aquarium
"Football Manager 2012_is1" = Football Manager 2012
"Football Manager 2013_is1" = Football Manager 2013
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.25.627
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 10.0.1 (x86 en-US)" = Mozilla Firefox 10.0.1 (x86 en-US)
"Office14.SingleImage" = Microsoft Office 2010 voor Thuisgebruik en Zakelijke toepassingen
"Plagiarism-Finder" = Plagiarism-Finder 1.2.2 TRIAL
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"SopCast" = SopCast 3.4.8
"SpywareBlaster_is1" = SpywareBlaster 4.6
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 2.0.2
"WinLiveSuite" = Windows Live Essentials
"Your Product1.0" = Your Product

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3155389230-2953849437-1278466465-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/14/2013 12:26:55 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de
WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie
Gegevens.

Error - 1/14/2013 2:15:25 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles:
Unable to back up image of binary SASKUTIL. System Error: Het systeem kan het opgegeven
bestand niet vinden. .

Error - 1/14/2013 2:39:24 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = De prestatietekenreeksen in de waarde van de registersleutel Performance
worden beschadigd bij het verwerken van de Performance extension counter provider.
De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in
de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp
de derde DWORD.

Error - 1/14/2013 2:39:24 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = De prestatietekenreeksen in de waarde van de registersleutel Performance
worden beschadigd bij het verwerken van de Performance extension counter provider.
De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in
de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp
de derde DWORD.

Error - 1/14/2013 2:39:24 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de
WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie
Gegevens.

Error - 1/15/2013 8:21:38 AM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = De prestatietekenreeksen in de waarde van de registersleutel Performance
worden beschadigd bij het verwerken van de Performance extension counter provider.
De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in
de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp
de derde DWORD.

Error - 1/15/2013 8:21:38 AM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = De prestatietekenreeksen in de waarde van de registersleutel Performance
worden beschadigd bij het verwerken van de Performance extension counter provider.
De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in
de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp
de derde DWORD.

Error - 1/15/2013 8:21:38 AM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de
WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie
Gegevens.

Error - 1/15/2013 12:28:50 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = De prestatietekenreeksen in de waarde van de registersleutel Performance
worden beschadigd bij het verwerken van de Performance extension counter provider.
De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in
de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp
de derde DWORD.

Error - 1/15/2013 12:28:50 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = De prestatietekenreeksen in de waarde van de registersleutel Performance
worden beschadigd bij het verwerken van de Performance extension counter provider.
De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in
de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp
de derde DWORD.

Error - 1/15/2013 12:28:50 PM | Computer Name = acerpc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de
WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie
Gegevens.

[ System Events ]
Error - 1/1/2013 9:10:31 AM | Computer Name = acerpc-PC | Source = volsnap | ID = 393230
Description = De schaduwkopieën van volume C: zijn afgebroken vanwege een I/O-fout
op volume C:.

Error - 1/1/2013 10:14:04 AM | Computer Name = acerpc-PC | Source = volsnap | ID = 393230
Description = De schaduwkopieën van volume C: zijn afgebroken vanwege een I/O-fout
op volume C:.

Error - 1/3/2013 5:44:33 AM | Computer Name = acerpc-PC | Source = Service Control Manager | ID = 7024
Description = De Windows Search-service is gestopt met de specifieke servicefout
%%-1073473535.

Error - 1/3/2013 5:44:33 AM | Computer Name = acerpc-PC | Source = Service Control Manager | ID = 7031
Description = De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd.
De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service
opnieuw starten.

Error - 1/3/2013 5:45:03 AM | Computer Name = acerpc-PC | Source = Service Control Manager | ID = 7032
Description = Servicebesturingsbeheer heeft na het onverwachte afsluiten van de
Windows Search-service geprobeerd een herstelactie (Service opnieuw starten) uit
te voeren, maar deze actie is met de volgende fout mislukt: %%1056

Error - 1/6/2013 1:36:43 PM | Computer Name = acerpc-PC | Source = volsnap | ID = 393230
Description = De schaduwkopieën van volume C: zijn afgebroken vanwege een I/O-fout
op volume C:.

Error - 1/13/2013 9:47:22 AM | Computer Name = acerpc-PC | Source = EventLog | ID = 6008
Description = De vorige afsluiting van het systeem om 14:45:19 op ?13-?1-?2013 is
onverwacht gebeurd.

Error - 1/13/2013 9:50:28 AM | Computer Name = acerpc-PC | Source = Service Control Manager | ID = 7011
Description = Time-out (30000 seconden) tijdens het wachten op een reactie op een
transactie van deze service: ShellHWDetection.

Error - 1/13/2013 9:55:31 AM | Computer Name = acerpc-PC | Source = Service Control Manager | ID = 7022
Description = De Windows Update-service is bij het starten vastgelopen.

Error - 1/14/2013 6:44:49 AM | Computer Name = acerpc-PC | Source = volsnap | ID = 393230
Description = De schaduwkopieën van volume C: zijn afgebroken vanwege een I/O-fout
op volume C:.


< End of report >


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: do jan 17, 2013 7:00 pm 
Offline
Moderator
Avatar gebruiker

Geregistreerd: wo apr 13, 2005 3:54 pm
Berichten: 33154
Woonplaats: Kotje aan de kust.
Besturingssysteem: Windows 7
Bescherming: Malwarebytes pro
Ik zal hem even inseinen.

_________________
****Afbeelding****
Lid van Team Opleiding.

traagheidtips
Keuze in AV
wat is een rootkit


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: vr jan 18, 2013 12:28 am 
Offline
Helper

Geregistreerd: di okt 12, 2010 3:33 pm
Berichten: 1957
Besturingssysteem: XP prof.
Bescherming: Avira AntiVir
Bedankt, ik heb geen melding gehad van een nieuwe reactie.

Start OTL
  • Plak het volgende onder Custom Scans/Fixes
    Citaat:
    :Commands
    [createrestorepoint]

    :OTL
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
    O18:64bit: - Protocol\Filter\ica - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:4D066AD2
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:05D195EC
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5C321E34

    :Services

    :Reg

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [reboot]
  • Klik daarna bovenaan op de knop Run Fix
  • Laat het programma ongestoord zijn werk doen. De pc zal na afloop opnieuw opgestart worden.

Wil je het logje wat verschijnt posten in je volgende antwoord?

Erkuip


Omhoog
 Profiel  
 
 Berichttitel: Re: trage pc
BerichtGeplaatst: vr jan 18, 2013 12:28 pm 
Offline
Lid

Geregistreerd: vr sep 26, 2008 4:11 pm
Berichten: 51
maakt niet uit hoor hiero het logje (ik merk wel verbetering):

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.
ADS C:\ProgramData\Temp:1A60DE96 deleted successfully.
ADS C:\ProgramData\Temp:05D195EC deleted successfully.
ADS C:\ProgramData\Temp:5C321E34 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-configuratie
De DNS-omzettingscache is leeggemaakt.
C:\Users\Chris\Desktop\hijackthis\cmd.bat deleted successfully.
C:\Users\Chris\Desktop\hijackthis\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: acer pc
->Temp folder emptied: 4400333 bytes
->Temporary Internet Files folder emptied: 52954285 bytes
->Flash cache emptied: 531 bytes

User: All Users

User: Chris
->Temp folder emptied: 384370 bytes
->Temporary Internet Files folder emptied: 7208316 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16713967 bytes
->Google Chrome cache emptied: 148166259 bytes
->Flash cache emptied: 506 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 889314 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26817 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67 bytes
RecycleBin emptied: 2924185 bytes

Total Files Cleaned = 223.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01182013_112231

Files\Folders moved on Reboot...
C:\Users\Chris\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Omhoog
 Profiel  
 
Geef de vorige berichten weer:  Sorteer op  
Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 20 berichten ]  Ga naar pagina 1, 2  Volgende

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles


Wie is er online

Gebruikers op dit forum: Geen geregistreerde gebruikers. en 5 gasten


Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum

Ga naar:  
Powered by phpBB® Forum Software © phpBB Group
phpBB.nl Vertaling