Jump to content

gagaman

Anti-Spyware Brigade
  • Content Count

    1,452
  • Joined

  • Last visited

About gagaman

  • Rank
    Folding Addict
  • Birthday 04/05/1964

Contact Methods

  • Website URL
    http://www.detoverboom.be
  • ICQ
    0

Profile Information

  • Location
    Antwerp-Belgium
  • Interests
    education<br />computer<br />tennis<br />music

Previous Fields

  • TechExpress Link:
    http://pcpitstop.com/betapit/sec.asp?conid=22657124
  • Teams:
    Folding@Home Team
  1. Late to... but thanks... folding again on an old puter...
  2. Initially I started folding for the fun. At the time (2003-2005) there where several subfolding teams at pcpitstop having a competition (do a search on Neotech2k4 or Adammaxisteam). I also contributed to the jmol project (doing translation work): a graphical molecular program that folding@home used. I think this is not continued anymore. And I wrote the http://forums.pcpitstop.com/index.php?/topic/152666-how-to-join-the-pc-pitstop-folding-home-team/ topic (very outdated now ). So I was quite a dedicated folding member. Due to personal circumstances, I stopped folding for quite a while. Quite recently, I lost my mother due to cancer,so I decided to start folding again. Must say I'm happy to contribute again
  3. Seems to be a problem with their server 129.74.246.143 to which your client is trying to upload... http://fah-web.stanford.edu/pybeta/serverstat.html
  4. Hello jonTom, Thanks for your time and efforts to help me with this computer. Really appreciated!! I will pass your final advices to the lady who owns this pc. regards gagaman
  5. Hello JonTom, Thanks for your reply. I hope I did it right. When I dropped the notapad file on combofix, combofix asked to update to an newer version... I clicked ok. Then combofix seemed to update and did the job. Combofixlog ComboFix 11-11-06.01 - mama 06/11/2011 17:10:31.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3327.2626 [GMT 1:00] Gestart vanuit: c:documents and settingsmamaBureaubladComboFix.exe gebruikte Opdracht switches :: c:documents and settingsmamaBureaubladCFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-06 to 2011-11-06 )))))))))))))))))))))))))))))) . . 2011-11-06 16:05 . 2011-11-06 16:05 56200 ----a-w- c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{4610ACF3-2D33-4F6A-B07B-EA1FA43E494D}offreg.dll 2011-11-05 16:26 . 2011-10-07 03:48 6668624 ----a-w- c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{4610ACF3-2D33-4F6A-B07B-EA1FA43E494D}mpengine.dll 2011-11-03 13:48 . 2011-11-03 13:48 -------- d-----w- c:program filesESET 2011-11-03 13:46 . 2011-11-03 13:46 -------- d-----w- c:program filesCommon FilesJava 2011-11-03 13:46 . 2011-10-03 04:06 472808 ----a-w- c:windowssystem32deployJava1.dll 2011-11-03 13:36 . 2011-11-03 13:36 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2011-11-03 13:36 . 2011-08-31 16:00 22216 ----a-w- c:windowssystem32driversmbam.sys 2011-11-03 13:31 . 2011-11-03 13:31 -------- d-----w- C:_OTL 2011-11-02 10:25 . 2011-11-06 16:07 -------- d--h--r- c:documents and settingsmamaOnlangs geopend 2011-11-01 11:01 . 2011-11-01 11:01 -------- d-----w- c:program filesSIW 2011-10-30 20:44 . 2011-10-30 20:44 388096 ----a-r- c:documents and settingsmamaApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe 2011-10-30 20:44 . 2011-10-30 20:44 -------- d-----w- c:program filesTrend Micro 2011-10-30 16:56 . 2011-10-30 16:56 -------- d-----w- c:documents and settingsAll UsersApplication DataPCPitstopDat 2011-10-30 08:56 . 2011-10-30 08:56 -------- d--h--r- c:documents and settingsAdministratorOnlangs geopend 2011-10-30 08:54 . 2011-10-30 08:54 -------- d-sh--w- c:documents and settingsAdministratorIECompatCache 2011-10-30 08:53 . 2011-10-30 08:54 -------- d-----w- c:documents and settingsAdministratorLocal SettingsApplication DataConduitEngine 2011-10-30 06:16 . 2011-10-30 06:16 48640 ----a-w- c:windowssystem32ANPD64.SYS 2011-10-30 06:16 . 2011-10-30 06:16 34008 ----a-w- c:windowssystem32ANPD.VXD 2011-10-30 06:16 . 2011-10-30 06:16 315392 ----a-w- c:windowssystem32ANPDApi.dll 2011-10-30 06:16 . 2011-10-30 06:16 29411 ----a-w- c:windowssystem32ANPD.SYS 2011-10-30 06:15 . 2009-09-15 13:09 779136 ----a-w- c:windowssystem32driversDrt2870.sys 2011-10-30 06:15 . 2009-09-15 13:08 221184 ----a-w- c:windowssystem32RaCoInst.dll 2011-10-30 06:15 . 2011-10-30 06:15 -------- d-----w- c:program filesD-Link 2011-10-30 06:15 . 2011-10-30 06:15 -------- d-----w- c:documents and settingsAdministratorApplication DataInstallShield 2011-10-30 06:13 . 2011-10-30 06:13 -------- d-----w- c:documents and settingsAdministratorApplication DataUlead Systems 2011-10-30 06:13 . 2011-10-30 06:13 -------- d-----w- c:documents and settingsAdministratorApplication DataApple Computer 2011-10-19 14:31 . 2011-10-19 14:31 -------- d-----w- c:documents and settingsAll UsersApplication DataHEMA Fotoservice 2011-10-19 14:31 . 2011-10-19 14:31 -------- d-----w- c:program filesHEMA Fotoservice 2011-10-13 17:56 . 2011-10-19 13:58 -------- d-----w- c:documents and settingsAll UsersApplication Datatmp 2011-10-13 17:56 . 2011-10-13 17:56 -------- d-----w- c:documents and settingsAll UsersApplication Datahps 2011-10-13 17:55 . 2011-10-13 17:55 -------- d-----w- c:program filesbol.com . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-02 13:11 . 2011-06-07 16:11 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2011-10-08 06:50 . 2009-05-22 20:24 52096 ----a-w- c:windowssystem32Spoolprtprocsw32x86LMIproc.dll 2011-10-08 06:50 . 2009-05-22 20:24 83360 ----a-w- c:windowssystem32LMIRfsClientNP.dll 2011-10-08 06:50 . 2009-05-22 20:24 30592 ----a-w- c:windowssystem32LMIport.dll 2011-10-08 06:50 . 2009-05-22 20:24 87424 ----a-w- c:windowssystem32LMIinit.dll 2011-10-07 03:48 . 2011-06-13 18:01 6668624 ----a-w- c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll 2011-10-03 01:37 . 2009-06-03 16:08 73728 ----a-w- c:windowssystem32javacpl.cpl 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:windowssystem32uiautomationcore.dll 2011-09-26 09:41 . 2004-08-04 12:00 23040 ----a-w- c:windowssystem32oleaccrc.dll 2011-09-26 09:41 . 2004-08-04 12:00 220160 ----a-w- c:windowssystem32oleacc.dll 2011-09-09 09:12 . 2004-08-04 12:00 602624 ----a-w- c:windowssystem32crypt32.dll 2011-09-06 14:09 . 2004-08-04 12:00 1859072 ----a-w- c:windowssystem32win32k.sys 2011-08-22 23:41 . 2004-08-04 12:00 916480 ----a-w- c:windowssystem32wininet.dll 2011-08-22 23:41 . 2004-08-04 12:00 43520 ----a-w- c:windowssystem32licmgr10.dll 2011-08-22 23:41 . 2004-08-04 12:00 1469440 ----a-w- c:windowssystem32inetcpl.cpl 2011-08-22 11:58 . 2004-08-04 12:00 385024 ----a-w- c:windowssystem32html.iec 2011-08-17 13:49 . 2004-08-04 12:00 138496 ----a-w- c:windowssystem32driversafd.sys 2011-08-13 12:00 . 2011-08-11 12:40 61244 ----a-w- c:windowssystem32x264vfw-uninstall.exe 2011-04-14 16:57 . 2011-04-29 14:24 142296 ----a-w- c:program filesmozilla firefoxcomponentsbrowsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-11-05_16.33.05 ))))))))))))))))))))))))))))))))))))))))) . + 2011-11-06 16:05 . 2011-11-06 16:05 16384 c:windowsTempPerflib_Perfdata_104.dat - 2011-11-05 16:15 . 2011-11-05 16:15 16384 c:windowsTempPerflib_Perfdata_104.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "Skype"="c:program filesSkypePhoneSkype.exe" [2011-07-29 17361032] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "Six Engine"="c:program filesASUSEPU-4 EngineFourEngine.exe" [2008-07-23 5625344] "LogMeIn GUI"="c:program filesLogMeInx86LogMeInSystray.exe" [2008-07-24 63048] "RTHDCPL"="RTHDCPL.EXE" [2009-12-25 18789408] "LifeCam"="c:program filesMicrosoft LifeCamLifeExp.exe" [2007-05-17 279912] "VX1000"="c:windowsvVX1000.exe" [2007-04-10 709992] "MSC"="c:program filesMicrosoft Security Clientmsseces.exe" [2011-06-15 997920] "AppleSyncNotifier"="c:program filesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe" [2011-04-20 58656] "iTunesHelper"="c:program filesiTunesiTunesHelper.exe" [2011-06-07 421160] "PWRISOVM.EXE"="c:program filesPowerISOPWRISOVM.EXE" [2011-06-15 307200] "UVS10 Preload"="c:program filesUlead SystemsUlead VideoStudio SE DVDuvPL.exe" [2006-08-09 36864] "WinDVR SchSvr"="c:program filesCommon FilesInterVideoSchSvrSchSvr.exe" [2003-06-06 151552] "D-Link D-Link DWA-125"="c:program filesD-LinkDWA-125 revAAirGCFG.exe" [2009-10-19 995328] "WZCSLDR2"="c:program filesD-LinkDWA-125 revAWZCSLDR2.exe" [2009-10-19 122880] "Info Center"="c:program filesPCPitstopInfo CenterInfoCenter.exe" [2011-09-26 24216] "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2011-06-09 254696] . [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun] "CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:progra~1COMMON~1MICROS~1DWdwtrig20.exe" [2011-07-27 434080] . c:documents and settingsmamaMenu StartProgramma'sOpstarten SpywareGuard.lnk - c:program filesSpywareGuardsgmain.exe [2003-8-29 360448] . c:documents and settingsAll UsersMenu StartProgramma'sOpstarten InterVideo WinCinema Manager.lnk - c:program filesInterVideoCommonBinWinCinemaMgr.exe [2011-8-13 131072] . [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2011-10-30 113024] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon] 2009-09-22 05:43 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLMIinit] 2011-10-08 06:50 87424 ----a-w- c:windowssystem32LMIinit.dll . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE] @="" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc] @="Service" . [HKLM~startupfolderC:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hp psc 1000 series.lnk] path=c:documents and settingsAll UsersMenu StartProgramma'sOpstartenhp psc 1000 series.lnk backup=c:windowspsshp psc 1000 series.lnkCommon Startup . [HKLM~startupfolderC:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hpoddt01.exe.lnk] path=c:documents and settingsAll UsersMenu StartProgramma'sOpstartenhpoddt01.exe.lnk backup=c:windowspsshpoddt01.exe.lnkCommon Startup . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:program filesQuickTimeQTTask.exe . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%system32sessmgr.exe"= "%windir%Network Diagnosticxpnetdiag.exe"= "c:Program FilesMessengermsmsgs.exe"= "c:WINDOWSDownloaded Program FilesPurpleBean.exe"= "c:ijjiENGLISHu_sfsoldierfront.exe"= "c:WINDOWSsystem32PnkBstrA.exe"= "c:WINDOWSsystem32PnkBstrB.exe"= "c:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx9.exe"= "c:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx10.exe"= "c:Program FilesUbisoftAssassin's CreedAssassinsCreed_Launcher.exe"= "c:Program FilesActivisionCall of Duty - World at WarCoDWaW.exe"= "c:Program FilesActivisionCall of Duty - World at WarCoDWaWmp.exe"= "c:WINDOWSDownloaded Program FilesijjiOptimizer.exe"= "c:Program FilesMicrosoft LifeCamLifeCam.exe"= "c:Program FilesMicrosoft LifeCamLifeExp.exe"= "c:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4sp.exe"= "c:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4mp.exe"= "c:Program FilesGoogleGoogle Earthclientgoogleearth.exe"= "c:Program FilesWindows LiveMessengermsnmsgr.exe"= "c:Program FilesWindows LiveSyncWindowsLiveSync.exe"= "c:Program FilesWolfenstein - Enemy TerritoryET.exe"= "c:program filesMicrosoft ActiveSyncrapimgr.exe"= c:program filesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:program filesMicrosoft ActiveSyncwcescomm.exe"= c:program filesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:program filesMicrosoft ActiveSyncWCESMgr.exe"= c:program filesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:Program FilesBonjourmDNSResponder.exe"= "c:Program FilesSafariSafari.exe"= "c:Program FilesiTunesiTunes.exe"= "c:Program FilesActivisionCall of Duty 2CoD2MP_s.exe"= "c:Program FilesActivisionCall of Duty 4 - Modern Warfareiw3mp.exe"= "c:Program FilesSkypePhoneSkype.exe"= . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "1620:UDP"= 1620:UDP:Windows Media Format SDK (wmplayer.exe) "1621:UDP"= 1621:UDP:Windows Media Format SDK (wmplayer.exe) "1624:UDP"= 1624:UDP:Windows Media Format SDK (wmplayer.exe) . R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [14/05/2009 13:22 12880] R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [14/05/2009 13:22 67664] R2 !SASCORE;SAS Core Service;c:program filesSUPERAntiSpywareSASCORE.EXE [12/06/2011 19:53 116608] R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:program filesEmsisoft Anti-Malwarea2service.exe [13/06/2011 16:44 3045688] R2 ANPD;ANPD Service;c:windowssystem32ANPD.SYS [30/10/2011 7:16 29411] R2 LMIGuardianSvc;LMIGuardianSvc;c:program filesLogMeInx86LMIGuardianSvc.exe [5/10/2010 11:45 374152] R2 LMIInfo;LogMeIn Kernel Information Provider;c:program filesLogMeInx86rainfo.sys [24/07/2008 17:46 12856] S1 MpKsl2a03b60a;MpKsl2a03b60a;??c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{7262EA36-DCEB-49B7-87AB-3885AE2C843C}MpKsl2a03b60a.sys --> c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{7262EA36-DCEB-49B7-87AB-3885AE2C843C}MpKsl2a03b60a.sys [?] S1 MpKslb124d8ed;MpKslb124d8ed;??c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{56BFF251-6282-460B-B669-266224A92BB0}MpKslb124d8ed.sys --> c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{56BFF251-6282-460B-B669-266224A92BB0}MpKslb124d8ed.sys [?] S1 MpKsld0e9bdc2;MpKsld0e9bdc2;??c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{70379D85-E50B-44FF-86E2-CFC904337769}MpKsld0e9bdc2.sys --> c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{70379D85-E50B-44FF-86E2-CFC904337769}MpKsld0e9bdc2.sys [?] S3 a2acc;a2acc;c:program filesEmsisoft Anti-Malwarea2accx86.sys [13/06/2011 16:44 73728] S3 Ambfilt;Ambfilt;c:windowssystem32driversAmbfilt.sys [22/05/2009 8:06 1691480] S3 D_Link_DWA-125;D_Link_DWA-125 Service;c:program filesD-LinkDWA-125 revAANIWZCSdS.exe [30/10/2011 7:16 126976] S3 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:program filesD-LinkDWA-125 revAANIWConnService.exe [30/10/2011 7:16 40960] S3 gupdate;Google Updateservice (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [22/11/2009 19:04 135664] S3 gupdatem;Google Update-service (gupdatem);c:program filesGoogleUpdateGoogleUpdate.exe [22/11/2009 19:04 135664] S3 NPF;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [6/11/2007 21:22 34064] S3 npggsvc;nProtect GameGuard Service;c:windowssystem32GameMon.des -service --> c:windowssystem32GameMon.des -service [?] S3 PCPitstop Scheduling;PCPitstop Scheduling;c:program filesPCPitstopPCPitstopScheduleService.exe [30/10/2011 17:53 91816] S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [14/05/2009 13:22 12872] S3 SMIGrabber3C;SMI Grabber Device Tuner Filter 3C;c:windowssystem32driversSmiUsbGrabber3C.sys [10/08/2011 18:03 805632] . Inhoud van de 'Gedeelde Taken' map . 2011-08-25 c:windowsTasksAppleSoftwareUpdate.job - c:program filesApple Software UpdateSoftwareUpdate.exe [2009-10-22 15:57] . 2009-06-04 c:windowsTasksFRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1200 series272A572217594EBCF1CEE215E352B92AD073FDE4243881968.job - c:program filesHewlett-PackardDigital ImagingBinhpqfrucl.exe [2003-04-09 15:56] . 2011-11-06 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program filesGoogleUpdateGoogleUpdate.exe [2009-11-22 18:04] . 2011-11-05 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program filesGoogleUpdateGoogleUpdate.exe [2009-11-22 18:04] . 2011-11-06 c:windowsTasksMP Scheduled Scan.job - c:program filesMicrosoft Security ClientAntimalwareMpCmdRun.exe [2011-04-27 13:39] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab FF - ProfilePath - c:documents and settingsmamaApplication DataMozillaFirefoxProfileshefq8rku.default FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - about:home . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-06 17:15 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINESystemControlSet001Servicesnpggsvc] "ImagePath"="c:windowssystem32GameMon.des -service" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(708) c:program filesSUPERAntiSpywareSASWINLO.DLL c:windowssystem32LMIinit.dll c:windowssystem32LMIRfsClientNP.dll . - - - - - - - > 'explorer.exe'(3008) c:windowssystem32webcheck.dll c:windowssystem32WPDShServiceObj.dll c:windowssystem32PortableDeviceTypes.dll c:windowssystem32PortableDeviceApi.dll . Voltooingstijd: 2011-11-06 17:16:45 ComboFix-quarantined-files.txt 2011-11-06 16:16 ComboFix2.txt 2011-11-05 16:34 . Pre-Run: 34.592.882.688 bytes beschikbaar Post-Run: 34.581.741.568 bytes beschikbaar . - - End Of File - - 14E0B88EFB3CC5716D4D3F71F4904C67
  6. Hello JonTom, I missed this a few posts back ... This computer has 1 HD divided in two partitions.: c:/ with the os en programs and d:/ with the data. Here is the Combofixlog ComboFix 11-11-05.02 - mama 05/11/2011 17:30:21.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3327.2559 [GMT 1:00] Gestart vanuit: c:documents and settingsmamaBureaubladComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:documents and settingsAll UsersApplication DataTEMP c:windowsjestertb.dll d:documents and settingsmamaMijn documenten~WRL0005.tmp . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-05 to 2011-11-05 )))))))))))))))))))))))))))))) . . 2011-11-05 16:26 . 2011-11-05 16:26 56200 ----a-w- c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{4610ACF3-2D33-4F6A-B07B-EA1FA43E494D}offreg.dll 2011-11-05 16:26 . 2011-10-07 03:48 6668624 ----a-w- c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{4610ACF3-2D33-4F6A-B07B-EA1FA43E494D}mpengine.dll 2011-11-03 13:48 . 2011-11-03 13:48 -------- d-----w- c:program filesESET 2011-11-03 13:46 . 2011-11-03 13:46 -------- d-----w- c:program filesCommon FilesJava 2011-11-03 13:46 . 2011-10-03 04:06 472808 ----a-w- c:windowssystem32deployJava1.dll 2011-11-03 13:36 . 2011-11-03 13:36 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2011-11-03 13:36 . 2011-08-31 16:00 22216 ----a-w- c:windowssystem32driversmbam.sys 2011-11-03 13:31 . 2011-11-03 13:31 -------- d-----w- C:_OTL 2011-11-02 10:25 . 2011-11-05 14:58 -------- d--h--r- c:documents and settingsmamaOnlangs geopend 2011-11-01 11:01 . 2011-11-01 11:01 -------- d-----w- c:program filesSIW 2011-10-30 20:44 . 2011-10-30 20:44 388096 ----a-r- c:documents and settingsmamaApplication DataMicrosoftInstaller{45A66726-69BC-466B-A7A4-12FCBA4883D7}HiJackThis.exe 2011-10-30 20:44 . 2011-10-30 20:44 -------- d-----w- c:program filesTrend Micro 2011-10-30 16:56 . 2011-10-30 16:56 -------- d-----w- c:documents and settingsAll UsersApplication DataPCPitstopDat 2011-10-30 08:56 . 2011-10-30 08:56 -------- d--h--r- c:documents and settingsAdministratorOnlangs geopend 2011-10-30 08:54 . 2011-10-30 08:54 -------- d-sh--w- c:documents and settingsAdministratorIECompatCache 2011-10-30 08:53 . 2011-10-30 08:54 -------- d-----w- c:documents and settingsAdministratorLocal SettingsApplication DataConduitEngine 2011-10-30 06:16 . 2011-10-30 06:16 48640 ----a-w- c:windowssystem32ANPD64.SYS 2011-10-30 06:16 . 2011-10-30 06:16 34008 ----a-w- c:windowssystem32ANPD.VXD 2011-10-30 06:16 . 2011-10-30 06:16 315392 ----a-w- c:windowssystem32ANPDApi.dll 2011-10-30 06:16 . 2011-10-30 06:16 29411 ----a-w- c:windowssystem32ANPD.SYS 2011-10-30 06:15 . 2009-09-15 13:09 779136 ----a-w- c:windowssystem32driversDrt2870.sys 2011-10-30 06:15 . 2009-09-15 13:08 221184 ----a-w- c:windowssystem32RaCoInst.dll 2011-10-30 06:15 . 2011-10-30 06:15 -------- d-----w- c:program filesD-Link 2011-10-30 06:15 . 2011-10-30 06:15 -------- d-----w- c:documents and settingsAdministratorApplication DataInstallShield 2011-10-30 06:13 . 2011-10-30 06:13 -------- d-----w- c:documents and settingsAdministratorApplication DataUlead Systems 2011-10-30 06:13 . 2011-10-30 06:13 -------- d-----w- c:documents and settingsAdministratorApplication DataApple Computer 2011-10-19 14:31 . 2011-10-19 14:31 -------- d-----w- c:documents and settingsAll UsersApplication DataHEMA Fotoservice 2011-10-19 14:31 . 2011-10-19 14:31 -------- d-----w- c:program filesHEMA Fotoservice 2011-10-13 17:56 . 2011-10-19 13:58 -------- d-----w- c:documents and settingsAll UsersApplication Datatmp 2011-10-13 17:56 . 2011-10-13 17:56 -------- d-----w- c:documents and settingsAll UsersApplication Datahps 2011-10-13 17:55 . 2011-10-13 17:55 -------- d-----w- c:program filesbol.com . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-02 13:11 . 2011-06-07 16:11 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2011-10-08 06:50 . 2009-05-22 20:24 52096 ----a-w- c:windowssystem32Spoolprtprocsw32x86LMIproc.dll 2011-10-08 06:50 . 2009-05-22 20:24 83360 ----a-w- c:windowssystem32LMIRfsClientNP.dll 2011-10-08 06:50 . 2009-05-22 20:24 30592 ----a-w- c:windowssystem32LMIport.dll 2011-10-08 06:50 . 2009-05-22 20:24 87424 ----a-w- c:windowssystem32LMIinit.dll 2011-10-07 03:48 . 2011-06-13 18:01 6668624 ----a-w- c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll 2011-10-03 01:37 . 2009-06-03 16:08 73728 ----a-w- c:windowssystem32javacpl.cpl 2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:windowssystem32uiautomationcore.dll 2011-09-26 09:41 . 2004-08-04 12:00 23040 ----a-w- c:windowssystem32oleaccrc.dll 2011-09-26 09:41 . 2004-08-04 12:00 220160 ----a-w- c:windowssystem32oleacc.dll 2011-09-09 09:12 . 2004-08-04 12:00 602624 ----a-w- c:windowssystem32crypt32.dll 2011-09-06 14:09 . 2004-08-04 12:00 1859072 ----a-w- c:windowssystem32win32k.sys 2011-08-22 23:41 . 2004-08-04 12:00 916480 ----a-w- c:windowssystem32wininet.dll 2011-08-22 23:41 . 2004-08-04 12:00 43520 ----a-w- c:windowssystem32licmgr10.dll 2011-08-22 23:41 . 2004-08-04 12:00 1469440 ----a-w- c:windowssystem32inetcpl.cpl 2011-08-22 11:58 . 2004-08-04 12:00 385024 ----a-w- c:windowssystem32html.iec 2011-08-17 13:49 . 2004-08-04 12:00 138496 ----a-w- c:windowssystem32driversafd.sys 2011-08-13 12:00 . 2011-08-11 12:40 61244 ----a-w- c:windowssystem32x264vfw-uninstall.exe 2011-04-14 16:57 . 2011-04-29 14:24 142296 ----a-w- c:program filesmozilla firefoxcomponentsbrowsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "Skype"="c:program filesSkypePhoneSkype.exe" [2011-07-29 17361032] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "Six Engine"="c:program filesASUSEPU-4 EngineFourEngine.exe" [2008-07-23 5625344] "LogMeIn GUI"="c:program filesLogMeInx86LogMeInSystray.exe" [2008-07-24 63048] "RTHDCPL"="RTHDCPL.EXE" [2009-12-25 18789408] "LifeCam"="c:program filesMicrosoft LifeCamLifeExp.exe" [2007-05-17 279912] "VX1000"="c:windowsvVX1000.exe" [2007-04-10 709992] "MSC"="c:program filesMicrosoft Security Clientmsseces.exe" [2011-06-15 997920] "AppleSyncNotifier"="c:program filesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe" [2011-04-20 58656] "iTunesHelper"="c:program filesiTunesiTunesHelper.exe" [2011-06-07 421160] "PWRISOVM.EXE"="c:program filesPowerISOPWRISOVM.EXE" [2011-06-15 307200] "UVS10 Preload"="c:program filesUlead SystemsUlead VideoStudio SE DVDuvPL.exe" [2006-08-09 36864] "WinDVR SchSvr"="c:program filesCommon FilesInterVideoSchSvrSchSvr.exe" [2003-06-06 151552] "D-Link D-Link DWA-125"="c:program filesD-LinkDWA-125 revAAirGCFG.exe" [2009-10-19 995328] "WZCSLDR2"="c:program filesD-LinkDWA-125 revAWZCSLDR2.exe" [2009-10-19 122880] "Info Center"="c:program filesPCPitstopInfo CenterInfoCenter.exe" [2011-09-26 24216] "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2011-06-09 254696] . [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun] "CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:progra~1COMMON~1MICROS~1DWdwtrig20.exe" [2011-07-27 434080] . c:documents and settingsmamaMenu StartProgramma'sOpstarten SpywareGuard.lnk - c:program filesSpywareGuardsgmain.exe [2003-8-29 360448] . c:documents and settingsAll UsersMenu StartProgramma'sOpstarten InterVideo WinCinema Manager.lnk - c:program filesInterVideoCommonBinWinCinemaMgr.exe [2011-8-13 131072] . [hkey_local_machinesoftwaremicrosoftwindowscurrentversionexplorerShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:program filesSUPERAntiSpywareSASSEH.DLL" [2011-10-30 113024] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotify!SASWinLogon] 2009-09-22 05:43 548352 ----a-w- c:program filesSUPERAntiSpywareSASWINLO.DLL . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyLMIinit] 2011-10-08 06:50 87424 ----a-w- c:windowssystem32LMIinit.dll . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal!SASCORE] @="" . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc] @="Service" . [HKLM~startupfolderC:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hp psc 1000 series.lnk] path=c:documents and settingsAll UsersMenu StartProgramma'sOpstartenhp psc 1000 series.lnk backup=c:windowspsshp psc 1000 series.lnkCommon Startup . [HKLM~startupfolderC:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^hpoddt01.exe.lnk] path=c:documents and settingsAll UsersMenu StartProgramma'sOpstartenhpoddt01.exe.lnk backup=c:windowspsshpoddt01.exe.lnkCommon Startup . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregQuickTime Task] 2010-11-29 16:38 421888 ----a-w- c:program filesQuickTimeQTTask.exe . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%system32sessmgr.exe"= "%windir%Network Diagnosticxpnetdiag.exe"= "c:Program FilesMessengermsmsgs.exe"= "c:WINDOWSDownloaded Program FilesPurpleBean.exe"= "c:ijjiENGLISHu_sfsoldierfront.exe"= "c:WINDOWSsystem32PnkBstrA.exe"= "c:WINDOWSsystem32PnkBstrB.exe"= "c:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx9.exe"= "c:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx10.exe"= "c:Program FilesUbisoftAssassin's CreedAssassinsCreed_Launcher.exe"= "c:Program FilesActivisionCall of Duty - World at WarCoDWaW.exe"= "c:Program FilesActivisionCall of Duty - World at WarCoDWaWmp.exe"= "c:WINDOWSDownloaded Program FilesijjiOptimizer.exe"= "c:Program FilesMicrosoft LifeCamLifeCam.exe"= "c:Program FilesMicrosoft LifeCamLifeExp.exe"= "c:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4sp.exe"= "c:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4mp.exe"= "c:Program FilesGoogleGoogle Earthclientgoogleearth.exe"= "c:Program FilesWindows LiveMessengermsnmsgr.exe"= "c:Program FilesWindows LiveSyncWindowsLiveSync.exe"= "c:Program FilesWolfenstein - Enemy TerritoryET.exe"= "c:program filesMicrosoft ActiveSyncrapimgr.exe"= c:program filesMicrosoft ActiveSyncrapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:program filesMicrosoft ActiveSyncwcescomm.exe"= c:program filesMicrosoft ActiveSyncwcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:program filesMicrosoft ActiveSyncWCESMgr.exe"= c:program filesMicrosoft ActiveSyncWCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "c:Program FilesBonjourmDNSResponder.exe"= "c:Program FilesSafariSafari.exe"= "c:Program FilesiTunesiTunes.exe"= "c:Program FilesActivisionCall of Duty 2CoD2MP_s.exe"= "c:Program FilesActivisionCall of Duty 4 - Modern Warfareiw3mp.exe"= "c:Program FilesSkypePhoneSkype.exe"= . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "1620:UDP"= 1620:UDP:Windows Media Format SDK (wmplayer.exe) "1621:UDP"= 1621:UDP:Windows Media Format SDK (wmplayer.exe) "1624:UDP"= 1624:UDP:Windows Media Format SDK (wmplayer.exe) . R1 SASDIFSV;SASDIFSV;c:program filesSUPERAntiSpywareSASDIFSV.SYS [14/05/2009 13:22 12880] R1 SASKUTIL;SASKUTIL;c:program filesSUPERAntiSpywareSASKUTIL.SYS [14/05/2009 13:22 67664] R2 !SASCORE;SAS Core Service;c:program filesSUPERAntiSpywareSASCORE.EXE [12/06/2011 19:53 116608] R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:program filesEmsisoft Anti-Malwarea2service.exe [13/06/2011 16:44 3045688] R2 ANPD;ANPD Service;c:windowssystem32ANPD.SYS [30/10/2011 7:16 29411] R2 LMIGuardianSvc;LMIGuardianSvc;c:program filesLogMeInx86LMIGuardianSvc.exe [5/10/2010 11:45 374152] R2 LMIInfo;LogMeIn Kernel Information Provider;c:program filesLogMeInx86rainfo.sys [24/07/2008 17:46 12856] S1 MpKsl2a03b60a;MpKsl2a03b60a;??c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{7262EA36-DCEB-49B7-87AB-3885AE2C843C}MpKsl2a03b60a.sys --> c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{7262EA36-DCEB-49B7-87AB-3885AE2C843C}MpKsl2a03b60a.sys [?] S1 MpKslb124d8ed;MpKslb124d8ed;??c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{56BFF251-6282-460B-B669-266224A92BB0}MpKslb124d8ed.sys --> c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{56BFF251-6282-460B-B669-266224A92BB0}MpKslb124d8ed.sys [?] S1 MpKsld0e9bdc2;MpKsld0e9bdc2;??c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{70379D85-E50B-44FF-86E2-CFC904337769}MpKsld0e9bdc2.sys --> c:documents and settingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{70379D85-E50B-44FF-86E2-CFC904337769}MpKsld0e9bdc2.sys [?] S3 a2acc;a2acc;c:program filesEmsisoft Anti-Malwarea2accx86.sys [13/06/2011 16:44 73728] S3 Ambfilt;Ambfilt;c:windowssystem32driversAmbfilt.sys [22/05/2009 8:06 1691480] S3 D_Link_DWA-125;D_Link_DWA-125 Service;c:program filesD-LinkDWA-125 revAANIWZCSdS.exe [30/10/2011 7:16 126976] S3 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:program filesD-LinkDWA-125 revAANIWConnService.exe [30/10/2011 7:16 40960] S3 gupdate;Google Updateservice (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [22/11/2009 19:04 135664] S3 gupdatem;Google Update-service (gupdatem);c:program filesGoogleUpdateGoogleUpdate.exe [22/11/2009 19:04 135664] S3 NPF;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [6/11/2007 21:22 34064] S3 npggsvc;nProtect GameGuard Service;c:windowssystem32GameMon.des -service --> c:windowssystem32GameMon.des -service [?] S3 PCPitstop Scheduling;PCPitstop Scheduling;c:program filesPCPitstopPCPitstopScheduleService.exe [30/10/2011 17:53 91816] S3 SASENUM;SASENUM;c:program filesSUPERAntiSpywareSASENUM.SYS [14/05/2009 13:22 12872] S3 SMIGrabber3C;SMI Grabber Device Tuner Filter 3C;c:windowssystem32driversSmiUsbGrabber3C.sys [10/08/2011 18:03 805632] . Inhoud van de 'Gedeelde Taken' map . 2011-08-25 c:windowsTasksAppleSoftwareUpdate.job - c:program filesApple Software UpdateSoftwareUpdate.exe [2009-10-22 15:57] . 2009-06-04 c:windowsTasksFRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1200 series272A572217594EBCF1CEE215E352B92AD073FDE4243881968.job - c:program filesHewlett-PackardDigital ImagingBinhpqfrucl.exe [2003-04-09 15:56] . 2011-11-05 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program filesGoogleUpdateGoogleUpdate.exe [2009-11-22 18:04] . 2011-11-05 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program filesGoogleUpdateGoogleUpdate.exe [2009-11-22 18:04] . 2011-11-05 c:windowsTasksMP Scheduled Scan.job - c:program filesMicrosoft Security ClientAntimalwareMpCmdRun.exe [2011-04-27 13:39] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab FF - ProfilePath - c:documents and settingsmamaApplication DataMozillaFirefoxProfileshefq8rku.default FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17243 FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&AF=17243&q= . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) MSConfigStartUp-SunJavaUpdateSched - c:program filesJavajre6binjusched.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-05 17:33 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINESystemControlSet001Servicesnpggsvc] "ImagePath"="c:windowssystem32GameMon.des -service" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(708) c:program filesSUPERAntiSpywareSASWINLO.DLL c:windowssystem32LMIinit.dll c:windowssystem32LMIRfsClientNP.dll . Voltooingstijd: 2011-11-05 17:34:08 ComboFix-quarantined-files.txt 2011-11-05 16:34 . Pre-Run: 34.522.189.824 bytes beschikbaar Post-Run: 34.536.259.584 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS [operating systems] c:cmdconsBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - CA85724A274B0042712D6BF867B5845A
  7. Hello JonTom, Here are the requested logs: OTL-FIX Log All processes killed ========== OTL ========== No active process named explorer.exe was found! Prefs.js: "http://search.babylo...search&AF=17243" removed from browser.search.defaulturl Prefs.js: "http://search.babylo...rtrp&AF=17243=" removed from keyword.URL C:Documents and SettingsmamaApplication DataBabylonToolbar folder moved successfully. File rity] not found. File ptytemp] not found. File ptyflash] not found. File art explorer] not found. File boot] not found. OTL by OldTimer - Version 3.2.31.0 log created on 11052011_151730 FilesFolders moved on Reboot... Registry entries deleted on Reboot... Malwarebytes Antimalware log Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8090 Windows 5.1.2600 Service Pack 3 Internet Explorer Unknown 5/11/2011 15:33:05 mbam-log-2011-11-05 (15-33-05).txt Scan type: Quick scan Objects scanned: 229265 Time elapsed: 3 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) OTL SCAn log OTL logfile created on: 5/11/2011 15:50:10 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsmamaBureaublad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = ) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 3,25 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 79,98% Memory free 5,09 Gb Paging File | 4,60 Gb Available in Paging File | 90,38% Paging File free Paging file location(s): C:pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 146,48 Gb Total Space | 32,29 Gb Free Space | 22,05% Space Free | Partition Type: NTFS Drive D: | 151,61 Gb Total Space | 141,39 Gb Free Space | 93,26% Space Free | Partition Type: NTFS Computer Name: FRANCINE | User Name: mama | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/11/03 07:09:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe PRC - [2011/10/30 17:06:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:Program FilesSUPERAntiSpywareSASCORE.EXE PRC - [2011/10/30 07:47:56 | 003,045,688 | ---- | M] (Emsi Software GmbH) -- C:Program FilesEmsisoft Anti-Malwarea2service.exe PRC - [2011/10/08 07:50:51 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86ramaint.exe PRC - [2011/10/08 07:50:35 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LMIGuardianSvc.exe PRC - [2011/09/26 12:27:08 | 000,024,216 | ---- | M] (PC Pitstop LLC) -- C:Program FilesPCPitstopInfo CenterInfoCenter.exe PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft Security Clientmsseces.exe PRC - [2011/06/15 07:19:14 | 000,307,200 | ---- | M] (PowerISO Computing, Inc.) -- C:Program FilesPowerISOPWRISOVM.EXE PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LogMeIn.exe PRC - [2009/10/19 19:03:50 | 000,995,328 | ---- | M] (D-Link Corp.) -- C:Program FilesD-LinkDWA-125 revAAirGCFG.exe PRC - [2009/10/19 18:39:38 | 000,122,880 | ---- | M] (Wireless Service) -- C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe PRC - [2008/07/24 17:46:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LogMeInSystray.exe PRC - [2008/07/23 16:04:20 | 005,625,344 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineFourEngine.exe PRC - [2008/04/14 18:02:58 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:WINDOWSexplorer.exe PRC - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft LifeCamMSCamS32.exe PRC - [2007/04/10 22:46:52 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:WINDOWSvVX1000.exe PRC - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:Program FilesSpywareGuardsgmain.exe PRC - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:Program FilesSpywareGuardsgbhp.exe PRC - [2003/06/06 16:52:32 | 000,151,552 | ---- | M] (InterVideo Inc.) -- C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe PRC - [2003/06/06 16:51:48 | 000,131,072 | ---- | M] () -- C:Program FilesInterVideoCommonBinWinCinemaMgr.exe ========== Modules (No Company Name) ========== MOD - [2011/10/30 07:16:16 | 000,315,392 | ---- | M] () -- C:WINDOWSsystem32ANPDApi.dll MOD - [2011/10/14 05:55:04 | 012,430,848 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Windows.Forms71a2ae9ad561a62181cbd9fb11e9de7aSystem.Windows.Forms.ni.dll MOD - [2011/10/14 05:54:46 | 001,587,200 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Drawingc10bea3c4bb7ef654651141bf9419090System.Drawing.ni.dll MOD - [2011/10/13 22:49:12 | 007,950,848 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32Systemaf39f6e644af02873b9bae319f2bfb13System.ni.dll MOD - [2011/10/13 22:49:02 | 011,490,816 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32mscorlibca87ba84221991839abbe7d4bc9c6721mscorlib.ni.dll MOD - [2009/10/19 18:59:12 | 000,274,432 | ---- | M] () -- C:Program FilesD-LinkDWA-125 revAwlanapp.dll MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:Program FilesCommon FilesAppleApple Application Supportzlib1.dll MOD - [2009/05/22 09:04:59 | 000,303,104 | ---- | M] () -- C:WINDOWSassemblyGAC_MSILmscorlib.resources2.0.0.0_nl_b77a5c561934e089mscorlib.resources.dll MOD - [2008/07/23 16:04:20 | 005,625,344 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineFourEngine.exe MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:WINDOWSsystem32AsIO.dll MOD - [2005/05/11 15:39:32 | 000,565,248 | ---- | M] () -- C:Program FilesASUSEPU-4 Enginepngio.dll MOD - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:Program FilesSpywareGuardsgmain.exe MOD - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:Program FilesSpywareGuardsgbhp.exe MOD - [2003/08/02 22:20:57 | 000,126,976 | R--- | M] () -- C:Program FilesSpywareGuardspywareguard.dll MOD - [2003/06/06 16:51:48 | 000,131,072 | ---- | M] () -- C:Program FilesInterVideoCommonBinWinCinemaMgr.exe ========== Win32 Services (SafeList) ========== SRV - [2011/10/30 17:06:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:Program FilesSUPERAntiSpywareSASCORE.EXE -- (!SASCORE) SRV - [2011/10/30 07:47:56 | 003,045,688 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:Program FilesEmsisoft Anti-Malwarea2service.exe -- (a2AntiMalware) SRV - [2011/10/26 11:42:32 | 000,091,816 | ---- | M] (PC Pitstop LLC) [On_Demand | Stopped] -- C:Program FilesPCPitstopPCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2011/10/08 07:50:51 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86RaMaint.exe -- (LMIMaint) SRV - [2011/10/08 07:50:35 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe -- (MsMpSvc) SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86LogMeIn.exe -- (LogMeIn) SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe -- (ACDaemon) SRV - [2009/08/21 09:27:26 | 000,126,976 | ---- | M] (Wireless Service) [On_Demand | Stopped] -- C:Program FilesD-LinkDWA-125 revAANIWZCSdS.exe -- (D_Link_DWA-125) SRV - [2009/07/07 19:49:20 | 000,040,960 | ---- | M] () [On_Demand | Stopped] -- C:Program FilesD-LinkDWA-125 revAANIWConnService.exe -- (D_Link_DWA-125_WPS) SRV - [2009/05/20 09:50:20 | 002,772,302 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:WINDOWSSystem32GameMon.des -- (npggsvc) SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:Program FilesWinPcaprpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft LifeCamMSCamS32.exe -- (MSCamSvc) SRV - [2006/09/28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [On_Demand | Stopped] -- C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe -- (UleadBurningHelper) SRV - [2003/03/09 20:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:WINDOWSsystem32HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - [2011/11/05 15:18:31 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{C21752B9-DDF7-4BCD-A63C-7B802231E310}MpKsl366bbe98.sys -- (MpKsl366bbe98) DRV - [2011/11/05 14:39:21 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{C21752B9-DDF7-4BCD-A63C-7B802231E310}MpKslf92cd221.sys -- (MpKslf92cd221) DRV - [2011/10/30 17:06:43 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywareSASKUTIL.SYS -- (SASKUTIL) DRV - [2011/10/30 17:06:42 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywareSASDIFSV.SYS -- (SASDIFSV) DRV - [2011/10/30 07:16:16 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:WINDOWSsystem32ANPD.SYS -- (ANPD) DRV - [2011/10/08 07:50:36 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:WINDOWSSystem32LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2011/06/15 09:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:WINDOWSSystem32driversscdemu.sys -- (SCDEmu) DRV - [2011/06/12 19:53:30 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:Program FilesSUPERAntiSpywareSASENUM.SYS -- (SASENUM) DRV - [2011/02/20 20:30:06 | 000,073,728 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:Program FilesEmsisoft Anti-Malwarea2accx86.sys -- (a2acc) DRV - [2011/01/26 10:31:28 | 000,805,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversSmiUsbGrabber3C.sys -- (SMIGrabber3C) DRV - [2009/12/25 18:26:30 | 006,039,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversRtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversMonfilt.sys -- (Monfilt) DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversAmbfilt.sys -- (Ambfilt) DRV - [2009/10/23 17:10:10 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:WINDOWSSystem32driversStarOpen.sys -- (StarOpen) DRV - [2009/09/15 14:09:22 | 000,779,136 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversDrt2870.sys -- (rt2870) DRV - [2009/08/05 21:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:WINDOWSsystem32driversfssfltr_tdi.sys -- (fssfltr) DRV - [2009/03/31 17:33:10 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversl1e51x86.sys -- (L1e) DRV - [2008/07/24 17:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:Program FilesLogMeInx86rainfo.sys -- (LMIInfo) DRV - [2008/07/24 17:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:WINDOWSsystem32driversLMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversnmnt.sys -- (nm) DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversMPE.sys -- (MPE) DRV - [2007/12/17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:WINDOWSsystem32driversAsIO.sys -- (AsIO) DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversnpf.sys -- (NPF) DRV - [2007/05/02 10:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 10:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 10:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2007/05/02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_mdm.sys -- (ss_mdm) DRV - [2007/05/02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_mdfl.sys -- (ss_mdfl) DRV - [2007/05/02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2007/04/10 22:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversVX1000.sys -- (VX1000) DRV - [2006/11/29 06:46:24 | 000,028,224 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversAPLMp50.sys -- (APLMp50) DRV - [2005/12/18 19:42:12 | 000,008,801 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:Program FilesDScalerDSDrv4.sys -- (DSDrv4) DRV - [2005/01/02 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32npptNT2.sys -- (NPPTNT2) DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversASACPI.sys -- (MTsensor) DRV - [2002/09/27 06:53:00 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driverspfc.sys -- (pfc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.be/ IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://be.msn.com/default.aspx?ocid=iehp IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = nl-be IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = 8A 69 41 C1 21 97 CC 01 [binary data] IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17243" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&AF=17243&q=" FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:WINDOWSsystem32MacromedFlashNPSWF32.dll () FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.) FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program FilesiTunesMozilla Pluginsnpitunes.dll () FF - HKLMSoftwareMozillaPlugins@Google.com/GoogleEarthPlugin: C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google) FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: C:Program FilesJavajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.) FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:Program FilesMicrosoft Silverlight4.0.60831.0npctrl.dll ( Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/OfficeLive,version=1.3: C:Program FilesMicrosoftOffice LivenpOLW.dll (Microsoft Corp.) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=14.0.8117.0416: C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program FilesGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.) FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program FilesGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxextensions{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:Program FilesArcSoftMedia Converter for PhilipsInternet Video DownloaderPlugin_FireFox [2010/03/07 12:38:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 4.0.1extensionsComponents: C:Program FilesMozilla Firefoxcomponents [2011/10/30 16:01:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 4.0.1extensionsPlugins: C:Program FilesMozilla Firefoxplugins [2011/02/22 16:50:36 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsmamaApplication DataMozillaExtensions [2011/10/30 12:10:16 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsmamaApplication DataMozillaFirefoxProfileshefq8rku.defaultextensions [2011/11/03 14:46:17 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxextensions [2011/08/10 17:54:30 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:Program FilesMozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/11/03 14:46:17 | 000,000,000 | ---D | M] (Java Console) -- C:Program FilesMozilla Firefoxextensions{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2009/06/03 17:08:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:PROGRAM FILESJAVAJRE6LIBDEPLOYJQSFF [2009/09/01 20:55:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:WINDOWSMICROSOFT.NETFRAMEWORKV3.5WINDOWS PRESENTATION FOUNDATIONDOTNETASSISTANTEXTENSION [2011/04/14 17:57:43 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:Program Filesmozilla firefoxcomponentsbrowsercomps.dll [2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsbing.xml [2010/01/01 09:00:00 | 000,001,892 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsbolcom-nl.xml [2010/01/01 09:00:00 | 000,004,558 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsmarktplaats-nl.xml [2010/01/01 09:00:00 | 000,001,111 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsvandale-nl.xml [2010/01/01 09:00:00 | 000,001,049 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginswikipedia-nl.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:WINDOWSsystem32MacromedFlashNPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin7.dll CHR - plugin: Java Platform SE 6 U16 (Enabled) = C:Program FilesJavajre6binnew_pluginnpjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:Program FilesMicrosoft Silverlight4.0.60531.0npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:WINDOWSsystem32AdobeDirectornp32dsw.dll CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:Program FilesRealRealPlayerNetscape6nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:Program FilesRealRealPlayerNetscape6nprpjplug.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:Program FilesWindows Media Playernpdsplay.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:Program FilesMicrosoftOffice LivenpOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.5.0.8013_0npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:Program FilesAdobeReader 9.0ReaderBrowsernppdf32.dll CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpdrmv2.dll CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpwmsdrm.dll CHR - plugin: Google Earth Plugin (Enabled) = C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll CHR - plugin: Google Update (Enabled) = C:Program FilesGoogleUpdate1.3.21.69npGoogleUpdate3.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:Program FilesRealRealPlayerNetscape6nprjplug.dll CHR - plugin: Windows Liveu00AE Photo Gallery (Enabled) = C:Program FilesWindows LivePhoto GalleryNPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:Program FilesiTunesMozilla Pluginsnpitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.4_0 CHR - Extension: Click to call with Skype = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.5.0.8013_0 O1 HOSTS File: ([2009/05/22 19:08:20 | 000,611,053 | ---- | M]) - C:WINDOWSsystem32driversetcHOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 acezip.net #[siteAdvisor.acezip.net] O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions] O1 - Hosts: 127.0.0.1 phpadsnew.abac.com O1 - Hosts: 127.0.0.1 a.abnad.net O1 - Hosts: 127.0.0.1 b.abnad.net O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie] O1 - Hosts: 127.0.0.1 d.abnad.net O1 - Hosts: 127.0.0.1 e.abnad.net O1 - Hosts: 127.0.0.1 t.abnad.net O1 - Hosts: 127.0.0.1 z.abnad.net O1 - Hosts: 127.0.0.1 banners.absolpublisher.com O1 - Hosts: 127.0.0.1 tracking.absolstats.com O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 gtb5.acecounter.com O1 - Hosts: 127.0.0.1 gtb19.acecounter.com O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie] O1 - Hosts: 16309 more lines... O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..Run: [D-Link D-Link DWA-125] C:Program FilesD-LinkDWA-125 revAAirGCFG.exe (D-Link Corp.) O4 - HKLM..Run: [info Center] C:Program FilesPCPitstopInfo CenterInfoCenter.exe (PC Pitstop LLC) O4 - HKLM..Run: [LifeCam] C:Program FilesMicrosoft LifeCamLifeExp.exe (Microsoft Corporation) O4 - HKLM..Run: [LogMeIn GUI] C:Program FilesLogMeInx86LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..Run: [MSC] C:Program FilesMicrosoft Security Clientmsseces.exe (Microsoft Corporation) O4 - HKLM..Run: [PWRISOVM.EXE] C:Program FilesPowerISOPWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..Run: [six Engine] C:Program FilesASUSEPU-4 EngineFourEngine.exe () O4 - HKLM..Run: [uVS10 Preload] C:Program FilesUlead SystemsUlead VideoStudio SE DVDuvPL.exe (Ulead Systems, Inc.) O4 - HKLM..Run: [VX1000] C:WINDOWSvVX1000.exe (Microsoft Corporation) O4 - HKLM..Run: [WinDVR SchSvr] C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe (InterVideo Inc.) O4 - HKLM..Run: [WZCSLDR2] C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe (Wireless Service) O4 - HKCU..RunOnce: [shockwave Updater] C:WINDOWSsystem32AdobeShockwave 11SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.dadsproject.com/Klokkijken/klokkijken.php" File not found O4 - Startup: C:Documents and SettingsAll UsersMenu StartProgramma'sOpstartenInterVideo WinCinema Manager.lnk = C:Program FilesInterVideoCommonBinWinCinemaMgr.exe () O4 - Startup: C:Documents and SettingsmamaMenu StartProgramma'sOpstartenSpywareGuard.lnk = C:Program FilesSpywareGuardsgmain.exe () O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5Catalog_Entries000000000004 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.) O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (VersionControl Class) O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243013861984 (MUWebControl Class) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 195.130.130.4 195.130.131.4 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{4F52C767-993D-4BB5-AE28-5E54599325CC}: DhcpNameServer = 195.130.131.132 195.130.130.4 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{57CC1820-8280-407F-8BB2-EB8E5714DF5F}: DhcpNameServer = 195.130.130.4 195.130.131.4 O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:WINDOWSexplorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) -C:WINDOWSsystem32userinit.exe (Microsoft Corporation) O20 - WinlogonNotify!SASWinLogon: DllName - (C:Program FilesSUPERAntiSpywareSASWINLO.DLL) - C:Program FilesSUPERAntiSpywareSASWINLO.DLL (SUPERAntiSpyware.com) O20 - WinlogonNotifyLMIinit: DllName - (LMIinit.dll) - C:WINDOWSSystem32LMIinit.dll (LogMeIn, Inc.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:Program FilesSpywareGuardspywareguard.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM..comfile [open] -- "%1" %* O35 - HKLM..exefile [open] -- "%1" %* O37 - HKLM...com [@ = comfile] -- "%1" %* O37 - HKLM...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/11/03 14:48:47 | 000,000,000 | ---D | C] -- C:Program FilesESET [2011/11/03 14:46:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataSun [2011/11/03 14:46:23 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesJava [2011/11/03 14:46:16 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32deployJava1.dll [2011/11/03 14:46:16 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32javaws.exe [2011/11/03 14:46:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32javaw.exe [2011/11/03 14:46:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32java.exe [2011/11/03 14:36:18 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sMalwarebytes' Anti-Malware [2011/11/03 14:36:14 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys [2011/11/03 14:36:14 | 000,000,000 | ---D | C] -- C:Program FilesMalwarebytes' Anti-Malware [2011/11/03 14:35:40 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:Documents and SettingsmamaBureaubladmbam-setup-1.51.2.1300.exe [2011/11/03 14:31:22 | 000,000,000 | ---D | C] -- C:_OTL [2011/11/03 07:09:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe [2011/11/02 11:25:29 | 000,000,000 | RH-D | C] -- C:Documents and SettingsmamaOnlangs geopend [2011/11/01 12:01:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sSIW [2011/11/01 12:01:21 | 000,000,000 | ---D | C] -- C:Program FilesSIW [2011/11/01 09:52:47 | 000,000,000 | ---D | C] -- C:Documents and SettingsmamaBureaubladgmer [2011/11/01 09:48:59 | 000,000,000 | R--D | C] -- C:Documents and SettingsmamaMenu StartProgramma'sSysteembeheer [2011/11/01 09:46:37 | 000,607,260 | R--- | C] (Swearware) -- C:Documents and SettingsmamaBureaubladdds.scr [2011/10/30 21:44:36 | 000,000,000 | ---D | C] -- C:Program FilesTrend Micro [2011/10/30 21:44:36 | 000,000,000 | ---D | C] -- C:Documents and SettingsmamaMenu StartProgramma'sHiJackThis [2011/10/30 17:56:16 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataPCPitstopDat [2011/10/30 17:54:02 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sPC Pitstop [2011/10/30 14:57:11 | 000,000,000 | ---D | C] -- C:WINDOWSCSC [2011/10/30 12:09:43 | 000,000,000 | ---D | C] -- D:Documents and SettingsmamaMijn documentenDownloads [2011/10/30 07:17:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sD-Link [2011/10/30 07:15:34 | 000,779,136 | ---- | C] (Ralink Technology, Corp.) -- C:WINDOWSSystem32driversDrt2870.sys [2011/10/30 07:15:33 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:WINDOWSSystem32RaCoInst.dll [2011/10/30 07:15:32 | 000,000,000 | ---D | C] -- C:Program FilesD-Link [2011/10/19 15:31:35 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sHEMA Fotoservice [2011/10/19 15:31:15 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataHEMA Fotoservice [2011/10/19 15:31:13 | 000,000,000 | ---D | C] -- C:Program FilesHEMA Fotoservice [2011/10/13 18:56:57 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication Datatmp [2011/10/13 18:56:56 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication Datahps [2011/10/13 18:56:38 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sbol.com fotoservice [2011/10/13 18:55:38 | 000,000,000 | ---D | C] -- C:Program Filesbol.com [1 D:Documents and SettingsmamaMijn documenten*.tmp files -> D:Documents and SettingsmamaMijn documenten*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/11/05 15:27:55 | 000,003,284 | ---- | M] () -- C:WINDOWSSystem32ANIWZCS{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/11/05 15:27:46 | 000,000,005 | ---- | M] () -- C:WINDOWSSystem32ANIWZCSUSERNAME{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/11/05 15:25:08 | 000,002,206 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl [2011/11/05 15:25:07 | 000,001,040 | ---- | M] () -- C:WINDOWStasksGoogleUpdateTaskMachineCore.job [2011/11/05 15:25:07 | 000,000,280 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-1005.job [2011/11/05 15:25:07 | 000,000,276 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-1003.job [2011/11/05 15:25:06 | 000,000,294 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/11/05 15:23:32 | 000,000,424 | -H-- | M] () -- C:WINDOWStasksMP Scheduled Scan.job [2011/11/05 15:18:21 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat [2011/11/05 15:17:34 | 000,708,380 | ---- | M] () -- C:WINDOWSSystem32perfh013.dat [2011/11/05 15:17:34 | 000,608,586 | ---- | M] () -- C:WINDOWSSystem32perfh009.dat [2011/11/05 15:17:34 | 000,187,392 | ---- | M] () -- C:WINDOWSSystem32perfc013.dat [2011/11/05 15:17:34 | 000,144,254 | ---- | M] () -- C:WINDOWSSystem32perfc009.dat [2011/11/05 15:00:00 | 000,001,044 | ---- | M] () -- C:WINDOWStasksGoogleUpdateTaskMachineUA.job [2011/11/03 16:40:10 | 000,039,570 | ---- | M] () -- C:Documents and SettingsmamaBureaubladesetscan.JPG [2011/11/03 14:36:18 | 000,000,784 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladMalwarebytes' Anti-Malware.lnk [2011/11/03 14:35:53 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:Documents and SettingsmamaBureaubladmbam-setup-1.51.2.1300.exe [2011/11/03 07:09:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe [2011/11/02 14:14:00 | 000,000,288 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-1005.job [2011/11/02 14:11:21 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl [2011/11/02 11:22:07 | 000,005,120 | ---- | M] () -- C:Documents and SettingsmamaLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/01 12:01:27 | 000,000,610 | ---- | M] () -- C:Documents and SettingsmamaBureaubladSIW.lnk [2011/11/01 09:48:43 | 000,294,216 | ---- | M] () -- C:Documents and SettingsmamaBureaubladgmer.zip [2011/11/01 09:46:39 | 000,607,260 | R--- | M] (Swearware) -- C:Documents and SettingsmamaBureaubladdds.scr [2011/10/30 21:45:14 | 000,002,445 | ---- | M] () -- C:Documents and SettingsmamaBureaubladHiJackThis.lnk [2011/10/30 18:43:37 | 000,002,187 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladSafari.lnk [2011/10/30 18:25:42 | 000,000,244 | ---- | M] () -- C:Documents and SettingsmamaBureaubladToverboom InfoCentrum.url [2011/10/30 17:54:02 | 000,001,675 | ---- | M] () -- C:Documents and SettingsmamaBureaubladPC Matic.lnk [2011/10/30 17:22:29 | 000,002,493 | ---- | M] () -- C:Documents and SettingsmamaBureaubladMicrosoft Office Word 2007.lnk [2011/10/30 16:02:47 | 000,001,324 | ---- | M] () -- C:WINDOWSSystem32d3d9caps.dat [2011/10/30 14:45:40 | 000,000,284 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-1003.job [2011/10/30 14:39:23 | 000,000,211 | ---- | M] () -- C:Documents and SettingsmamaBureaubladDe Toverboom - WELKOM - Basisschool 'De Toverboom'. Kom alles te weten over onze school..url [2011/10/30 09:55:19 | 000,000,302 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:11 | 000,000,682 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladCCleaner.lnk [2011/10/30 07:17:24 | 000,001,682 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladWireless Connection Manager.lnk [2011/10/30 07:16:16 | 000,315,392 | ---- | M] () -- C:WINDOWSSystem32ANPDApi.dll [2011/10/30 07:16:16 | 000,048,640 | ---- | M] () -- C:WINDOWSSystem32ANPD64.SYS [2011/10/30 07:16:16 | 000,034,008 | ---- | M] () -- C:WINDOWSSystem32ANPD.VXD [2011/10/30 07:16:16 | 000,029,411 | ---- | M] () -- C:WINDOWSSystem32ANPD.SYS [2011/10/29 17:28:37 | 000,001,813 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladGoogle Chrome.lnk [2011/10/19 14:55:38 | 000,000,914 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladbol.com fotoservice.lnk [2011/10/19 14:55:38 | 000,000,884 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladCEWE Fotoshow.lnk [2011/10/14 05:51:45 | 000,293,272 | ---- | M] () -- C:WINDOWSSystem32FNTCACHE.DAT [2011/10/08 07:50:36 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIRfsClientNP.dll [2011/10/08 07:50:35 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIinit.dll [2011/10/08 07:50:35 | 000,030,592 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIport.dll [1 D:Documents and SettingsmamaMijn documenten*.tmp files -> D:Documents and SettingsmamaMijn documenten*.tmp -> ] ========== Files Created - No Company Name ========== [2011/11/03 16:40:10 | 000,039,570 | ---- | C] () -- C:Documents and SettingsmamaBureaubladesetscan.JPG [2011/11/03 14:36:18 | 000,000,784 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladMalwarebytes' Anti-Malware.lnk [2011/11/02 11:20:44 | 000,005,120 | ---- | C] () -- C:Documents and SettingsmamaLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/01 12:01:27 | 000,000,610 | ---- | C] () -- C:Documents and SettingsmamaBureaubladSIW.lnk [2011/11/01 09:48:43 | 000,294,216 | ---- | C] () -- C:Documents and SettingsmamaBureaubladgmer.zip [2011/10/30 21:44:37 | 000,002,445 | ---- | C] () -- C:Documents and SettingsmamaBureaubladHiJackThis.lnk [2011/10/30 17:40:33 | 000,000,244 | ---- | C] () -- C:Documents and SettingsmamaBureaubladToverboom InfoCentrum.url [2011/10/30 09:55:20 | 000,000,294 | ---- | C] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:19 | 000,000,302 | ---- | C] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:11 | 000,000,682 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladCCleaner.lnk [2011/10/30 07:17:31 | 000,003,284 | ---- | C] () -- C:WINDOWSSystem32ANIWZCS{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/10/30 07:17:24 | 000,001,682 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladWireless Connection Manager.lnk [2011/10/30 07:16:23 | 000,000,005 | ---- | C] () -- C:WINDOWSSystem32ANIWZCSUSERNAME{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/10/30 07:16:16 | 000,315,392 | ---- | C] () -- C:WINDOWSSystem32ANPDApi.dll [2011/10/30 07:16:16 | 000,048,640 | ---- | C] () -- C:WINDOWSSystem32ANPD64.SYS [2011/10/30 07:16:16 | 000,034,008 | ---- | C] () -- C:WINDOWSSystem32ANPD.VXD [2011/10/30 07:16:16 | 000,029,411 | ---- | C] () -- C:WINDOWSSystem32ANPD.SYS [2011/10/30 07:15:33 | 000,013,931 | ---- | C] () -- C:WINDOWSSystem32RaCoInst.dat [2011/10/13 18:56:52 | 000,000,914 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladbol.com fotoservice.lnk [2011/10/13 18:56:52 | 000,000,884 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladCEWE Fotoshow.lnk [2011/08/13 16:41:18 | 000,204,800 | ---- | C] () -- C:WINDOWSSystem32IVIresizeW7.dll [2011/08/13 16:41:18 | 000,200,704 | ---- | C] () -- C:WINDOWSSystem32IVIresizeA6.dll [2011/08/13 16:41:18 | 000,192,512 | ---- | C] () -- C:WINDOWSSystem32IVIresizeP6.dll [2011/08/13 16:41:18 | 000,192,512 | ---- | C] () -- C:WINDOWSSystem32IVIresizeM6.dll [2011/08/13 16:41:18 | 000,188,416 | ---- | C] () -- C:WINDOWSSystem32IVIresizePX.dll [2011/08/13 16:41:18 | 000,020,480 | ---- | C] () -- C:WINDOWSSystem32IVIresize.dll [2011/08/11 13:40:49 | 000,061,244 | ---- | C] () -- C:WINDOWSSystem32x264vfw-uninstall.exe [2011/08/11 13:38:08 | 000,000,135 | ---- | C] () -- C:WINDOWShuffyuv.ini [2011/08/10 18:18:52 | 000,363,520 | ---- | C] () -- C:WINDOWSSystem32PsisDecd.dll [2011/07/10 22:04:39 | 000,021,504 | ---- | C] () -- C:WINDOWSjestertb.dll [2011/03/18 22:18:48 | 000,002,528 | ---- | C] () -- C:Documents and SettingsmamaApplication Data$_hpcst$.hpc [2011/03/08 20:05:24 | 000,000,162 | ---- | C] () -- C:WINDOWSwininit.ini [2011/02/23 19:49:33 | 000,000,552 | ---- | C] () -- C:WINDOWSSystem32d3d8caps.dat [2011/02/20 12:33:22 | 000,000,000 | ---- | C] () -- C:WINDOWSnsreg.dat [2010/11/18 17:36:02 | 000,027,648 | ---- | C] () -- C:WINDOWSSystem32AVSredirect.dll [2010/05/06 19:43:34 | 000,001,324 | ---- | C] () -- C:WINDOWSSystem32d3d9caps.dat [2010/04/06 10:37:57 | 000,000,056 | -H-- | C] () -- C:WINDOWSSystem32ezsidmv.dat [2010/04/06 10:30:31 | 000,015,498 | ---- | C] () -- C:WINDOWSVX1000.ini [2010/01/27 21:54:34 | 002,283,526 | ---- | C] () -- C:WINDOWSSystem32nvdata.bin [2009/12/24 14:53:19 | 000,087,472 | ---- | C] () -- C:WINDOWSSystem32ijjiChannelingPlugin.dll [2009/10/24 18:51:55 | 000,682,280 | ---- | C] () -- C:WINDOWSSystem32pbsvc.exe [2009/09/27 18:14:41 | 000,062,036 | -H-- | C] () -- C:WINDOWSSystem32mlfcache.dat [2009/08/06 09:42:23 | 000,138,160 | ---- | C] () -- C:WINDOWSSystem32driversPnkBstrK.sys [2009/08/06 09:42:01 | 000,271,200 | ---- | C] () -- C:WINDOWSSystem32PnkBstrB.exe [2009/08/06 09:41:56 | 000,075,136 | ---- | C] () -- C:WINDOWSSystem32PnkBstrA.exe [2009/08/06 09:41:46 | 000,000,287 | ---- | C] () -- C:WINDOWSgame.ini [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:WINDOWSSystem32OGACheckControl.dll [2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:WINDOWSSystem32OGAEXEC.exe [2009/07/12 16:39:51 | 000,000,751 | ---- | C] () -- C:WINDOWSSpiderman.INI [2009/07/12 10:32:17 | 000,158,952 | ---- | C] () -- C:WINDOWSSystem32PubPlugin.dll [2009/06/29 17:33:43 | 000,000,000 | ---- | C] () -- C:Documents and SettingsAll UsersApplication DataLauncherAccess.dt [2009/06/29 17:27:54 | 000,005,632 | ---- | C] () -- C:WINDOWSSystem32driversStarOpen.sys [2009/06/01 19:43:54 | 000,019,558 | ---- | C] () -- C:WINDOWShpoins01.dat [2009/06/01 19:43:54 | 000,016,606 | ---- | C] () -- C:WINDOWShpomdl01.dat [2009/05/22 09:48:05 | 000,004,205 | ---- | C] () -- C:WINDOWSODBCINST.INI [2009/05/22 09:45:27 | 000,293,272 | ---- | C] () -- C:WINDOWSSystem32FNTCACHE.DAT [2009/05/22 09:13:54 | 000,000,127 | ---- | C] () -- C:Documents and SettingsmamaLocal SettingsApplication Datafusioncache.dat [2009/05/22 08:19:56 | 000,024,576 | R--- | C] () -- C:WINDOWSSystem32AsIO.dll [2009/05/22 08:19:56 | 000,012,400 | R--- | C] () -- C:WINDOWSSystem32driversAsIO.sys [2009/05/22 08:19:54 | 000,011,832 | ---- | C] () -- C:WINDOWSSystem32driversAsInsHelp64.sys [2009/05/22 08:19:54 | 000,010,216 | ---- | C] () -- C:WINDOWSSystem32driversAsInsHelp32.sys [2009/05/22 08:06:28 | 000,028,928 | ---- | C] () -- C:WINDOWSAscd_log.ini [2009/05/22 08:05:27 | 000,005,810 | R--- | C] () -- C:WINDOWSSystem32driversASACPI.sys [2009/05/22 08:05:12 | 000,028,545 | ---- | C] () -- C:WINDOWSAscd_tmp.ini [2009/05/22 08:05:12 | 000,010,296 | ---- | C] () -- C:WINDOWSSystem32driversASUSHWIO.SYS [2009/05/22 08:01:16 | 000,002,048 | --S- | C] () -- C:WINDOWSbootstat.dat [2009/05/22 07:57:44 | 000,021,748 | ---- | C] () -- C:WINDOWSSystem32emptyregdb.dat [2009/02/09 06:18:00 | 001,724,416 | ---- | C] () -- C:WINDOWSSystem32nvwdmcpl.dll [2009/02/09 06:18:00 | 001,657,376 | ---- | C] () -- C:WINDOWSSystem32nwiz.exe [2009/02/09 06:18:00 | 001,507,328 | ---- | C] () -- C:WINDOWSSystem32nview.dll [2009/02/09 06:18:00 | 001,346,080 | ---- | C] () -- C:WINDOWSSystem32nvdspsch.exe [2009/02/09 06:18:00 | 001,101,824 | ---- | C] () -- C:WINDOWSSystem32nvwimg.dll [2009/02/09 06:18:00 | 000,466,944 | ---- | C] () -- C:WINDOWSSystem32nvshell.dll [2009/02/09 06:18:00 | 000,449,056 | ---- | C] () -- C:WINDOWSSystem32nvappbar.exe [2009/02/09 06:18:00 | 000,436,768 | ---- | C] () -- C:WINDOWSSystem32keystone.exe [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:WINDOWSSystem32physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelFrench.dll [2008/04/15 21:18:40 | 002,084,371 | ---- | C] () -- C:WINDOWSSystem32x264vfw.dll [2007/11/06 21:19:28 | 000,053,299 | ---- | C] () -- C:WINDOWSSystem32pthreadVC.dll [2004/08/04 13:00:00 | 013,107,200 | ---- | C] () -- C:WINDOWSSystem32oembios.bin [2004/08/04 13:00:00 | 000,708,380 | ---- | C] () -- C:WINDOWSSystem32perfh013.dat [2004/08/04 13:00:00 | 000,673,088 | ---- | C] () -- C:WINDOWSSystem32mlang.dat [2004/08/04 13:00:00 | 000,608,586 | ---- | C] () -- C:WINDOWSSystem32perfh009.dat [2004/08/04 13:00:00 | 000,318,670 | ---- | C] () -- C:WINDOWSSystem32perfi013.dat [2004/08/04 13:00:00 | 000,272,128 | ---- | C] () -- C:WINDOWSSystem32perfi009.dat [2004/08/04 13:00:00 | 000,218,003 | ---- | C] () -- C:WINDOWSSystem32dssec.dat [2004/08/04 13:00:00 | 000,187,392 | ---- | C] () -- C:WINDOWSSystem32perfc013.dat [2004/08/04 13:00:00 | 000,144,254 | ---- | C] () -- C:WINDOWSSystem32perfc009.dat [2004/08/04 13:00:00 | 000,046,258 | ---- | C] () -- C:WINDOWSSystem32mib.bin [2004/08/04 13:00:00 | 000,039,178 | ---- | C] () -- C:WINDOWSSystem32perfd013.dat [2004/08/04 13:00:00 | 000,028,626 | ---- | C] () -- C:WINDOWSSystem32perfd009.dat [2004/08/04 13:00:00 | 000,004,569 | ---- | C] () -- C:WINDOWSSystem32secupd.dat [2004/08/04 13:00:00 | 000,004,463 | ---- | C] () -- C:WINDOWSSystem32oembios.dat [2004/08/04 13:00:00 | 000,001,804 | ---- | C] () -- C:WINDOWSSystem32dcache.bin [2004/08/04 13:00:00 | 000,000,741 | ---- | C] () -- C:WINDOWSSystem32noise.dat [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:WINDOWSSystem32giveio.sys ========== LOP Check ========== [2011/06/05 18:17:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data1C119 [2009/08/13 17:27:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataActivision [2011/06/05 18:17:43 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Databoost_interprocess [2011/08/10 19:26:46 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCanonBJ [2011/03/14 17:01:35 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCommon Files [2011/07/10 20:57:25 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataEasybits GO [2009/09/22 08:35:45 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataF-Secure [2011/10/19 15:31:15 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataHEMA Fotoservice [2011/08/13 16:42:06 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataInterVideo [2011/11/05 14:39:18 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataLogMeIn [2011/11/04 17:06:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstop [2011/10/30 17:56:16 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstopDat [2010/01/27 22:03:05 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataTEMP [2011/10/19 14:58:56 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Datatmp [2009/12/05 19:06:30 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataUbisoft [2011/08/10 18:15:10 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataUlead Systems [2010/07/08 13:43:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/09/27 18:32:40 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/06/10 13:06:41 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/11/08 09:09:14 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataActivision [2011/06/05 21:35:52 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication Databsbandmltbpi [2009/06/01 18:56:09 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataGenie-Soft [2011/08/10 21:45:48 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataUlead Systems [2009/06/04 18:37:34 | 000,000,344 | ---- | M] () -- C:WINDOWSTasksFRU Task #Hewlett-Packard#hp psc 1200 series#1243881968.job [2011/11/05 15:23:32 | 000,000,424 | -H-- | M] () -- C:WINDOWSTasksMP Scheduled Scan.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%*.* > [2009/05/22 21:24:16 | 000,001,024 | ---- | M] () -- C:.rnd [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () -- C:AUTOEXEC.BAT [2009/09/21 19:36:07 | 000,000,211 | -HS- | M] () -- C:boot.ini [2004/08/04 13:00:00 | 000,004,952 | RHS- | M] () -- C:Bootfont.bin [2009/08/17 14:07:00 | 000,000,074 | ---- | M] () -- C:CMLoader.log [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () -- C:CONFIG.SYS [2010/11/17 18:56:16 | 000,000,135 | ---- | M] () -- C:error.log [2011/08/09 12:38:56 | 000,000,524 | ---- | M] () -- C:hpfr3420.xml [2011/08/09 12:38:56 | 000,206,064 | ---- | M] () -- C:hpfr3425.log [2009/08/15 23:05:02 | 000,000,921 | -H-- | M] () -- C:hpothb07.dat [2009/08/15 23:05:02 | 000,002,225 | -H-- | M] () -- C:hpothb07.tif [2011/02/16 17:22:12 | 000,460,824 | ---- | M] () -- C:img2-001.raw [2009/05/22 07:59:54 | 000,000,000 | RHS- | M] () -- C:IO.SYS [2009/05/22 07:59:54 | 000,000,000 | RHS- | M] () -- C:MSDOS.SYS [2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:NTDETECT.COM [2009/05/22 08:41:40 | 000,251,712 | RHS- | M] () -- C:ntldr [2011/11/05 15:18:16 | 2145,386,496 | -HS- | M] () -- C:pagefile.sys [2009/05/22 08:07:45 | 000,001,589 | ---- | M] () -- C:RHDSetup.log < %systemroot%Fonts*.com > [2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:WINDOWSFontsGlobalMonospace.CompositeFont [2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:WINDOWSFontsGlobalSansSerif.CompositeFont [2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:WINDOWSFontsGlobalSerif.CompositeFont [2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:WINDOWSFontsGlobalUserInterface.CompositeFont < %systemroot%Fonts*.dll > < %systemroot%Fonts*.ini > [2009/05/22 07:59:35 | 000,000,067 | -HS- | M] () -- C:WINDOWSFontsdesktop.ini < %systemroot%Fonts*.ini2 > < %systemroot%Fonts*.exe > < %systemroot%system32spoolprtprocsw32x86*.* > [2010/08/25 04:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:WINDOWSsystem32spoolprtprocsw32x86CNMPDA9.DLL [2010/08/25 04:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:WINDOWSsystem32spoolprtprocsw32x86CNMPPA9.DLL [2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:WINDOWSsystem32spoolprtprocsw32x86filterpipelineprintproc.dll [2011/10/08 07:50:36 | 000,052,096 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSsystem32spoolprtprocsw32x86LMIproc.dll [2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:WINDOWSsystem32spoolprtprocsw32x86printfilterpipelinesvc.exe < %systemroot%REPAIR*.bak1 > < %systemroot%REPAIR*.ini > < %systemroot%system32*.jpg > < %systemroot%*.jpg > < %systemroot%*.png > < %systemroot%*.scr > [2010/04/17 02:11:10 | 000,307,056 | ---- | M] (Microsoft Corporation) -- C:WINDOWSWLXPGSS.SCR < %systemroot%*._sy > < %APPDATA%AdobeUpdate*.* > < %ALLUSERSPROFILE%Favorites*.* > < %APPDATA%Microsoft*.* > < %PROGRAMFILES%*.* > < %APPDATA%Update*.* > < %systemroot%*. /mp /s > < %systemroot%System32config*.sav > [2009/05/22 09:44:41 | 000,094,208 | ---- | M] () -- C:WINDOWSSystem32configdefault.sav [2009/05/22 09:44:41 | 000,663,552 | ---- | M] () -- C:WINDOWSSystem32configsoftware.sav [2009/05/22 09:44:41 | 000,450,560 | ---- | M] () -- C:WINDOWSSystem32configsystem.sav < %PROGRAMFILES%bak. /s > < %systemroot%system32bak. /s >[/
  8. Hello JonTom, I did another OTL scan... I used the same instructions as you gave in your first post about OTL, so with the custom scans lines. Hope that is what you meant . OTL-LOG OTL logfile created on: 4/11/2011 17:25:04 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsmamaBureaublad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = ) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 3,25 Gb Total Physical Memory | 2,65 Gb Available Physical Memory | 81,56% Memory free 5,09 Gb Paging File | 4,62 Gb Available in Paging File | 90,84% Paging File free Paging file location(s): C:pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 146,48 Gb Total Space | 32,33 Gb Free Space | 22,07% Space Free | Partition Type: NTFS Drive D: | 151,61 Gb Total Space | 141,39 Gb Free Space | 93,26% Space Free | Partition Type: NTFS Computer Name: FRANCINE | User Name: mama | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/11/03 07:09:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe PRC - [2011/10/30 17:06:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:Program FilesSUPERAntiSpywareSASCORE.EXE PRC - [2011/10/30 07:47:56 | 003,045,688 | ---- | M] (Emsi Software GmbH) -- C:Program FilesEmsisoft Anti-Malwarea2service.exe PRC - [2011/10/08 07:50:51 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86ramaint.exe PRC - [2011/10/08 07:50:35 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LMIGuardianSvc.exe PRC - [2011/09/26 12:27:08 | 000,024,216 | ---- | M] (PC Pitstop LLC) -- C:Program FilesPCPitstopInfo CenterInfoCenter.exe PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft Security Clientmsseces.exe PRC - [2011/06/15 07:19:14 | 000,307,200 | ---- | M] (PowerISO Computing, Inc.) -- C:Program FilesPowerISOPWRISOVM.EXE PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LogMeIn.exe PRC - [2009/10/19 19:03:50 | 000,995,328 | ---- | M] (D-Link Corp.) -- C:Program FilesD-LinkDWA-125 revAAirGCFG.exe PRC - [2009/10/19 18:39:38 | 000,122,880 | ---- | M] (Wireless Service) -- C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe PRC - [2008/07/24 17:46:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LogMeInSystray.exe PRC - [2008/07/23 16:04:20 | 005,625,344 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineFourEngine.exe PRC - [2008/04/14 18:02:58 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:WINDOWSexplorer.exe PRC - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft LifeCamMSCamS32.exe PRC - [2007/04/10 22:46:52 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:WINDOWSvVX1000.exe PRC - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:Program FilesSpywareGuardsgmain.exe PRC - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:Program FilesSpywareGuardsgbhp.exe PRC - [2003/06/06 16:52:32 | 000,151,552 | ---- | M] (InterVideo Inc.) -- C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe PRC - [2003/06/06 16:51:48 | 000,131,072 | ---- | M] () -- C:Program FilesInterVideoCommonBinWinCinemaMgr.exe ========== Modules (No Company Name) ========== MOD - [2011/10/30 07:16:16 | 000,315,392 | ---- | M] () -- C:WINDOWSsystem32ANPDApi.dll MOD - [2011/10/14 05:55:04 | 012,430,848 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Windows.Forms71a2ae9ad561a62181cbd9fb11e9de7aSystem.Windows.Forms.ni.dll MOD - [2011/10/14 05:54:46 | 001,587,200 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Drawingc10bea3c4bb7ef654651141bf9419090System.Drawing.ni.dll MOD - [2011/10/13 22:49:12 | 007,950,848 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32Systemaf39f6e644af02873b9bae319f2bfb13System.ni.dll MOD - [2011/10/13 22:49:02 | 011,490,816 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32mscorlibca87ba84221991839abbe7d4bc9c6721mscorlib.ni.dll MOD - [2009/10/19 18:59:12 | 000,274,432 | ---- | M] () -- C:Program FilesD-LinkDWA-125 revAwlanapp.dll MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:Program FilesCommon FilesAppleApple Application Supportzlib1.dll MOD - [2009/05/22 09:04:59 | 000,303,104 | ---- | M] () -- C:WINDOWSassemblyGAC_MSILmscorlib.resources2.0.0.0_nl_b77a5c561934e089mscorlib.resources.dll MOD - [2009/02/27 17:13:06 | 000,311,296 | ---- | M] () -- C:Program FilesCommon FilesAdobeAcrobatActiveXpdfshell.NLD MOD - [2008/07/23 16:04:20 | 005,625,344 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineFourEngine.exe MOD - [2008/04/15 09:07:34 | 000,053,248 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineAsSpindownTimeout.dll MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:WINDOWSsystem32AsIO.dll MOD - [2005/05/11 15:39:32 | 000,565,248 | ---- | M] () -- C:Program FilesASUSEPU-4 Enginepngio.dll MOD - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:Program FilesSpywareGuardsgmain.exe MOD - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:Program FilesSpywareGuardsgbhp.exe MOD - [2003/08/02 22:20:57 | 000,126,976 | R--- | M] () -- C:Program FilesSpywareGuardspywareguard.dll MOD - [2003/06/06 16:51:48 | 000,131,072 | ---- | M] () -- C:Program FilesInterVideoCommonBinWinCinemaMgr.exe ========== Win32 Services (SafeList) ========== SRV - [2011/10/30 17:06:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:Program FilesSUPERAntiSpywareSASCORE.EXE -- (!SASCORE) SRV - [2011/10/30 07:47:56 | 003,045,688 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:Program FilesEmsisoft Anti-Malwarea2service.exe -- (a2AntiMalware) SRV - [2011/10/26 11:42:32 | 000,091,816 | ---- | M] (PC Pitstop LLC) [On_Demand | Stopped] -- C:Program FilesPCPitstopPCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2011/10/08 07:50:51 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86RaMaint.exe -- (LMIMaint) SRV - [2011/10/08 07:50:35 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe -- (MsMpSvc) SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86LogMeIn.exe -- (LogMeIn) SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe -- (ACDaemon) SRV - [2009/08/21 09:27:26 | 000,126,976 | ---- | M] (Wireless Service) [On_Demand | Stopped] -- C:Program FilesD-LinkDWA-125 revAANIWZCSdS.exe -- (D_Link_DWA-125) SRV - [2009/07/07 19:49:20 | 000,040,960 | ---- | M] () [On_Demand | Stopped] -- C:Program FilesD-LinkDWA-125 revAANIWConnService.exe -- (D_Link_DWA-125_WPS) SRV - [2009/05/20 09:50:20 | 002,772,302 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:WINDOWSSystem32GameMon.des -- (npggsvc) SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:Program FilesWinPcaprpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft LifeCamMSCamS32.exe -- (MSCamSvc) SRV - [2006/09/28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [On_Demand | Stopped] -- C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe -- (UleadBurningHelper) SRV - [2003/03/09 20:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:WINDOWSsystem32HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - [2011/11/04 17:17:25 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{C21752B9-DDF7-4BCD-A63C-7B802231E310}MpKsl9c37787a.sys -- (MpKsl9c37787a) DRV - [2011/10/30 17:06:43 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywareSASKUTIL.SYS -- (SASKUTIL) DRV - [2011/10/30 17:06:42 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywareSASDIFSV.SYS -- (SASDIFSV) DRV - [2011/10/30 07:16:16 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:WINDOWSsystem32ANPD.SYS -- (ANPD) DRV - [2011/10/08 07:50:36 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:WINDOWSSystem32LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2011/06/15 09:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:WINDOWSSystem32driversscdemu.sys -- (SCDEmu) DRV - [2011/06/12 19:53:30 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:Program FilesSUPERAntiSpywareSASENUM.SYS -- (SASENUM) DRV - [2011/02/20 20:30:06 | 000,073,728 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:Program FilesEmsisoft Anti-Malwarea2accx86.sys -- (a2acc) DRV - [2011/01/26 10:31:28 | 000,805,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversSmiUsbGrabber3C.sys -- (SMIGrabber3C) DRV - [2009/12/25 18:26:30 | 006,039,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversRtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversMonfilt.sys -- (Monfilt) DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversAmbfilt.sys -- (Ambfilt) DRV - [2009/10/23 17:10:10 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:WINDOWSSystem32driversStarOpen.sys -- (StarOpen) DRV - [2009/09/15 14:09:22 | 000,779,136 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversDrt2870.sys -- (rt2870) DRV - [2009/08/05 21:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:WINDOWSsystem32driversfssfltr_tdi.sys -- (fssfltr) DRV - [2009/03/31 17:33:10 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversl1e51x86.sys -- (L1e) DRV - [2008/07/24 17:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:Program FilesLogMeInx86rainfo.sys -- (LMIInfo) DRV - [2008/07/24 17:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:WINDOWSsystem32driversLMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversnmnt.sys -- (nm) DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversMPE.sys -- (MPE) DRV - [2007/12/17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:WINDOWSsystem32driversAsIO.sys -- (AsIO) DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversnpf.sys -- (NPF) DRV - [2007/05/02 10:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 10:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 10:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2007/05/02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_mdm.sys -- (ss_mdm) DRV - [2007/05/02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_mdfl.sys -- (ss_mdfl) DRV - [2007/05/02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2007/04/10 22:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversVX1000.sys -- (VX1000) DRV - [2006/11/29 06:46:24 | 000,028,224 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversAPLMp50.sys -- (APLMp50) DRV - [2005/12/18 19:42:12 | 000,008,801 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:Program FilesDScalerDSDrv4.sys -- (DSDrv4) DRV - [2005/01/02 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32npptNT2.sys -- (NPPTNT2) DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversASACPI.sys -- (MTsensor) DRV - [2002/09/27 06:53:00 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driverspfc.sys -- (pfc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.be/ IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://be.msn.com/default.aspx?ocid=iehp IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = nl-be IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = 8A 69 41 C1 21 97 CC 01 [binary data] IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17243" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&AF=17243&q=" FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:WINDOWSsystem32MacromedFlashNPSWF32.dll () FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.) FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program FilesiTunesMozilla Pluginsnpitunes.dll () FF - HKLMSoftwareMozillaPlugins@Google.com/GoogleEarthPlugin: C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google) FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: C:Program FilesJavajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.) FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:Program FilesMicrosoft Silverlight4.0.60831.0npctrl.dll ( Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/OfficeLive,version=1.3: C:Program FilesMicrosoftOffice LivenpOLW.dll (Microsoft Corp.) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=14.0.8117.0416: C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program FilesGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.) FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program FilesGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxextensions{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:Program FilesArcSoftMedia Converter for PhilipsInternet Video DownloaderPlugin_FireFox [2010/03/07 12:38:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 4.0.1extensionsComponents: C:Program FilesMozilla Firefoxcomponents [2011/10/30 16:01:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 4.0.1extensionsPlugins: C:Program FilesMozilla Firefoxplugins [2011/02/22 16:50:36 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsmamaApplication DataMozillaExtensions [2011/10/30 12:10:16 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsmamaApplication DataMozillaFirefoxProfileshefq8rku.defaultextensions [2011/11/03 14:46:17 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxextensions [2011/08/10 17:54:30 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:Program FilesMozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/11/03 14:46:17 | 000,000,000 | ---D | M] (Java Console) -- C:Program FilesMozilla Firefoxextensions{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2009/06/03 17:08:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:PROGRAM FILESJAVAJRE6LIBDEPLOYJQSFF [2009/09/01 20:55:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:WINDOWSMICROSOFT.NETFRAMEWORKV3.5WINDOWS PRESENTATION FOUNDATIONDOTNETASSISTANTEXTENSION [2011/04/14 17:57:43 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:Program Filesmozilla firefoxcomponentsbrowsercomps.dll [2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsbing.xml [2010/01/01 09:00:00 | 000,001,892 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsbolcom-nl.xml [2010/01/01 09:00:00 | 000,004,558 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsmarktplaats-nl.xml [2010/01/01 09:00:00 | 000,001,111 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsvandale-nl.xml [2010/01/01 09:00:00 | 000,001,049 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginswikipedia-nl.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:WINDOWSsystem32MacromedFlashNPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin7.dll CHR - plugin: Java Platform SE 6 U16 (Enabled) = C:Program FilesJavajre6binnew_pluginnpjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:Program FilesMicrosoft Silverlight4.0.60531.0npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:WINDOWSsystem32AdobeDirectornp32dsw.dll CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:Program FilesRealRealPlayerNetscape6nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:Program FilesRealRealPlayerNetscape6nprpjplug.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:Program FilesWindows Media Playernpdsplay.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:Program FilesMicrosoftOffice LivenpOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.5.0.8013_0npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:Program FilesAdobeReader 9.0ReaderBrowsernppdf32.dll CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpdrmv2.dll CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpwmsdrm.dll CHR - plugin: Google Earth Plugin (Enabled) = C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll CHR - plugin: Google Update (Enabled) = C:Program FilesGoogleUpdate1.3.21.69npGoogleUpdate3.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:Program FilesRealRealPlayerNetscape6nprjplug.dll CHR - plugin: Windows Liveu00AE Photo Gallery (Enabled) = C:Program FilesWindows LivePhoto GalleryNPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:Program FilesiTunesMozilla Pluginsnpitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.4_0 CHR - Extension: Click to call with Skype = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.5.0.8013_0 O1 HOSTS File: ([2009/05/22 19:08:20 | 000,611,053 | ---- | M]) - C:WINDOWSsystem32driversetcHOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 acezip.net #[siteAdvisor.acezip.net] O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions] O1 - Hosts: 127.0.0.1 phpadsnew.abac.com O1 - Hosts: 127.0.0.1 a.abnad.net O1 - Hosts: 127.0.0.1 b.abnad.net O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie] O1 - Hosts: 127.0.0.1 d.abnad.net O1 - Hosts: 127.0.0.1 e.abnad.net O1 - Hosts: 127.0.0.1 t.abnad.net O1 - Hosts: 127.0.0.1 z.abnad.net O1 - Hosts: 127.0.0.1 banners.absolpublisher.com O1 - Hosts: 127.0.0.1 tracking.absolstats.com O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 gtb5.acecounter.com O1 - Hosts: 127.0.0.1 gtb19.acecounter.com O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie] O1 - Hosts: 16309 more lines... O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..Run: [D-Link D-Link DWA-125] C:Program FilesD-LinkDWA-125 revAAirGCFG.exe (D-Link Corp.) O4 - HKLM..Run: [info Center] C:Program FilesPCPitstopInfo CenterInfoCenter.exe (PC Pitstop LLC) O4 - HKLM..Run: [LifeCam] C:Program FilesMicrosoft LifeCamLifeExp.exe (Microsoft Corporation) O4 - HKLM..Run: [LogMeIn GUI] C:Program FilesLogMeInx86LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..Run: [MSC] C:Program FilesMicrosoft Security Clientmsseces.exe (Microsoft Corporation) O4 - HKLM..Run: [PWRISOVM.EXE] C:Program FilesPowerISOPWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..Run: [six Engine] C:Program FilesASUSEPU-4 EngineFourEngine.exe () O4 - HKLM..Run: [uVS10 Preload] C:Program FilesUlead SystemsUlead VideoStudio SE DVDuvPL.exe (Ulead Systems, Inc.) O4 - HKLM..Run: [VX1000] C:WINDOWSvVX1000.exe (Microsoft Corporation) O4 - HKLM..Run: [WinDVR SchSvr] C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe (InterVideo Inc.) O4 - HKLM..Run: [WZCSLDR2] C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe (Wireless Service) O4 - HKCU..RunOnce: [shockwave Updater] C:WINDOWSsystem32AdobeShockwave 11SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.dadsproject.com/Klokkijken/klokkijken.php" File not found O4 - Startup: C:Documents and SettingsAll UsersMenu StartProgramma'sOpstartenInterVideo WinCinema Manager.lnk = C:Program FilesInterVideoCommonBinWinCinemaMgr.exe () O4 - Startup: C:Documents and SettingsmamaMenu StartProgramma'sOpstartenSpywareGuard.lnk = C:Program FilesSpywareGuardsgmain.exe () O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5Catalog_Entries000000000004 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.) O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (VersionControl Class) O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243013861984 (MUWebControl Class) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 195.130.130.4 195.130.131.4 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{4F52C767-993D-4BB5-AE28-5E54599325CC}: DhcpNameServer = 195.130.131.132 195.130.130.4 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{57CC1820-8280-407F-8BB2-EB8E5714DF5F}: DhcpNameServer = 195.130.130.4 195.130.131.4 O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:WINDOWSexplorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) -C:WINDOWSsystem32userinit.exe (Microsoft Corporation) O20 - WinlogonNotify!SASWinLogon: DllName - (C:Program FilesSUPERAntiSpywareSASWINLO.DLL) - C:Program FilesSUPERAntiSpywareSASWINLO.DLL (SUPERAntiSpyware.com) O20 - WinlogonNotifyLMIinit: DllName - (LMIinit.dll) - C:WINDOWSSystem32LMIinit.dll (LogMeIn, Inc.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:Program FilesSpywareGuardspywareguard.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM..comfile [open] -- "%1" %* O35 - HKLM..exefile [open] -- "%1" %* O37 - HKLM...com [@ = comfile] -- "%1" %* O37 - HKLM...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/11/03 14:48:47 | 000,000,000 | ---D | C] -- C:Program FilesESET [2011/11/03 14:46:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataSun [2011/11/03 14:46:23 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesJava [2011/11/03 14:46:16 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32deployJava1.dll [2011/11/03 14:46:16 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32javaws.exe [2011/11/03 14:46:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32javaw.exe [2011/11/03 14:46:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WINDOWSSystem32java.exe [2011/11/03 14:36:18 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sMalwarebytes' Anti-Malware [2011/11/03 14:36:14 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:WINDOWSSystem32driversmbam.sys [2011/11/03 14:36:14 | 000,000,000 | ---D | C] -- C:Program FilesMalwarebytes' Anti-Malware [2011/11/03 14:35:40 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:Documents and SettingsmamaBureaubladmbam-setup-1.51.2.1300.exe [2011/11/03 14:31:22 | 000,000,000 | ---D | C] -- C:_OTL [2011/11/03 07:09:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe [2011/11/02 11:25:29 | 000,000,000 | RH-D | C] -- C:Documents and SettingsmamaOnlangs geopend [2011/11/01 12:01:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sSIW [2011/11/01 12:01:21 | 000,000,000 | ---D | C] -- C:Program FilesSIW [2011/11/01 09:52:47 | 000,000,000 | ---D | C] -- C:Documents and SettingsmamaBureaubladgmer [2011/11/01 09:48:59 | 000,000,000 | R--D | C] -- C:Documents and SettingsmamaMenu StartProgramma'sSysteembeheer [2011/11/01 09:46:37 | 000,607,260 | R--- | C] (Swearware) -- C:Documents and SettingsmamaBureaubladdds.scr [2011/10/30 21:44:36 | 000,000,000 | ---D | C] -- C:Program FilesTrend Micro [2011/10/30 21:44:36 | 000,000,000 | ---D | C] -- C:Documents and SettingsmamaMenu StartProgramma'sHiJackThis [2011/10/30 17:56:16 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataPCPitstopDat [2011/10/30 17:54:02 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sPC Pitstop [2011/10/30 14:57:11 | 000,000,000 | ---D | C] -- C:WINDOWSCSC [2011/10/30 12:09:43 | 000,000,000 | ---D | C] -- D:Documents and SettingsmamaMijn documentenDownloads [2011/10/30 07:17:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sD-Link [2011/10/30 07:15:34 | 000,779,136 | ---- | C] (Ralink Technology, Corp.) -- C:WINDOWSSystem32driversDrt2870.sys [2011/10/30 07:15:33 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:WINDOWSSystem32RaCoInst.dll [2011/10/30 07:15:32 | 000,000,000 | ---D | C] -- C:Program FilesD-Link [2011/10/19 15:31:35 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sHEMA Fotoservice [2011/10/19 15:31:15 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataHEMA Fotoservice [2011/10/19 15:31:13 | 000,000,000 | ---D | C] -- C:Program FilesHEMA Fotoservice [2011/10/13 18:56:57 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication Datatmp [2011/10/13 18:56:56 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication Datahps [2011/10/13 18:56:38 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sbol.com fotoservice [2011/10/13 18:55:38 | 000,000,000 | ---D | C] -- C:Program Filesbol.com [1 D:Documents and SettingsmamaMijn documenten*.tmp files -> D:Documents and SettingsmamaMijn documenten*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/11/04 17:23:22 | 000,002,206 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl [2011/11/04 17:22:26 | 000,000,424 | -H-- | M] () -- C:WINDOWStasksMP Scheduled Scan.job [2011/11/04 17:18:10 | 000,003,284 | ---- | M] () -- C:WINDOWSSystem32ANIWZCS{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/11/04 17:18:00 | 000,000,005 | ---- | M] () -- C:WINDOWSSystem32ANIWZCSUSERNAME{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/11/04 17:17:38 | 000,001,040 | ---- | M] () -- C:WINDOWStasksGoogleUpdateTaskMachineCore.job [2011/11/04 17:17:38 | 000,000,294 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/11/04 17:17:38 | 000,000,280 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-1005.job [2011/11/04 17:17:38 | 000,000,276 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-1003.job [2011/11/04 17:17:15 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat [2011/11/04 17:00:00 | 000,001,044 | ---- | M] () -- C:WINDOWStasksGoogleUpdateTaskMachineUA.job [2011/11/03 16:40:10 | 000,039,570 | ---- | M] () -- C:Documents and SettingsmamaBureaubladesetscan.JPG [2011/11/03 14:36:44 | 000,707,306 | ---- | M] () -- C:WINDOWSSystem32perfh013.dat [2011/11/03 14:36:44 | 000,607,828 | ---- | M] () -- C:WINDOWSSystem32perfh009.dat [2011/11/03 14:36:44 | 000,186,650 | ---- | M] () -- C:WINDOWSSystem32perfc013.dat [2011/11/03 14:36:44 | 000,143,688 | ---- | M] () -- C:WINDOWSSystem32perfc009.dat [2011/11/03 14:36:18 | 000,000,784 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladMalwarebytes' Anti-Malware.lnk [2011/11/03 14:35:53 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:Documents and SettingsmamaBureaubladmbam-setup-1.51.2.1300.exe [2011/11/03 07:09:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe [2011/11/02 14:14:00 | 000,000,288 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-1005.job [2011/11/02 14:11:21 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl [2011/11/02 11:22:07 | 000,005,120 | ---- | M] () -- C:Documents and SettingsmamaLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/01 12:01:27 | 000,000,610 | ---- | M] () -- C:Documents and SettingsmamaBureaubladSIW.lnk [2011/11/01 09:48:43 | 000,294,216 | ---- | M] () -- C:Documents and SettingsmamaBureaubladgmer.zip [2011/11/01 09:46:39 | 000,607,260 | R--- | M] (Swearware) -- C:Documents and SettingsmamaBureaubladdds.scr [2011/10/30 21:45:14 | 000,002,445 | ---- | M] () -- C:Documents and SettingsmamaBureaubladHiJackThis.lnk [2011/10/30 18:43:37 | 000,002,187 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladSafari.lnk [2011/10/30 18:25:42 | 000,000,244 | ---- | M] () -- C:Documents and SettingsmamaBureaubladToverboom InfoCentrum.url [2011/10/30 17:54:02 | 000,001,675 | ---- | M] () -- C:Documents and SettingsmamaBureaubladPC Matic.lnk [2011/10/30 17:22:29 | 000,002,493 | ---- | M] () -- C:Documents and SettingsmamaBureaubladMicrosoft Office Word 2007.lnk [2011/10/30 16:02:47 | 000,001,324 | ---- | M] () -- C:WINDOWSSystem32d3d9caps.dat [2011/10/30 14:45:40 | 000,000,284 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-1003.job [2011/10/30 14:39:23 | 000,000,211 | ---- | M] () -- C:Documents and SettingsmamaBureaubladDe Toverboom - WELKOM - Basisschool 'De Toverboom'. Kom alles te weten over onze school..url [2011/10/30 09:55:19 | 000,000,302 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:11 | 000,000,682 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladCCleaner.lnk [2011/10/30 07:17:24 | 000,001,682 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladWireless Connection Manager.lnk [2011/10/30 07:16:16 | 000,315,392 | ---- | M] () -- C:WINDOWSSystem32ANPDApi.dll [2011/10/30 07:16:16 | 000,048,640 | ---- | M] () -- C:WINDOWSSystem32ANPD64.SYS [2011/10/30 07:16:16 | 000,034,008 | ---- | M] () -- C:WINDOWSSystem32ANPD.VXD [2011/10/30 07:16:16 | 000,029,411 | ---- | M] () -- C:WINDOWSSystem32ANPD.SYS [2011/10/29 17:28:37 | 000,001,813 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladGoogle Chrome.lnk [2011/10/19 14:55:38 | 000,000,914 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladbol.com fotoservice.lnk [2011/10/19 14:55:38 | 000,000,884 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladCEWE Fotoshow.lnk [2011/10/14 05:51:45 | 000,293,272 | ---- | M] () -- C:WINDOWSSystem32FNTCACHE.DAT [2011/10/08 07:50:36 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIRfsClientNP.dll [2011/10/08 07:50:35 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIinit.dll [2011/10/08 07:50:35 | 000,030,592 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIport.dll [1 D:Documents and SettingsmamaMijn documenten*.tmp files -> D:Documents and SettingsmamaMijn documenten*.tmp -> ] ========== Files Created - No Company Name ========== [2011/11/03 16:40:10 | 000,039,570 | ---- | C] () -- C:Documents and SettingsmamaBureaubladesetscan.JPG [2011/11/03 14:36:18 | 000,000,784 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladMalwarebytes' Anti-Malware.lnk [2011/11/02 11:20:44 | 000,005,120 | ---- | C] () -- C:Documents and SettingsmamaLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/01 12:01:27 | 000,000,610 | ---- | C] () -- C:Documents and SettingsmamaBureaubladSIW.lnk [2011/11/01 09:48:43 | 000,294,216 | ---- | C] () -- C:Documents and SettingsmamaBureaubladgmer.zip [2011/10/30 21:44:37 | 000,002,445 | ---- | C] () -- C:Documents and SettingsmamaBureaubladHiJackThis.lnk [2011/10/30 17:40:33 | 000,000,244 | ---- | C] () -- C:Documents and SettingsmamaBureaubladToverboom InfoCentrum.url [2011/10/30 09:55:20 | 000,000,294 | ---- | C] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:19 | 000,000,302 | ---- | C] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:11 | 000,000,682 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladCCleaner.lnk [2011/10/30 07:17:31 | 000,003,284 | ---- | C] () -- C:WINDOWSSystem32ANIWZCS{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/10/30 07:17:24 | 000,001,682 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladWireless Connection Manager.lnk [2011/10/30 07:16:23 | 000,000,005 | ---- | C] () -- C:WINDOWSSystem32ANIWZCSUSERNAME{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/10/30 07:16:16 | 000,315,392 | ---- | C] () -- C:WINDOWSSystem32ANPDApi.dll [2011/10/30 07:16:16 | 000,048,640 | ---- | C] () -- C:WINDOWSSystem32ANPD64.SYS [2011/10/30 07:16:16 | 000,034,008 | ---- | C] () -- C:WINDOWSSystem32ANPD.VXD [2011/10/30 07:16:16 | 000,029,411 | ---- | C] () -- C:WINDOWSSystem32ANPD.SYS [2011/10/30 07:15:33 | 000,013,931 | ---- | C] () -- C:WINDOWSSystem32RaCoInst.dat [2011/10/13 18:56:52 | 000,000,914 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladbol.com fotoservice.lnk [2011/10/13 18:56:52 | 000,000,884 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladCEWE Fotoshow.lnk [2011/08/13 16:41:18 | 000,204,800 | ---- | C] () -- C:WINDOWSSystem32IVIresizeW7.dll [2011/08/13 16:41:18 | 000,200,704 | ---- | C] () -- C:WINDOWSSystem32IVIresizeA6.dll [2011/08/13 16:41:18 | 000,192,512 | ---- | C] () -- C:WINDOWSSystem32IVIresizeP6.dll [2011/08/13 16:41:18 | 000,192,512 | ---- | C] () -- C:WINDOWSSystem32IVIresizeM6.dll [2011/08/13 16:41:18 | 000,188,416 | ---- | C] () -- C:WINDOWSSystem32IVIresizePX.dll [2011/08/13 16:41:18 | 000,020,480 | ---- | C] () -- C:WINDOWSSystem32IVIresize.dll [2011/08/11 13:40:49 | 000,061,244 | ---- | C] () -- C:WINDOWSSystem32x264vfw-uninstall.exe [2011/08/11 13:38:08 | 000,000,135 | ---- | C] () -- C:WINDOWShuffyuv.ini [2011/08/10 18:18:52 | 000,363,520 | ---- | C] () -- C:WINDOWSSystem32PsisDecd.dll [2011/07/10 22:04:39 | 000,021,504 | ---- | C] () -- C:WINDOWSjestertb.dll [2011/03/18 22:18:48 | 000,002,528 | ---- | C] () -- C:Documents and SettingsmamaApplication Data$_hpcst$.hpc [2011/03/08 20:05:24 | 000,000,162 | ---- | C] () -- C:WINDOWSwininit.ini [2011/02/23 19:49:33 | 000,000,552 | ---- | C] () -- C:WINDOWSSystem32d3d8caps.dat [2011/02/20 12:33:22 | 000,000,000 | ---- | C] () -- C:WINDOWSnsreg.dat [2010/11/18 17:36:02 | 000,027,648 | ---- | C] () -- C:WINDOWSSystem32AVSredirect.dll [2010/05/06 19:43:34 | 000,001,324 | ---- | C] () -- C:WINDOWSSystem32d3d9caps.dat [2010/04/06 10:37:57 | 000,000,056 | -H-- | C] () -- C:WINDOWSSystem32ezsidmv.dat [2010/04/06 10:30:31 | 000,015,498 | ---- | C] () -- C:WINDOWSVX1000.ini [2010/01/27 21:54:34 | 002,283,526 | ---- | C] () -- C:WINDOWSSystem32nvdata.bin [2009/12/24 14:53:19 | 000,087,472 | ---- | C] () -- C:WINDOWSSystem32ijjiChannelingPlugin.dll [2009/10/24 18:51:55 | 000,682,280 | ---- | C] () -- C:WINDOWSSystem32pbsvc.exe [2009/09/27 18:14:41 | 000,062,036 | -H-- | C] () -- C:WINDOWSSystem32mlfcache.dat [2009/08/06 09:42:23 | 000,138,160 | ---- | C] () -- C:WINDOWSSystem32driversPnkBstrK.sys [2009/08/06 09:42:01 | 000,271,200 | ---- | C] () -- C:WINDOWSSystem32PnkBstrB.exe [2009/08/06 09:41:56 | 000,075,136 | ---- | C] () -- C:WINDOWSSystem32PnkBstrA.exe [2009/08/06 09:41:46 | 000,000,287 | ---- | C] () -- C:WINDOWSgame.ini [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:WINDOWSSystem32OGACheckControl.dll [2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:WINDOWSSystem32OGAEXEC.exe [2009/07/12 16:39:51 | 000,000,751 | ---- | C] () -- C:WINDOWSSpiderman.INI [2009/07/12 10:32:17 | 000,158,952 | ---- | C] () -- C:WINDOWSSystem32PubPlugin.dll [2009/06/29 17:33:43 | 000,000,000 | ---- | C] () -- C:Documents and SettingsAll UsersApplication DataLauncherAccess.dt [2009/06/29 17:27:54 | 000,005,632 | ---- | C] () -- C:WINDOWSSystem32driversStarOpen.sys [2009/06/01 19:43:54 | 000,019,558 | ---- | C] () -- C:WINDOWShpoins01.dat [2009/06/01 19:43:54 | 000,016,606 | ---- | C] () -- C:WINDOWShpomdl01.dat [2009/05/22 09:48:05 | 000,004,205 | ---- | C] () -- C:WINDOWSODBCINST.INI [2009/05/22 09:45:27 | 000,293,272 | ---- | C] () -- C:WINDOWSSystem32FNTCACHE.DAT [2009/05/22 09:13:54 | 000,000,127 | ---- | C] () -- C:Documents and SettingsmamaLocal SettingsApplication Datafusioncache.dat [2009/05/22 08:19:56 | 000,024,576 | R--- | C] () -- C:WINDOWSSystem32AsIO.dll [2009/05/22 08:19:56 | 000,012,400 | R--- | C] () -- C:WINDOWSSystem32driversAsIO.sys [2009/05/22 08:19:54 | 000,011,832 | ---- | C] () -- C:WINDOWSSystem32driversAsInsHelp64.sys [2009/05/22 08:19:54 | 000,010,216 | ---- | C] () -- C:WINDOWSSystem32driversAsInsHelp32.sys [2009/05/22 08:06:28 | 000,028,928 | ---- | C] () -- C:WINDOWSAscd_log.ini [2009/05/22 08:05:27 | 000,005,810 | R--- | C] () -- C:WINDOWSSystem32driversASACPI.sys [2009/05/22 08:05:12 | 000,028,545 | ---- | C] () -- C:WINDOWSAscd_tmp.ini [2009/05/22 08:05:12 | 000,010,296 | ---- | C] () -- C:WINDOWSSystem32driversASUSHWIO.SYS [2009/05/22 08:01:16 | 000,002,048 | --S- | C] () -- C:WINDOWSbootstat.dat [2009/05/22 07:57:44 | 000,021,748 | ---- | C] () -- C:WINDOWSSystem32emptyregdb.dat [2009/02/09 06:18:00 | 001,724,416 | ---- | C] () -- C:WINDOWSSystem32nvwdmcpl.dll [2009/02/09 06:18:00 | 001,657,376 | ---- | C] () -- C:WINDOWSSystem32nwiz.exe [2009/02/09 06:18:00 | 001,507,328 | ---- | C] () -- C:WINDOWSSystem32nview.dll [2009/02/09 06:18:00 | 001,346,080 | ---- | C] () -- C:WINDOWSSystem32nvdspsch.exe [2009/02/09 06:18:00 | 001,101,824 | ---- | C] () -- C:WINDOWSSystem32nvwimg.dll [2009/02/09 06:18:00 | 000,466,944 | ---- | C] () -- C:WINDOWSSystem32nvshell.dll [2009/02/09 06:18:00 | 000,449,056 | ---- | C] () -- C:WINDOWSSystem32nvappbar.exe [2009/02/09 06:18:00 | 000,436,768 | ---- | C] () -- C:WINDOWSSystem32keystone.exe [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:WINDOWSSystem32physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelFrench.dll [2008/04/15 21:18:40 | 002,084,371 | ---- | C] () -- C:WINDOWSSystem32x264vfw.dll [2007/11/06 21:19:28 | 000,053,299 | ---- | C] () -- C:WINDOWSSystem32pthreadVC.dll [2004/08/04 13:00:00 | 013,107,200 | ---- | C] () -- C:WINDOWSSystem32oembios.bin [2004/08/04 13:00:00 | 000,707,306 | ---- | C] () -- C:WINDOWSSystem32perfh013.dat [2004/08/04 13:00:00 | 000,673,088 | ---- | C] () -- C:WINDOWSSystem32mlang.dat [2004/08/04 13:00:00 | 000,607,828 | ---- | C] () -- C:WINDOWSSystem32perfh009.dat [2004/08/04 13:00:00 | 000,318,670 | ---- | C] () -- C:WINDOWSSystem32perfi013.dat [2004/08/04 13:00:00 | 000,272,128 | ---- | C] () -- C:WINDOWSSystem32perfi009.dat [2004/08/04 13:00:00 | 000,218,003 | ---- | C] () -- C:WINDOWSSystem32dssec.dat [2004/08/04 13:00:00 | 000,186,650 | ---- | C] () -- C:WINDOWSSystem32perfc013.dat [2004/08/04 13:00:00 | 000,143,688 | ---- | C] () -- C:WINDOWSSystem32perfc009.dat [2004/08/04 13:00:00 | 000,046,258 | ---- | C] () -- C:WINDOWSSystem32mib.bin [2004/08/04 13:00:00 | 000,039,178 | ---- | C] () -- C:WINDOWSSystem32perfd013.dat [2004/08/04 13:00:00 | 000,028,626 | ---- | C] () -- C:WINDOWSSystem32perfd009.dat [2004/08/04 13:00:00 | 000,004,569 | ---- | C] () -- C:WINDOWSSystem32secupd.dat [2004/08/04 13:00:00 | 000,004,463 | ---- | C] () -- C:WINDOWSSystem32oembios.dat [2004/08/04 13:00:00 | 000,001,804 | ---- | C] () -- C:WINDOWSSystem32dcache.bin [2004/08/04 13:00:00 | 000,000,741 | ---- | C] () -- C:WINDOWSSystem32noise.dat [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:WINDOWSSystem32giveio.sys ========== LOP Check ========== [2011/06/05 18:17:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data1C119 [2009/08/13 17:27:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataActivision [2011/06/05 18:17:43 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Databoost_interprocess [2011/08/10 19:26:46 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCanonBJ [2011/03/14 17:01:35 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCommon Files [2011/07/10 20:57:25 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataEasybits GO [2009/09/22 08:35:45 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataF-Secure [2011/10/19 15:31:15 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataHEMA Fotoservice [2011/08/13 16:42:06 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataInterVideo [2011/11/04 16:54:13 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataLogMeIn [2011/11/04 17:06:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstop [2011/10/30 17:56:16 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstopDat [2010/01/27 22:03:05 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataTEMP [2011/10/19 14:58:56 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Datatmp [2009/12/05 19:06:30 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataUbisoft [2011/08/10 18:15:10 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataUlead Systems [2010/07/08 13:43:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/09/27 18:32:40 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/06/10 13:06:41 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/11/08 09:09:14 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataActivision [2011/11/03 14:31:23 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataBabylonToolbar [2011/06/05 21:35:52 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication Databsbandmltbpi [2009/06/01 18:56:09 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataGenie-Soft [2011/08/10 21:45:48 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataUlead Systems [2009/06/04 18:37:34 | 000,000,344 | ---- | M] () -- C:WINDOWSTasksFRU Task #Hewlett-Packard#hp psc 1200 series#1243881968.job [2011/11/04 17:22:26 | 000,000,424 | -H-- | M] () -- C:WINDOWSTasksMP Scheduled Scan.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%*.* > [2009/05/22 21:24:16 | 000,001,024 | ---- | M] () -- C:.rnd [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () -- C:AUTOEXEC.BAT [2009/09/21 19:36:07 | 000,000,211 | -HS- | M] () -- C:boot.ini [2004/08/04 13:00:00 | 000,004,952 | RHS- | M] () -- C:Bootfont.bin [2009/08/17 14:07:00 | 000,000,074 | ---- | M] () -- C:CMLoader.log [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () -- C:CONFIG.SYS [2010/11/17 18:56:16 | 000,000,135 | ---- | M] () -- C:error.log [2011/08/09 12:38:56 | 000,000,524 | ---- | M] () -- C:hpfr3420.xml [2011/08/09 12:38:56 | 000,206,064 | ---- | M] () -- C:hpfr3425.log [2009/08/15 23:05:02 | 000,000,921 | -H-- | M] () -- C:hpothb07.dat [2009/08/15 23:05:02 | 000,002,225 | -H-- | M] () -- C:hpothb07.tif [2011/02/16 17:22:12 | 000,460,824 | ---- | M] () -- C:img2-001.raw [2009/05/22 07:59:54 | 000,000,000 | RHS- | M] () -- C:IO.SYS [2009/05/22 07:59:54 | 000,000,000 | RHS- | M] () -- C:MSDOS.SYS [2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:NTDETECT.COM [2009/05/22 08:41:40 | 000,251,712 | RHS- | M] () -- C:ntldr [2011/11/04 17:17:11 | 2145,386,496 | -HS- | M] () -- C:pagefile.sys [2009/05/22 08:07:45 | 000,001,589 | ---- | M] () -- C:RHDSetup.log < %systemroot%Fonts*.com > [2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:WINDOWSFontsGlobalMonospace.CompositeFont [2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:WINDOWSFontsGlobalSansSerif.CompositeFont [2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:WINDOWSFontsGlobalSerif.CompositeFont [2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:WINDOWSFontsGlobalUserInterface.CompositeFont < %systemroot%Fonts*.dll > < %systemroot%Fonts*.ini > [2009/05/22 07:59:35 | 000,000,067 | -HS- | M] () -- C:WINDOWSFontsdesktop.ini < %systemroot%Fonts*.ini2 > < %systemroot%Fonts*.exe > < %systemroot%system32spoolprtprocsw32x86*.* > [2010/08/25 04:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:WINDOWSsystem32spoolprtprocsw32x86CNMPDA9.DLL [2010/08/25 04:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:WINDOWSsystem32spoolprtprocsw32x86CNMPPA9.DLL [2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:WINDOWSsystem32spoolprtprocsw32x86filterpipelineprintproc.dll [2011/10/08 07:50:36 | 000,052,096 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSsystem32spoolprtprocsw32x86LMIproc.dll [2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:WINDOWSsystem32spoolprtprocsw32x86printfilterpipelinesvc.exe < %systemroot%REPAIR*.bak1 > < %systemroot%REPAIR*.ini > < %systemroot%system32*.jpg > < %systemroot%*.jpg > < %systemroot%*.png > < %systemroot%*.scr > [2010/04/17 02:11:10 | 000,307,056 | ---- | M] (Microsoft Corporation) -- C:WINDOWSWLXPGSS.SCR < %systemroot%*._sy > < %APPDATA%AdobeUpdate*.* > < %ALLUSERSPROFILE%Favorites*.* > < %APPDATA%Microsoft*.* > < %PROGRAMFILES%*.* > < %APPDATA%Update*.* > < %systemroot%*. /mp /s > < %systemroot%System32config*.sav > [2009/05/22 09:44:41 | 000,094,208 | ---- | M] () -- C:WINDOWSSystem32configdefault.sav [2009/05/22 09:44:41 | 000,663,552 | ---- | M] () -- C:WINDOWSSystem32configsoftware.sav [2009/05/22 09:44:41 | 000,450,560 | ---- | M] () -- C:WINDOWSSystem32configsystem.sav < %PROGRAMFILES%bak. /s > < %systemroot%system32bak. /s > < %ALLUSERSPROFILE%Start Menu*.lîk /x > < %systemroot%system32configsystemprofile*.dat /x > < %systemroot%*.config > < %systemroot%system32*.db > < %PROGRAMFILES%Internet Explorer*.dat > < %APPDATA%MikzosoftInternet ExplorerQuick Launch*.lnk /x > < %USERPROFILE%Deskuop*.exe > < %PROGRAMFILES%Common Files*.* > < %systemroot%*.src > [2007/04/10 22:46:53 | 000,013,023 | ---- | M] () -- C:WINDOWSVX1000.src < %systemroot%install*.* > < %systemroot%system32DLL*.* > < %systemroot%system32HelpFiles*.* > < %systemroot%system32rundll*.* > < %systemroot%winn32*.* > < %systemroot%Java*.* > < %systemroot%system32test*.* > < %systemroot%system32Rundll32*.* > < HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateAU > < HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|L
  9. The computer is running much better now. Its a little slow at startup, but I will check the services that load at startup and disable the ones that are not necessary. Will do this after you declared this machine clean Here are the dds logs:: DDS-log . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: BrowserJavaVersion: 1.6.0_29 Run by mama at 22:02:10 on 2011-11-03 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3327.2655 [GMT 1:00] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes =============== . C:Program FilesEmsisoft Anti-Malwarea2service.exe C:WINDOWSsystem32svchost -k DcomLaunch svchost.exe C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe C:WINDOWSSystem32svchost.exe -k netsvcs C:WINDOWSsystem32svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:WINDOWSsystem32spoolsv.exe svchost.exe C:Program FilesSUPERAntiSpywareSASCORE.EXE C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe C:Program FilesBonjourmDNSResponder.exe C:Program FilesJavajre6binjqs.exe C:Program FilesLogMeInx86LMIGuardianSvc.exe C:Program FilesLogMeInx86RaMaint.exe C:Program FilesLogMeInx86LogMeIn.exe C:Program FilesMicrosoft LifeCamMSCamS32.exe C:WINDOWSsystem32PnkBstrA.exe C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe C:WINDOWSsystem32svchost.exe -k imgsvc C:WINDOWSsystem32wuauclt.exe C:WINDOWSsystem32wbemwmiapsrv.exe C:WINDOWSExplorer.EXE C:Program FilesASUSEPU-4 EngineFourEngine.exe C:Program FilesLogMeInx86LogMeInSystray.exe C:WINDOWSRTHDCPL.EXE C:WINDOWSvVX1000.exe C:Program FilesMicrosoft Security Clientmsseces.exe C:Program FilesiTunesiTunesHelper.exe C:Program FilesPowerISOPWRISOVM.EXE C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe C:Program FilesD-LinkDWA-125 revAAirGCFG.exe C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe C:Program FilesPCPitstopInfo CenterInfoCenter.exe C:Program FilesCommon FilesJavaJava Updatejusched.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesSkypePhoneSkype.exe C:Program FilesInterVideoCommonBinWinCinemaMgr.exe C:Program FilesSpywareGuardsgmain.exe C:Program FilesSpywareGuardsgbhp.exe C:Program FilesiPodbiniPodService.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.be/ BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:program filesjavajre6libdeployjqsiejqs_plugin.dll uRun: [CTFMON.EXE] c:windowssystem32ctfmon.exe uRun: [skype] "c:program filesskypephoneSkype.exe" /nosplash /minimized uRunOnce: [shockwave Updater] c:windowssystem32adobeshockwave 11SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.dadsproject.com/Klokkijken/klokkijken.php" mRun: [six Engine] "c:program filesasusepu-4 engineFourEngine.exe" -r mRun: [LogMeIn GUI] "c:program fileslogmeinx86LogMeInSystray.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [LifeCam] "c:program filesmicrosoft lifecamLifeExp.exe" mRun: [VX1000] c:windowsvVX1000.exe mRun: [MSC] "c:program filesmicrosoft security clientmsseces.exe" -hide -runkey mRun: [AppleSyncNotifier] c:program filescommon filesapplemobile device supportAppleSyncNotifier.exe mRun: [iTunesHelper] "c:program filesitunesiTunesHelper.exe" mRun: [PWRISOVM.EXE] c:program filespowerisoPWRISOVM.EXE -startup mRun: [uVS10 Preload] c:program filesulead systemsulead videostudio se dvduvPL.exe mRun: [WinDVR SchSvr] "c:program filescommon filesintervideoschsvrSchSvr.exe" mRun: [D-Link D-Link DWA-125] c:program filesd-linkdwa-125 revaAirGCFG.exe mRun: [WZCSLDR2] c:program filesd-linkdwa-125 revaWZCSLDR2.exe mRun: [info Center] c:program filespcpitstopinfo centerInfoCenter.exe mRun: [sunJavaUpdateSched] "c:program filescommon filesjavajava updatejusched.exe" dRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXE dRun: [DWQueuedReporting] "c:progra~1common~1micros~1dwdwtrig20.exe" -t StartupFolder: c:docume~1mamamenust~1progra~1opstar~1spywar~1.lnk - c:program filesspywareguardsgmain.exe StartupFolder: c:docume~1alluse~1menust~1progra~1opstar~1interv~1.lnk - c:program filesintervideocommonbinWinCinemaMgr.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~2office12REFIEBAR.DLL DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} - hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243013861984 DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 TCP: Interfaces{4F52C767-993D-4BB5-AE28-5E54599325CC} : DhcpNameServer = 195.130.131.132 195.130.130.4 TCP: Interfaces{57CC1820-8280-407F-8BB2-EB8E5714DF5F} : DhcpNameServer = 195.130.130.4 195.130.131.4 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Notify: !SASWinLogon - c:program filessuperantispywareSASWINLO.DLL Notify: LMIinit - LMIinit.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32WPDShServiceObj.dll SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:program filesspywareguardspywareguard.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:program filessuperantispywareSASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:documents and settingsmamaapplication datamozillafirefoxprofileshefq8rku.default FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17243 FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&AF=17243&q= FF - plugin: c:program filesgooglegoogle earthpluginnpgeplugin.dll FF - plugin: c:program filesgoogleupdate1.3.21.79npGoogleUpdate3.dll FF - plugin: c:program filesmicrosoft silverlight4.0.60831.0npctrlui.dll FF - plugin: c:program filesmicrosoftoffice livenpOLW.dll FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:windowssystem32driversMpFilter.sys [2010-10-24 165648] R1 MpKsl14b6f6d3;MpKsl14b6f6d3;c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{dd6b984f-b158-4aa3-8647-5ac4c6bf47da}MpKsl14b6f6d3.sys [2011-11-3 28752] R1 SASDIFSV;SASDIFSV;c:program filessuperantispywareSASDIFSV.SYS [2009-5-14 12880] R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2009-5-14 67664] R2 !SASCORE;SAS Core Service;c:program filessuperantispywareSASCORE.EXE [2011-6-12 116608] R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:program filesemsisoft anti-malwarea2service.exe [2011-6-13 3045688] R2 ANPD;ANPD Service;c:windowssystem32ANPD.SYS [2011-10-30 29411] R2 fssfltr;FssFltr;c:windowssystem32driversfssfltr_tdi.sys [2009-10-11 54752] R2 LMIGuardianSvc;LMIGuardianSvc;c:program fileslogmeinx86LMIGuardianSvc.exe [2010-10-5 374152] R2 LMIInfo;LogMeIn Kernel Information Provider;c:program fileslogmeinx86rainfo.sys [2008-7-24 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:windowssystem32driversLMIRfsDriver.sys [2009-5-22 47640] R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:windowssystem32driversDrt2870.sys [2011-10-30 779136] S1 MpKsl2a03b60a;MpKsl2a03b60a;??c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{7262ea36-dceb-49b7-87ab-3885ae2c843c}mpksl2a03b60a.sys --> c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{7262ea36-dceb-49b7-87ab-3885ae2c843c}MpKsl2a03b60a.sys [?] S1 MpKslb124d8ed;MpKslb124d8ed;??c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{56bff251-6282-460b-b669-266224a92bb0}mpkslb124d8ed.sys --> c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{56bff251-6282-460b-b669-266224a92bb0}MpKslb124d8ed.sys [?] S1 MpKsld0e9bdc2;MpKsld0e9bdc2;??c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{70379d85-e50b-44ff-86e2-cfc904337769}mpksld0e9bdc2.sys --> c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{70379d85-e50b-44ff-86e2-cfc904337769}MpKsld0e9bdc2.sys [?] S3 a2acc;a2acc;c:program filesemsisoft anti-malwarea2accx86.sys [2011-6-13 73728] S3 Ambfilt;Ambfilt;c:windowssystem32driversAmbfilt.sys [2009-5-22 1691480] S3 D_Link_DWA-125;D_Link_DWA-125 Service;c:program filesd-linkdwa-125 revaANIWZCSdS.exe [2011-10-30 126976] S3 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:program filesd-linkdwa-125 revaANIWConnService.exe [2011-10-30 40960] S3 fsssvc;De service Windows Live Family Safety;c:program fileswindows livefamily safetyfsssvc.exe [2010-4-28 704872] S3 gupdate;Google Updateservice (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2009-11-22 135664] S3 gupdatem;Google Update-service (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2009-11-22 135664] S3 MBAMSwissArmy;MBAMSwissArmy;??c:windowssystem32driversmbamswissarmy.sys --> c:windowssystem32driversmbamswissarmy.sys [?] S3 NPF;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [2007-11-6 34064] S3 npggsvc;nProtect GameGuard Service;c:windowssystem32gamemon.des -service --> c:windowssystem32GameMon.des -service [?] S3 PCPitstop Scheduling;PCPitstop Scheduling;c:program filespcpitstopPCPitstopScheduleService.exe [2011-10-30 91816] S3 SASENUM;SASENUM;c:program filessuperantispywareSASENUM.SYS [2009-5-14 12872] S3 SMIGrabber3C;SMI Grabber Device Tuner Filter 3C;c:windowssystem32driversSmiUsbGrabber3C.sys [2011-8-10 805632] S4 LMIRfsClientNP;LMIRfsClientNP; [x] . =============== Created Last 30 ================ . 2011-11-03 21:01:53 28752 ----a-w- c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{dd6b984f-b158-4aa3-8647-5ac4c6bf47da}MpKsl14b6f6d3.sys 2011-11-03 21:01:50 56200 ----a-w- c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{dd6b984f-b158-4aa3-8647-5ac4c6bf47da}offreg.dll 2011-11-03 21:01:40 6668624 ----a-w- c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{dd6b984f-b158-4aa3-8647-5ac4c6bf47da}mpengine.dll 2011-11-03 13:48:47 -------- d-----w- c:program filesESET 2011-11-03 13:46:16 472808 ----a-w- c:windowssystem32deployJava1.dll 2011-11-03 13:36:14 22216 ----a-w- c:windowssystem32driversmbam.sys 2011-11-03 13:36:14 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2011-11-03 13:31:22 -------- d-----w- C:_OTL 2011-11-02 10:25:29 -------- d--h--r- c:documents and settingsmamaOnlangs geopend 2011-11-01 11:01:21 -------- d-----w- c:program filesSIW 2011-10-30 20:44:37 388096 ----a-r- c:documents and settingsmamaapplication datamicrosoftinstaller{45a66726-69bc-466b-a7a4-12fcba4883d7}HiJackThis.exe 2011-10-30 20:44:36 -------- d-----w- c:program filesTrend Micro 2011-10-30 16:56:16 -------- d-----w- c:documents and settingsall usersapplication dataPCPitstopDat 2011-10-30 06:16:16 48640 ----a-w- c:windowssystem32ANPD64.SYS 2011-10-30 06:16:16 34008 ----a-w- c:windowssystem32ANPD.VXD 2011-10-30 06:16:16 315392 ----a-w- c:windowssystem32ANPDApi.dll 2011-10-30 06:16:16 29411 ----a-w- c:windowssystem32ANPD.SYS 2011-10-30 06:15:34 779136 ----a-w- c:windowssystem32driversDrt2870.sys 2011-10-30 06:15:33 221184 ----a-w- c:windowssystem32RaCoInst.dll 2011-10-30 06:15:32 -------- d-----w- c:program filesD-Link 2011-10-19 14:31:15 -------- d-----w- c:documents and settingsall usersapplication dataHEMA Fotoservice 2011-10-19 14:31:13 -------- d-----w- c:program filesHEMA Fotoservice 2011-10-13 17:56:57 -------- d-----w- c:documents and settingsall usersapplication datatmp 2011-10-13 17:56:56 -------- d-----w- c:documents and settingsall usersapplication datahps 2011-10-13 17:55:38 -------- d-----w- c:program filesbol.com . ==================== Find3M ==================== . 2011-11-02 13:11:21 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2011-10-08 06:50:36 83360 ----a-w- c:windowssystem32LMIRfsClientNP.dll 2011-10-08 06:50:36 52096 ----a-w- c:windowssystem32spoolprtprocsw32x86LMIproc.dll 2011-10-08 06:50:35 87424 ----a-w- c:windowssystem32LMIinit.dll 2011-10-08 06:50:35 30592 ----a-w- c:windowssystem32LMIport.dll 2011-10-03 01:37:52 73728 ----a-w- c:windowssystem32javacpl.cpl 2011-09-26 09:41:44 614912 ----a-w- c:windowssystem32uiautomationcore.dll 2011-09-26 09:41:44 23040 ----a-w- c:windowssystem32oleaccrc.dll 2011-09-26 09:41:20 220160 ----a-w- c:windowssystem32oleacc.dll 2011-09-09 09:12:05 602624 ----a-w- c:windowssystem32crypt32.dll 2011-09-06 14:09:57 1859072 ----a-w- c:windowssystem32win32k.sys 2011-08-22 23:41:22 916480 ----a-w- c:windowssystem32wininet.dll 2011-08-22 23:41:20 43520 ----a-w- c:windowssystem32licmgr10.dll 2011-08-22 23:41:20 1469440 ----a-w- c:windowssystem32inetcpl.cpl 2011-08-22 11:58:28 385024 ----a-w- c:windowssystem32html.iec 2011-08-17 13:49:54 138496 ----a-w- c:windowssystem32driversafd.sys 2011-08-13 12:00:22 61244 ----a-w- c:windowssystem32x264vfw-uninstall.exe . ============= FINISH: 22:03:20,48 =============== Attach-log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: DeviceHarddiskVolume1 Install Date: 22/05/2009 9:01:14 System Uptime: 3/11/2011 21:59:57 (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5QL PRO Processor: Intel Pentium III Xeon-processor | LGA775 | 2997/333mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 146 GiB total, 32,311 GiB free. D: is FIXED (NTFS) - 152 GiB total, 141,391 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP867: 30/10/2011 21:44:35 - Installed HiJackThis RP868: 1/11/2011 9:55:20 - Software Distribution Service 3.0 RP869: 2/11/2011 10:23:05 - Revo Uninstaller's restore point - µTorrent RP870: 2/11/2011 10:24:10 - Revo Uninstaller's restore point - LimeWire 5.1.3 RP871: 2/11/2011 10:31:54 - Software Distribution Service 3.0 RP872: 3/11/2011 7:11:53 - OTL Restore Point - 3/11/2011 7:11:49 RP873: 3/11/2011 14:45:51 - Installed Java 6 Update 29 RP874: 3/11/2011 14:53:44 - Software Distribution Service 3.0 . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1 - Nederlands Adobe Shockwave Player 11.5 AMCap Any Video Converter 3.1.1 Apple Application Support Apple Mobile Device Support Apple Software Update Applian Director Assassin's Creed ASUS nVidia Driver Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver AviSynth 2.5 Beveiligingsupdate voor Microsoft Windows (KB2564958) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Media Encoder (KB2447961) Beveiligingsupdate voor Windows XP (KB2536276-v2) Beveiligingsupdate voor Windows XP (KB2562937) Beveiligingsupdate voor Windows XP (KB2566454) Beveiligingsupdate voor Windows XP (KB2567053) Beveiligingsupdate voor Windows XP (KB2567680) Beveiligingsupdate voor Windows XP (KB2570222) Beveiligingsupdate voor Windows XP (KB2570947) Beveiligingsupdate voor Windows XP (KB2592799) Beveiligingsupdate voor Windows XP (KB923789) bol.com fotoservice Bonjour Call of Duty® - World at War Call of Duty® - World at War 1.2 Patch Call of Duty® - World at War 1.3 Patch Call of Duty® - World at War 1.4 Patch Call of Duty® 2 Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.7 Patch Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Canon MP495 series MP Drivers CCleaner Click to Call with Skype Conduit Engine D-Link DWA-125 DScaler 4.1.15 Emsisoft Anti-Malware 5.1 EPU-4 Engine ESET Online Scanner v3 Free Audio Dub version 1.7.7 Free Studio version 5.0.8 Free Video Dub version 1.8 Free Video to MP3 Converter version 4.1 Free YouTube Download 2.10 GoGear ARIA Device Manager Google Chrome Google Earth Google Update Helper HEMA Fotoservice HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix voor Windows XP (KB2570791) HP-software voor foto- en beeldbewerking 2.0 - All-in-One HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma HP-software voor foto- en beeldbewerking 2.0 - HP psc 1200 hp psc 1200 series Huffyuv AVI lossless video codec (Remove Only) ijji - Gunz ijji REACTOR Info Center 1.0.0.7 InterVideo WinDVR 3 iTunes Java Auto Updater Java 6 Update 29 Junk Mail filter update Lame ACM MP3 Codec LogMeIn Malwarebytes' Anti-Malware version 1.51.2.1300 Media Converter for Philips Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB2572067) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft ActiveSync Microsoft Antimalware Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft LifeCam Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel Viewer Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Search Enhancement Pack Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft Software Update for Web Folders (Dutch) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MobileMe Control Panel Mozilla Firefox 4.0.1 (x86 nl) MSVCRT MSVCRT Redists MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA Drivers NVIDIA PhysX OGA Notifier 2.0.0048.0 Paint.NET v3.5.8 PC Matic 1.1.0.44 PhotoScape PowerISO PSP Video 9 6 PunkBuster Services QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime Realtek High Definition Audio Driver RealUpgrade 1.1 Revo Uninstaller 1.92 Safari SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio 3 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Segoe UI SIW version 2011.09.16 Skype™ 5.5 SMI Grabber Device Soldier Front Spybot - Search & Destroy SpywareBlaster 4.2 SpywareGuard v2.2 Steam Sudoku Beginner SUPERAntiSpyware Free Edition System Requirements Lab Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Ulead VideoStudio SE DVD Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Outlook 2007 Junk Email Filter (KB2596560) Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Update voor Windows XP (KB2607712) Update voor Windows XP (KB2616676) Videora iPod touch Converter 6 WebFldrs XP Windows-stuurprogrammapakket - Atheros (L1e) Net (03/31/2009 1.0.0.36) Windows-stuurprogrammapakket - NVIDIA (nv) Display (01/11/2010 6.14.11.9621) Windows-stuurprogrammapakket - Realtek Semiconductor Corp. HD Audio Driver (12/25/2009 5.10.0.6013) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Toolbar Windows Live Writer Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinPcap 4.0.2 WinRAR Wolfenstein - Enemy Territory x264vfw - H.264/MPEG-4 AVC codec (remove only) Xfire (remove only) YouSendIt Express YouTube Downloader 2.5.3 YouTube Downloader App 3.00 . ==== End Of File ===========================
  10. Hello JonTom, Thanks for the reply. I followed your instructions. Had some problems with the esetscanner... I could not find the button. So could not create a log. I did make a screenshot of the results. Will post it below. Java is updated. OTL-Log All processes killed ========== OTL ========== No active process named explorer.exe was found! Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename Prefs.js: "http://search.babylo...search&AF=17243" removed from browser.search.defaulturl Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1 Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine Prefs.js: "http://search.babylo.....rtrp&AF=17243=" removed from keyword.URL C:Documents and SettingsmamaApplication DataBabylonToolbarBabylonToolbar folder moved successfully. C:Documents and SettingsmamaApplication DataPriceGongData folder moved successfully. C:Documents and SettingsmamaApplication DataPriceGong folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 114688 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 419 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LogMeInRemoteUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: mama ->Temp folder emptied: 765948 bytes ->Temporary Internet Files folder emptied: 13560635 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 45340284 bytes ->Google Chrome cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 702 bytes User: NetworkService ->Temp folder emptied: 6876 bytes ->Temporary Internet Files folder emptied: 857748 bytes User: Nienke User: Thomas ->Apple Safari cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32dllcache .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 21861 bytes %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 147094295 bytes %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 198,00 mb [EMPTYFLASH] User: Administrator ->Flash cache emptied: 0 bytes User: All Users User: Default User User: LocalService User: LogMeInRemoteUser User: mama ->Flash cache emptied: 0 bytes User: NetworkService User: Nienke User: Thomas Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 11032011_143122 FilesFolders moved on Reboot... Registry entries deleted on Reboot... Malwarebytes antimalware-log Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8075 Windows 5.1.2600 Service Pack 3 Internet Explorer Unknown 3/11/2011 14:41:01 mbam-log-2011-11-03 (14-41-01).txt Scan type: Quick scan Objects scanned: 227763 Time elapsed: 2 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 9 Files Infected: 7 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetEnumRootLEGACY_QUESTSCAN_SERVICE (Adware.QuestScan) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: c:documents and settingsThomasapplication datashoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:documents and settingsThomasapplication datashoppingreport2cs (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:documents and settingsThomasapplication datashoppingreport2csdb (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:documents and settingsThomasapplication datashoppingreport2csdwld (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:documents and settingsThomasapplication datashoppingreport2csreport (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:program filesmozilla firefoxextensions{f0e1168a-b4b5-484c-b77e-0d28e6b64096} (Adware.QuestScan) -> Quarantined and deleted successfully. c:program filesmozilla firefoxextensions{f0e1168a-b4b5-484c-b77e-0d28e6b64096}chrome (Adware.QuestScan) -> Quarantined and deleted successfully. c:program filesmozilla firefoxextensions{f0e1168a-b4b5-484c-b77e-0d28e6b64096}defaults (Adware.QuestScan) -> Quarantined and deleted successfully. c:program filesmozilla firefoxextensions{f0e1168a-b4b5-484c-b77e-0d28e6b64096}defaultspreferences (Adware.QuestScan) -> Quarantined and deleted successfully. Files Infected: c:documents and settingsThomasapplication datashoppingreport2csConfig.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:documents and settingsThomasapplication datashoppingreport2csdbAliases.dbs (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:documents and settingsThomasapplication datashoppingreport2csreportaggr_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:documents and settingsThomasapplication datashoppingreport2csreportsend_storage.xml (Adware.ShoppingReport2) -> Quarantined and deleted successfully. c:program filesmozilla firefoxextensions{f0e1168a-b4b5-484c-b77e-0d28e6b64096}chrome.manifest (Adware.QuestScan) -> Quarantined and deleted successfully. c:program filesmozilla firefoxextensions{f0e1168a-b4b5-484c-b77e-0d28e6b64096}install.rdf (Adware.QuestScan) -> Quarantined and deleted successfully. c:program filesmozilla firefoxextensions{f0e1168a-b4b5-484c-b77e-0d28e6b64096}defaultspreferencesprefs.js (Adware.QuestScan) -> Quarantined and deleted successfully. Eset-log
  11. Extra.TXT OTL Extras logfile created on: 3/11/2011 7:10:37 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsmamaBureaublad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = ) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 3,25 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 80,21% Memory free 5,09 Gb Paging File | 4,58 Gb Available in Paging File | 89,96% Paging File free Paging file location(s): C:pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 146,48 Gb Total Space | 32,46 Gb Free Space | 22,16% Space Free | Partition Type: NTFS Drive D: | 151,61 Gb Total Space | 141,39 Gb Free Space | 93,26% Space Free | Partition Type: NTFS Computer Name: FRANCINE | User Name: mama | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USERSOFTWAREClasses<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1 Directory [bol.com fotoservice] -- "C:Program Filesbol.combol.com fotoservicebol.com fotoservice.exe" "%1" Directory [CEWE Fotoshow] -- "C:Program Filesbol.combol.com fotoserviceCEWE Fotoshow.exe" -d "%1" () Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringAhnlabAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringKasperskyAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringMcAfeeFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringPandaFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSophosAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTinyFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendFirewall] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSr] "Start" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileGloballyOpenPortsList] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileGloballyOpenPortsList] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service "1620:UDP" = 1620:UDP:*:Enabled:Windows Media Format SDK (wmplayer.exe) "1621:UDP" = 1621:UDP:*:Enabled:Windows Media Format SDK (wmplayer.exe) "1624:UDP" = 1624:UDP:*:Enabled:Windows Media Format SDK (wmplayer.exe) ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList] "C:Program FilesBearShare ApplicationsBearShareBearShare.exe" = C:Program FilesBearShare ApplicationsBearShareBearShare.exe:*:Enabled:BearShare [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList] "C:Program FilesAVGAVG8avgemc.exe" = C:Program FilesAVGAVG8avgemc.exe:*:Enabled:avgemc.exe "C:Program FilesAVGAVG8avgupd.exe" = C:Program FilesAVGAVG8avgupd.exe:*:Enabled:avgupd.exe "C:Program FilesAVGAVG8avgnsx.exe" = C:Program FilesAVGAVG8avgnsx.exe:*:Enabled:avgnsx.exe "C:WINDOWSDownloaded Program FilesPurpleBean.exe" = C:WINDOWSDownloaded Program FilesPurpleBean.exe:*:Enabled:PurpleBean.exe -- () "C:ijjiENGLISHu_sfsoldierfront.exe" = C:ijjiENGLISHu_sfsoldierfront.exe:*:Disabled:soldierfront -- () "C:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx9.exe" = C:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft) "C:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx10.exe" = C:Program FilesUbisoftAssassin's CreedAssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft) "C:Program FilesUbisoftAssassin's CreedAssassinsCreed_Launcher.exe" = C:Program FilesUbisoftAssassin's CreedAssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft) "C:Program FilesActivisionCall of Duty - World at WarCoDWaW.exe" = C:Program FilesActivisionCall of Duty - World at WarCoDWaW.exe:*:Enabled:Call of Duty® - World at War -- (Activision Blizzard, Inc.) "C:Program FilesActivisionCall of Duty - World at WarCoDWaWmp.exe" = C:Program FilesActivisionCall of Duty - World at WarCoDWaWmp.exe:*:Enabled:Call of Duty® - World at War -- (Activision Blizzard, Inc.) "C:WINDOWSDownloaded Program FilesijjiOptimizer.exe" = C:WINDOWSDownloaded Program FilesijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe -- () "C:Program FilesMicrosoft LifeCamLifeCam.exe" = C:Program FilesMicrosoft LifeCamLifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation) "C:Program FilesMicrosoft LifeCamLifeExp.exe" = C:Program FilesMicrosoft LifeCamLifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation) "C:Program FilesSkypePlugin ManagerskypePM.exe" = C:Program FilesSkypePlugin ManagerskypePM.exe:*:Enabled:Skype Extras Manager "C:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4sp.exe" = C:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2 -- () "C:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4mp.exe" = C:Program FilesSteamSteamAppscommoncall of duty modern warfare 2iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer -- () "C:Program FilesGoogleGoogle Earthclientgoogleearth.exe" = C:Program FilesGoogleGoogle Earthclientgoogleearth.exe:*:Enabled:Google Earth -- (Google) "C:Program FilesWolfenstein - Enemy TerritoryET.exe" = C:Program FilesWolfenstein - Enemy TerritoryET.exe:*:Enabled:ET -- () "C:Program FilesBearShare ApplicationsBearShareBearShare.exe" = C:Program FilesBearShare ApplicationsBearShareBearShare.exe:*:Enabled:BearShare "C:Program FilesSafariSafari.exe" = C:Program FilesSafariSafari.exe:*:Enabled:Safari -- (Apple Inc.) "C:Program FilesActivisionCall of Duty 2CoD2MP_s.exe" = C:Program FilesActivisionCall of Duty 2CoD2MP_s.exe:*:Enabled:CoD2MP_s -- () "C:Program FilesActivisionCall of Duty 4 - Modern Warfareiw3mp.exe" = C:Program FilesActivisionCall of Duty 4 - Modern Warfareiw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld "{1193600A-134F-40F9-9F71-FEF54C93C629}" = YouSendIt Express "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War 1.3 Patch "{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3 "{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 16 "{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War 1.2 Patch "{2C86B1A6-B82C-4C3F-B6E8-C00C20D512A1}" = Sudoku Beginner "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35CA031C-D3CD-4A28-8D9B-C71466C4F045}" = Windows Live Writer "{41DFDD57-21B7-4C48-8C75-FFB35696CA8B}" = Windows Live Toolbar "{43B0D334-9A1B-4257-9E51-D3813BD8B9D0}" = GoGear ARIA Device Manager "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client NL-NL Language Pack "{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists "{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6BF4613C-0A46-43AA-8FA8-0CB9F2C1A548}" = InterVideo WinDVR 3 "{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari "{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma "{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}" = Windows Live Photo Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel "{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes "{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8ADE24B2-DCA4-4A1E-8B52-A5B435522D9E}" = Soldier Front "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine "{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD "{90120000-0010-0413-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Dutch) 12 "{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007 "{90120000-0015-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007 "{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007 "{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007 "{90120000-0019-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007 "{90120000-001A-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007 "{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007 "{90120000-0044-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007 "{90120000-006E-0413-0000-0000000FF1CE}_ENTERPRISE_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007 "{90120000-00A1-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007 "{90120000-00BA-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch "{95120000-003F-0413-0000-0000000FF1CE}" = Microsoft Office Excel Viewer "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP-software voor foto- en beeldbewerking 2.0 - All-in-One "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync "{9A1027CE-83F6-3CB2-B9BA-9DA38D0907D0}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CE80D58-2E74-4FF4-A2D2-5E714E470F36}" = ASUS nVidia Driver "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8 "{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War 1.4 Patch "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.09.16 "{AC76BA86-7AD7-1043-7B44-A91000000001}" = Adobe Reader 9.1 - Nederlands "{B03B98E3-2795-48F6-BA33-793BBF5DF685}" = SMI Grabber Device "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C06B9160-52A1-4453-B7BC-206EFB0C7F3A}" = Samsung PC Studio 3 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C20C2630-B3A7-44BA-BDD0-31E256AE490E}" = Windows Live Call "{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support "{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3 "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series "{CAEB2BE8-EF9E-4BFE-8165-3B54B62AF6CF}" = Windows Live Family Safety "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2 "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War "{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX "{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E45CACFE-0576-4375-A84F-C34B99A7B652}" = D-Link DWA-125 "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare "{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}" = Media Converter for Philips "{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F73EA8BF-81F5-32AF-8D8A-24F12FD23B79}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD "{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}" = Microsoft Antimalware Service NL-NL Language Pack "5D26283FF35ECB8C8F1198F7E3C1F10046EC11A4" = Windows-stuurprogrammapakket - NVIDIA (nv) Display (01/11/2010 6.14.11.9621) "68B5B659620BA71C88432828271F056F69D0C6DE" = Windows-stuurprogrammapakket - Realtek Semiconductor Corp. HD Audio Driver (12/25/2009 5.10.0.6013) "6E5E9FF67691504D438CA4136E168A96A4E4FFC0" = Windows-stuurprogrammapakket - Atheros (L1e) Net (03/31/2009 1.0.0.36) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "AMCap" = AMCap "Any Video Converter_is1" = Any Video Converter 3.1.1 "Applian Director2.1" = Applian Director "AviSynth" = AviSynth 2.5 "bol.com fotoservice" = bol.com fotoservice "CCleaner" = CCleaner "conduitEngine" = Conduit Engine "DScaler 4.1.15_is1" = DScaler 4.1.15 "Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.1 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free Audio Dub_is1" = Free Audio Dub version 1.7.7 "Free Studio_is1" = Free Studio version 5.0.8 "Free Video Dub_is1" = Free Video Dub version 1.8 "Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.1 "Free YouTube Download_is1" = Free YouTube Download 2.10 "Google Chrome" = Google Chrome "Gunz" = ijji - Gunz "HEMA Fotoservice_is1" = HEMA Fotoservice "HP PSC 1200 Series" = HP-software voor foto- en beeldbewerking 2.0 - HP psc 1200 "HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only) "ie8" = Windows Internet Explorer 8 "Info Center_is1" = Info Center 1.0.0.7 "InstallShield_{1193600A-134F-40F9-9F71-FEF54C93C629}" = YouSendIt Express "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War 1.3 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War 1.2 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War 1.4 Patch "InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2 "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare "LameACM" = Lame ACM MP3 Codec "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft Security Client" = Microsoft Security Essentials "Mozilla Firefox 4.0.1 (x86 nl)" = Mozilla Firefox 4.0.1 (x86 nl) "NVIDIA Drivers" = NVIDIA Drivers "PC Matic_is1" = PC Matic 1.1.0.44 "PhotoScape" = PhotoScape "PowerISO" = PowerISO "PSP Video 9" = PSP Video 9 6 "PunkBusterSvc" = PunkBuster Services "Revo Uninstaller" = Revo Uninstaller 1.92 "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SpywareBlaster_is1" = SpywareBlaster 4.2 "SpywareGuard_is1" = SpywareGuard v2.2 "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "SystemRequirementsLab" = System Requirements Lab "Uninstall_is1" = Uninstall 1.0.0.1 "Videora iPod touch Converter" = Videora iPod touch Converter 6 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinPcapInst" = WinPcap 4.0.2 "WinRAR archiver" = WinRAR "Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory "x264vfw" = x264vfw - H.264/MPEG-4 AVC codec (remove only) "Xfire" = Xfire (remove only) "YouTube Downloader App" = YouTube Downloader App 3.00 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionUninstall] ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 1/11/2011 4:48:49 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3011 Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie Gegevens. Error - 2/11/2011 5:25:38 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3012 Description = De prestatietekenreeksen in de waarde van de registersleutel Performance worden beschadigd bij het verwerken van de Performance extension counter provider. De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp de derde DWORD. Error - 2/11/2011 5:25:38 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3012 Description = De prestatietekenreeksen in de waarde van de registersleutel Performance worden beschadigd bij het verwerken van de Performance extension counter provider. De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp de derde DWORD. Error - 2/11/2011 5:25:38 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3011 Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie Gegevens. Error - 2/11/2011 9:14:17 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3012 Description = De prestatietekenreeksen in de waarde van de registersleutel Performance worden beschadigd bij het verwerken van de Performance extension counter provider. De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp de derde DWORD. Error - 2/11/2011 9:14:18 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3012 Description = De prestatietekenreeksen in de waarde van de registersleutel Performance worden beschadigd bij het verwerken van de Performance extension counter provider. De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp de derde DWORD. Error - 2/11/2011 9:14:18 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3011 Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie Gegevens. Error - 3/11/2011 2:03:39 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3012 Description = De prestatietekenreeksen in de waarde van de registersleutel Performance worden beschadigd bij het verwerken van de Performance extension counter provider. De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp de derde DWORD. Error - 3/11/2011 2:03:39 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3012 Description = De prestatietekenreeksen in de waarde van de registersleutel Performance worden beschadigd bij het verwerken van de Performance extension counter provider. De waarde van BaseIndex in de registersleutel Performance is de eerste DWORD in de gegevenssectie, de waarde van LastCounter de tweede DWORD en de waarde van LastHelp de derde DWORD. Error - 3/11/2011 2:03:39 | Computer Name = FRANCINE | Source = LoadPerf | ID = 3011 Description = Het verwijderen van de tekenreeksen van prestatiemeteritems voor de WmiApRpl-service (WmiApRpl) is mislukt. De foutcode is de eerste DWORD in de sectie Gegevens. [ OSession Events ] Error - 2/06/2009 15:19:05 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash. Error - 2/06/2009 15:19:33 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash. Error - 2/06/2009 15:19:55 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash. Error - 13/07/2009 5:40:04 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error - 13/07/2009 5:40:10 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error - 6/04/2011 11:12:26 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash. Error - 3/06/2011 12:49:47 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error - 3/06/2011 16:16:19 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash. Error - 3/06/2011 16:16:30 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash. Error - 1/09/2011 13:58:16 | Computer Name = FRANCINE | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2069 seconds with 1320 seconds of active time. This session ended with a crash. [ System Events ] Error - 30/10/2011 11:00:59 | Computer Name = FRANCINE | Source = DCOM | ID = 10005 Description = DCOM kreeg foutmelding '%1084' bij het starten van de MSIServer-service met de argumenten '' om de server {000C101C-0000-0000-C000-000000000046} te starten Error - 30/10/2011 11:01:12 | Computer Name = FRANCINE | Source = DCOM | ID = 10005 Description = DCOM kreeg foutmelding '%1084' bij het starten van de MSIServer-service met de argumenten '' om de server {000C101C-0000-0000-C000-000000000046} te starten Error - 30/10/2011 11:02:51 | Computer Name = FRANCINE | Source = DCOM | ID = 10005 Description = DCOM kreeg foutmelding '%1084' bij het starten van de wuauserv-service met de argumenten '' om de server {E60687F7-01A1-40AA-86AC-DB1CBF673334} te starten Error - 30/10/2011 11:16:56 | Computer Name = FRANCINE | Source = DCOM | ID = 10005 Description = DCOM kreeg foutmelding '%1084' bij het starten van de EventSystem-service met de argumenten '' om de server {1BE1F766-5536-11D1-B726-00C04FB926AF} te starten Error - 30/10/2011 12:21:01 | Computer Name = FRANCINE | Source = Microsoft Antimalware | ID = 2001 Description = %%860 heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.115.893.0 Updatebron: %%859 Updatefase: %%854 Bronpad: http://www.microsoft.com Handtekeningtype: %%800 Updatetype: %%803 Gebruiker: NT AUTHORITYSYSTEM Huidige engineversie: Vorige engineversie: 1.1.7801.0 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Error - 30/10/2011 12:21:01 | Computer Name = FRANCINE | Source = Microsoft Antimalware | ID = 2001 Description = %%860 heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.115.893.0 Updatebron: %%859 Updatefase: %%854 Bronpad: http://www.microsoft.com Handtekeningtype: %%800 Updatetype: %%803 Gebruiker: NT AUTHORITYSYSTEM Huidige engineversie: Vorige engineversie: 1.1.7801.0 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Error - 30/10/2011 12:21:01 | Computer Name = FRANCINE | Source = Microsoft Antimalware | ID = 2001 Description = %%860 heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.115.893.0 Updatebron: %%859 Updatefase: %%853 Bronpad: http://www.microsoft.com Handtekeningtype: %%800 Updatetype: %%803 Gebruiker: NT AUTHORITYSYSTEM Huidige engineversie: Vorige engineversie: 1.1.7801.0 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Error - 30/10/2011 12:23:09 | Computer Name = FRANCINE | Source = Microsoft Antimalware | ID = 2001 Description = %%860 heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.115.893.0 Updatebron: %%859 Updatefase: %%854 Bronpad: http://www.microsoft.com Handtekeningtype: %%800 Updatetype: %%803 Gebruiker: NT AUTHORITYSYSTEM Huidige engineversie: Vorige engineversie: 1.1.7801.0 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Error - 30/10/2011 12:23:09 | Computer Name = FRANCINE | Source = Microsoft Antimalware | ID = 2001 Description = %%860 heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.115.893.0 Updatebron: %%859 Updatefase: %%854 Bronpad: http://www.microsoft.com Handtekeningtype: %%800 Updatetype: %%803 Gebruiker: NT AUTHORITYSYSTEM Huidige engineversie: Vorige engineversie: 1.1.7801.0 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Error - 30/10/2011 12:23:09 | Computer Name = FRANCINE | Source = Microsoft Antimalware | ID = 2001 Description = %%860 heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.115.893.0 Updatebron: %%859 Updatefase: %%853 Bronpad: http://www.microsoft.com Handtekeningtype: %%800 Updatetype: %%803 Gebruiker: NT AUTHORITYSYSTEM Huidige engineversie: Vorige engineversie: 1.1.7801.0 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. < End of report >
  12. Hello Jontom, With copy/paste I got a message that the path to the file was wrong. Check the filename. After that I navigated manually to that map and did not find the file. Therequested logs: OTL.Txt OTL logfile created on: 3/11/2011 7:10:37 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:Documents and SettingsmamaBureaublad Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = ) Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy 3,25 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 80,21% Memory free 5,09 Gb Paging File | 4,58 Gb Available in Paging File | 89,96% Paging File free Paging file location(s): C:pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:WINDOWS | %ProgramFiles% = C:Program Files Drive C: | 146,48 Gb Total Space | 32,46 Gb Free Space | 22,16% Space Free | Partition Type: NTFS Drive D: | 151,61 Gb Total Space | 141,39 Gb Free Space | 93,26% Space Free | Partition Type: NTFS Computer Name: FRANCINE | User Name: mama | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/11/03 07:09:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe PRC - [2011/10/30 17:06:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:Program FilesSUPERAntiSpywareSASCORE.EXE PRC - [2011/10/30 07:47:56 | 003,045,688 | ---- | M] (Emsi Software GmbH) -- C:Program FilesEmsisoft Anti-Malwarea2service.exe PRC - [2011/10/08 07:50:51 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86ramaint.exe PRC - [2011/10/08 07:50:35 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LMIGuardianSvc.exe PRC - [2011/09/26 12:27:08 | 000,024,216 | ---- | M] (PC Pitstop LLC) -- C:Program FilesPCPitstopInfo CenterInfoCenter.exe PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft Security Clientmsseces.exe PRC - [2011/06/15 07:19:14 | 000,307,200 | ---- | M] (PowerISO Computing, Inc.) -- C:Program FilesPowerISOPWRISOVM.EXE PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe PRC - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LogMeIn.exe PRC - [2009/10/19 19:03:50 | 000,995,328 | ---- | M] (D-Link Corp.) -- C:Program FilesD-LinkDWA-125 revAAirGCFG.exe PRC - [2009/10/19 18:39:38 | 000,122,880 | ---- | M] (Wireless Service) -- C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe PRC - [2008/07/24 17:46:10 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:Program FilesLogMeInx86LogMeInSystray.exe PRC - [2008/07/23 16:04:20 | 005,625,344 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineFourEngine.exe PRC - [2008/04/14 18:02:58 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:WINDOWSexplorer.exe PRC - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:Program FilesMicrosoft LifeCamMSCamS32.exe PRC - [2007/04/10 22:46:52 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:WINDOWSvVX1000.exe PRC - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:Program FilesSpywareGuardsgmain.exe PRC - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:Program FilesSpywareGuardsgbhp.exe PRC - [2003/06/06 16:52:32 | 000,151,552 | ---- | M] (InterVideo Inc.) -- C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe PRC - [2003/06/06 16:51:48 | 000,131,072 | ---- | M] () -- C:Program FilesInterVideoCommonBinWinCinemaMgr.exe ========== Modules (No Company Name) ========== MOD - [2011/10/30 07:16:16 | 000,315,392 | ---- | M] () -- C:WINDOWSsystem32ANPDApi.dll MOD - [2011/10/14 05:55:04 | 012,430,848 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Windows.Forms71a2ae9ad561a62181cbd9fb11e9de7aSystem.Windows.Forms.ni.dll MOD - [2011/10/14 05:54:46 | 001,587,200 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32System.Drawingc10bea3c4bb7ef654651141bf9419090System.Drawing.ni.dll MOD - [2011/10/13 22:49:12 | 007,950,848 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32Systemaf39f6e644af02873b9bae319f2bfb13System.ni.dll MOD - [2011/10/13 22:49:02 | 011,490,816 | ---- | M] () -- C:WINDOWSassemblyNativeImages_v2.0.50727_32mscorlibca87ba84221991839abbe7d4bc9c6721mscorlib.ni.dll MOD - [2009/10/19 18:59:12 | 000,274,432 | ---- | M] () -- C:Program FilesD-LinkDWA-125 revAwlanapp.dll MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:Program FilesCommon FilesAppleApple Application Supportzlib1.dll MOD - [2009/05/22 09:04:59 | 000,303,104 | ---- | M] () -- C:WINDOWSassemblyGAC_MSILmscorlib.resources2.0.0.0_nl_b77a5c561934e089mscorlib.resources.dll MOD - [2008/07/23 16:04:20 | 005,625,344 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineFourEngine.exe MOD - [2008/04/15 09:07:34 | 000,053,248 | ---- | M] () -- C:Program FilesASUSEPU-4 EngineAsSpindownTimeout.dll MOD - [2006/01/10 09:50:20 | 000,024,576 | R--- | M] () -- C:WINDOWSsystem32AsIO.dll MOD - [2005/05/11 15:39:32 | 000,565,248 | ---- | M] () -- C:Program FilesASUSEPU-4 Enginepngio.dll MOD - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:Program FilesSpywareGuardsgmain.exe MOD - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:Program FilesSpywareGuardsgbhp.exe MOD - [2003/08/02 22:20:57 | 000,126,976 | R--- | M] () -- C:Program FilesSpywareGuardspywareguard.dll MOD - [2003/06/06 16:51:48 | 000,131,072 | ---- | M] () -- C:Program FilesInterVideoCommonBinWinCinemaMgr.exe ========== Win32 Services (SafeList) ========== SRV - [2011/10/30 17:06:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:Program FilesSUPERAntiSpywareSASCORE.EXE -- (!SASCORE) SRV - [2011/10/30 07:47:56 | 003,045,688 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:Program FilesEmsisoft Anti-Malwarea2service.exe -- (a2AntiMalware) SRV - [2011/10/26 11:42:32 | 000,091,816 | ---- | M] (PC Pitstop LLC) [On_Demand | Stopped] -- C:Program FilesPCPitstopPCPitstopScheduleService.exe -- (PCPitstop Scheduling) SRV - [2011/10/08 07:50:51 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86RaMaint.exe -- (LMIMaint) SRV - [2011/10/08 07:50:35 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe -- (MsMpSvc) SRV - [2010/11/08 12:04:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:Program FilesLogMeInx86LogMeIn.exe -- (LogMeIn) SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:Program FilesCommon FilesArcSoftConnection ServiceBinACService.exe -- (ACDaemon) SRV - [2009/08/21 09:27:26 | 000,126,976 | ---- | M] (Wireless Service) [On_Demand | Stopped] -- C:Program FilesD-LinkDWA-125 revAANIWZCSdS.exe -- (D_Link_DWA-125) SRV - [2009/07/07 19:49:20 | 000,040,960 | ---- | M] () [On_Demand | Stopped] -- C:Program FilesD-LinkDWA-125 revAANIWConnService.exe -- (D_Link_DWA-125_WPS) SRV - [2009/05/20 09:50:20 | 002,772,302 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:WINDOWSSystem32GameMon.des -- (npggsvc) SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:Program FilesWinPcaprpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:Program FilesMicrosoft LifeCamMSCamS32.exe -- (MSCamSvc) SRV - [2006/09/28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [On_Demand | Stopped] -- C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe -- (UleadBurningHelper) SRV - [2003/03/09 20:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:WINDOWSsystem32HPZipm12.exe -- (Pml Driver HPZ12) ========== Driver Services (SafeList) ========== DRV - [2011/11/03 06:59:39 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{01BAA76E-C68A-4F4A-9B66-DF535EDC036E}MpKsl4db32db8.sys -- (MpKsl4db32db8) DRV - [2011/10/30 17:06:43 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywareSASKUTIL.SYS -- (SASKUTIL) DRV - [2011/10/30 17:06:42 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywareSASDIFSV.SYS -- (SASDIFSV) DRV - [2011/10/30 07:16:16 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:WINDOWSsystem32ANPD.SYS -- (ANPD) DRV - [2011/10/08 07:50:36 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:WINDOWSSystem32LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2011/06/15 09:23:56 | 000,060,156 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:WINDOWSSystem32driversscdemu.sys -- (SCDEmu) DRV - [2011/06/12 19:53:30 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:Program FilesSUPERAntiSpywareSASENUM.SYS -- (SASENUM) DRV - [2011/02/20 20:30:06 | 000,073,728 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:Program FilesEmsisoft Anti-Malwarea2accx86.sys -- (a2acc) DRV - [2011/01/26 10:31:28 | 000,805,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversSmiUsbGrabber3C.sys -- (SMIGrabber3C) DRV - [2009/12/25 18:26:30 | 006,039,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversRtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2009/11/18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversMonfilt.sys -- (Monfilt) DRV - [2009/11/18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversAmbfilt.sys -- (Ambfilt) DRV - [2009/10/23 17:10:10 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:WINDOWSSystem32driversStarOpen.sys -- (StarOpen) DRV - [2009/09/15 14:09:22 | 000,779,136 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversDrt2870.sys -- (rt2870) DRV - [2009/08/05 21:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:WINDOWSsystem32driversfssfltr_tdi.sys -- (fssfltr) DRV - [2009/03/31 17:33:10 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversl1e51x86.sys -- (L1e) DRV - [2008/07/24 17:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:Program FilesLogMeInx86rainfo.sys -- (LMIInfo) DRV - [2008/07/24 17:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:WINDOWSsystem32driversLMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversnmnt.sys -- (nm) DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversMPE.sys -- (MPE) DRV - [2007/12/17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:WINDOWSsystem32driversAsIO.sys -- (AsIO) DRV - [2007/11/06 21:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversnpf.sys -- (NPF) DRV - [2007/05/02 10:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_mdm.sys -- (ssm_mdm) DRV - [2007/05/02 10:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_mdfl.sys -- (ssm_mdfl) DRV - [2007/05/02 10:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2007/05/02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_mdm.sys -- (ss_mdm) DRV - [2007/05/02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_mdfl.sys -- (ss_mdfl) DRV - [2007/05/02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2007/04/10 22:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversVX1000.sys -- (VX1000) DRV - [2006/11/29 06:46:24 | 000,028,224 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32driversAPLMp50.sys -- (APLMp50) DRV - [2005/12/18 19:42:12 | 000,008,801 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:Program FilesDScalerDSDrv4.sys -- (DSDrv4) DRV - [2005/01/02 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:WINDOWSsystem32npptNT2.sys -- (NPPTNT2) DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driversASACPI.sys -- (MTsensor) DRV - [2002/09/27 06:53:00 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:WINDOWSsystem32driverspfc.sys -- (pfc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.be/ IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://be.msn.com/default.aspx?ocid=iehp IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = nl-be IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = 8A 69 41 C1 21 97 CC 01 [binary data] IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17243" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=adbartrp&AF=17243&q=" FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:WINDOWSsystem32MacromedFlashNPSWF32.dll () FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:WINDOWSsystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.) FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program FilesiTunesMozilla Pluginsnpitunes.dll () FF - HKLMSoftwareMozillaPlugins@Google.com/GoogleEarthPlugin: C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google) FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:Program FilesMicrosoft Silverlight4.0.60831.0npctrl.dll ( Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/OfficeLive,version=1.3: C:Program FilesMicrosoftOffice LivenpOLW.dll (Microsoft Corp.) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=14.0.8117.0416: C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation) FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program FilesGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.) FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program FilesGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxextensions{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:Program FilesArcSoftMedia Converter for PhilipsInternet Video DownloaderPlugin_FireFox [2010/03/07 12:38:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 4.0.1extensionsComponents: C:Program FilesMozilla Firefoxcomponents [2011/10/30 16:01:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 4.0.1extensionsPlugins: C:Program FilesMozilla Firefoxplugins [2011/02/22 16:50:36 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsmamaApplication DataMozillaExtensions [2011/10/30 12:10:16 | 000,000,000 | ---D | M] (No name found) -- C:Documents and SettingsmamaApplication DataMozillaFirefoxProfileshefq8rku.defaultextensions [2011/06/12 20:55:40 | 000,000,000 | ---D | M] (No name found) -- C:Program FilesMozilla Firefoxextensions [2011/08/10 17:54:30 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:Program FilesMozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/05/22 09:53:49 | 000,000,000 | ---D | M] (QuestScan) -- C:Program FilesMozilla Firefoxextensions{F0E1168A-B4B5-484C-B77E-0D28E6B64096} [2009/06/03 17:08:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:PROGRAM FILESJAVAJRE6LIBDEPLOYJQSFF [2009/09/01 20:55:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:WINDOWSMICROSOFT.NETFRAMEWORKV3.5WINDOWS PRESENTATION FOUNDATIONDOTNETASSISTANTEXTENSION [2011/04/14 17:57:43 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:Program Filesmozilla firefoxcomponentsbrowsercomps.dll [2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsbing.xml [2010/01/01 09:00:00 | 000,001,892 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsbolcom-nl.xml [2010/01/01 09:00:00 | 000,004,558 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsmarktplaats-nl.xml [2010/01/01 09:00:00 | 000,001,111 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginsvandale-nl.xml [2010/01/01 09:00:00 | 000,001,049 | ---- | M] () -- C:Program Filesmozilla firefoxsearchpluginswikipedia-nl.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:WINDOWSsystem32MacromedFlashNPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program FilesQuickTimepluginsnpqtplugin7.dll CHR - plugin: Java Platform SE 6 U16 (Enabled) = C:Program FilesJavajre6binnew_pluginnpjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:Program FilesMicrosoft Silverlight4.0.60531.0npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:WINDOWSsystem32AdobeDirectornp32dsw.dll CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:Program FilesRealRealPlayerNetscape6nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:Program FilesRealRealPlayerNetscape6nprpjplug.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:Program FilesWindows Media Playernpdsplay.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:Program FilesMicrosoftOffice LivenpOLW.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:Program Filesgooglechromeapplication14.0.835.202pdf.dll CHR - plugin: Skype Toolbars (Enabled) = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.5.0.8013_0npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Disabled) = C:Program FilesAdobeReader 9.0ReaderBrowsernppdf32.dll CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpdrmv2.dll CHR - plugin: Microsoftu00AE DRM (Enabled) = C:Program FilesWindows Media Playernpwmsdrm.dll CHR - plugin: Google Earth Plugin (Enabled) = C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll CHR - plugin: Google Update (Enabled) = C:Program FilesGoogleUpdate1.3.21.69npGoogleUpdate3.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:Program FilesRealRealPlayerNetscape6nprjplug.dll CHR - plugin: Windows Liveu00AE Photo Gallery (Enabled) = C:Program FilesWindows LivePhoto GalleryNPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:Program FilesiTunesMozilla Pluginsnpitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.4_0 CHR - Extension: Click to call with Skype = C:Documents and SettingsmamaLocal SettingsApplication DataGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.5.0.8013_0 O1 HOSTS File: ([2009/05/22 19:08:20 | 000,611,053 | ---- | M]) - C:WINDOWSsystem32driversetcHOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 ad.a8.net O1 - Hosts: 127.0.0.1 asy.a8ww.net O1 - Hosts: 127.0.0.1 acezip.net #[siteAdvisor.acezip.net] O1 - Hosts: 127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions] O1 - Hosts: 127.0.0.1 phpadsnew.abac.com O1 - Hosts: 127.0.0.1 a.abnad.net O1 - Hosts: 127.0.0.1 b.abnad.net O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie] O1 - Hosts: 127.0.0.1 d.abnad.net O1 - Hosts: 127.0.0.1 e.abnad.net O1 - Hosts: 127.0.0.1 t.abnad.net O1 - Hosts: 127.0.0.1 z.abnad.net O1 - Hosts: 127.0.0.1 banners.absolpublisher.com O1 - Hosts: 127.0.0.1 tracking.absolstats.com O1 - Hosts: 127.0.0.1 adv.abv.bg O1 - Hosts: 127.0.0.1 bimg.abv.bg O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com O1 - Hosts: 127.0.0.1 accuserveadsystem.com O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com O1 - Hosts: 127.0.0.1 gtb5.acecounter.com O1 - Hosts: 127.0.0.1 gtb19.acecounter.com O1 - Hosts: 127.0.0.1 gtcc1.acecounter.com O1 - Hosts: 127.0.0.1 gtp1.acecounter.com #[eTrust.Tracking.Cookie] O1 - Hosts: 16309 more lines... O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..Run: [D-Link D-Link DWA-125] C:Program FilesD-LinkDWA-125 revAAirGCFG.exe (D-Link Corp.) O4 - HKLM..Run: [info Center] C:Program FilesPCPitstopInfo CenterInfoCenter.exe (PC Pitstop LLC) O4 - HKLM..Run: [LifeCam] C:Program FilesMicrosoft LifeCamLifeExp.exe (Microsoft Corporation) O4 - HKLM..Run: [LogMeIn GUI] C:Program FilesLogMeInx86LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..Run: [MSC] C:Program FilesMicrosoft Security Clientmsseces.exe (Microsoft Corporation) O4 - HKLM..Run: [PWRISOVM.EXE] C:Program FilesPowerISOPWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..Run: [six Engine] C:Program FilesASUSEPU-4 EngineFourEngine.exe () O4 - HKLM..Run: [uVS10 Preload] C:Program FilesUlead SystemsUlead VideoStudio SE DVDuvPL.exe (Ulead Systems, Inc.) O4 - HKLM..Run: [VX1000] C:WINDOWSvVX1000.exe (Microsoft Corporation) O4 - HKLM..Run: [WinDVR SchSvr] C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe (InterVideo Inc.) O4 - HKLM..Run: [WZCSLDR2] C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe (Wireless Service) O4 - HKCU..RunOnce: [shockwave Updater] C:WINDOWSsystem32AdobeShockwave 11SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.dadsproject.com/Klokkijken/klokkijken.php" File not found O4 - Startup: C:Documents and SettingsAll UsersMenu StartProgramma'sOpstartenInterVideo WinCinema Manager.lnk = C:Program FilesInterVideoCommonBinWinCinemaMgr.exe () O4 - Startup: C:Documents and SettingsmamaMenu StartProgramma'sOpstartenSpywareGuard.lnk = C:Program FilesSpywareGuardsgmain.exe () O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HonorAutoRunSetting = 1 O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5Catalog_Entries000000000004 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.) O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (VersionControl Class) O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher) O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243013861984 (MUWebControl Class) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 195.130.130.4 195.130.131.4 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{4F52C767-993D-4BB5-AE28-5E54599325CC}: DhcpNameServer = 195.130.131.132 195.130.130.4 O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{57CC1820-8280-407F-8BB2-EB8E5714DF5F}: DhcpNameServer = 195.130.130.4 195.130.131.4 O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:WINDOWSexplorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:WINDOWSsystem32userinit.exe) -C:WINDOWSsystem32userinit.exe (Microsoft Corporation) O20 - WinlogonNotify!SASWinLogon: DllName - (C:Program FilesSUPERAntiSpywareSASWINLO.DLL) - C:Program FilesSUPERAntiSpywareSASWINLO.DLL (SUPERAntiSpyware.com) O20 - WinlogonNotifyLMIinit: DllName - (LMIinit.dll) - C:WINDOWSSystem32LMIinit.dll (LogMeIn, Inc.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL (SuperAdBlocker.com) O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:Program FilesSpywareGuardspywareguard.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () - C:AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM..comfile [open] -- "%1" %* O35 - HKLM..exefile [open] -- "%1" %* O37 - HKLM...com [@ = comfile] -- "%1" %* O37 - HKLM...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011/11/03 07:09:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe [2011/11/02 11:25:29 | 000,000,000 | RH-D | C] -- C:Documents and SettingsmamaOnlangs geopend [2011/11/01 12:01:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sSIW [2011/11/01 12:01:21 | 000,000,000 | ---D | C] -- C:Program FilesSIW [2011/11/01 09:52:47 | 000,000,000 | ---D | C] -- C:Documents and SettingsmamaBureaubladgmer [2011/11/01 09:48:59 | 000,000,000 | R--D | C] -- C:Documents and SettingsmamaMenu StartProgramma'sSysteembeheer [2011/11/01 09:46:37 | 000,607,260 | R--- | C] (Swearware) -- C:Documents and SettingsmamaBureaubladdds.scr [2011/10/30 21:44:36 | 000,000,000 | ---D | C] -- C:Program FilesTrend Micro [2011/10/30 21:44:36 | 000,000,000 | ---D | C] -- C:Documents and SettingsmamaMenu StartProgramma'sHiJackThis [2011/10/30 17:56:16 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataPCPitstopDat [2011/10/30 17:54:02 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sPC Pitstop [2011/10/30 14:57:11 | 000,000,000 | ---D | C] -- C:WINDOWSCSC [2011/10/30 12:09:43 | 000,000,000 | ---D | C] -- D:Documents and SettingsmamaMijn documentenDownloads [2011/10/30 07:17:24 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sD-Link [2011/10/30 07:15:34 | 000,779,136 | ---- | C] (Ralink Technology, Corp.) -- C:WINDOWSSystem32driversDrt2870.sys [2011/10/30 07:15:33 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:WINDOWSSystem32RaCoInst.dll [2011/10/30 07:15:32 | 000,000,000 | ---D | C] -- C:Program FilesD-Link [2011/10/19 15:31:35 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sHEMA Fotoservice [2011/10/19 15:31:15 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication DataHEMA Fotoservice [2011/10/19 15:31:13 | 000,000,000 | ---D | C] -- C:Program FilesHEMA Fotoservice [2011/10/13 18:56:57 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication Datatmp [2011/10/13 18:56:56 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersApplication Datahps [2011/10/13 18:56:38 | 000,000,000 | ---D | C] -- C:Documents and SettingsAll UsersMenu StartProgramma'sbol.com fotoservice [2011/10/13 18:55:38 | 000,000,000 | ---D | C] -- C:Program Filesbol.com [1 D:Documents and SettingsmamaMijn documenten*.tmp files -> D:Documents and SettingsmamaMijn documenten*.tmp -> ] [1 C:WINDOWS*.tmp files -> C:WINDOWS*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/11/03 07:09:11 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:Documents and SettingsmamaBureaubladOTL.exe [2011/11/03 07:06:33 | 000,003,284 | ---- | M] () -- C:WINDOWSSystem32ANIWZCS{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/11/03 07:06:24 | 000,000,005 | ---- | M] () -- C:WINDOWSSystem32ANIWZCSUSERNAME{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/11/03 07:06:01 | 000,002,206 | ---- | M] () -- C:WINDOWSSystem32wpa.dbl [2011/11/03 07:06:00 | 000,001,040 | ---- | M] () -- C:WINDOWStasksGoogleUpdateTaskMachineCore.job [2011/11/03 07:05:59 | 000,000,294 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/11/03 07:05:59 | 000,000,280 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-1005.job [2011/11/03 07:05:59 | 000,000,276 | ---- | M] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-1003.job [2011/11/03 07:04:41 | 000,000,424 | -H-- | M] () -- C:WINDOWStasksMP Scheduled Scan.job [2011/11/03 07:03:42 | 000,706,232 | ---- | M] () -- C:WINDOWSSystem32perfh013.dat [2011/11/03 07:03:42 | 000,607,070 | ---- | M] () -- C:WINDOWSSystem32perfh009.dat [2011/11/03 07:03:42 | 000,185,908 | ---- | M] () -- C:WINDOWSSystem32perfc013.dat [2011/11/03 07:03:42 | 000,143,122 | ---- | M] () -- C:WINDOWSSystem32perfc009.dat [2011/11/03 07:00:00 | 000,001,044 | ---- | M] () -- C:WINDOWStasksGoogleUpdateTaskMachineUA.job [2011/11/03 06:59:29 | 000,002,048 | --S- | M] () -- C:WINDOWSbootstat.dat [2011/11/02 14:14:00 | 000,000,288 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-1005.job [2011/11/02 14:11:21 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:WINDOWSSystem32FlashPlayerCPLApp.cpl [2011/11/02 11:22:07 | 000,005,120 | ---- | M] () -- C:Documents and SettingsmamaLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/01 12:01:27 | 000,000,610 | ---- | M] () -- C:Documents and SettingsmamaBureaubladSIW.lnk [2011/11/01 09:48:43 | 000,294,216 | ---- | M] () -- C:Documents and SettingsmamaBureaubladgmer.zip [2011/11/01 09:46:39 | 000,607,260 | R--- | M] (Swearware) -- C:Documents and SettingsmamaBureaubladdds.scr [2011/10/30 21:45:14 | 000,002,445 | ---- | M] () -- C:Documents and SettingsmamaBureaubladHiJackThis.lnk [2011/10/30 18:43:37 | 000,002,187 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladSafari.lnk [2011/10/30 18:25:42 | 000,000,244 | ---- | M] () -- C:Documents and SettingsmamaBureaubladToverboom InfoCentrum.url [2011/10/30 17:54:02 | 000,001,675 | ---- | M] () -- C:Documents and SettingsmamaBureaubladPC Matic.lnk [2011/10/30 17:22:29 | 000,002,493 | ---- | M] () -- C:Documents and SettingsmamaBureaubladMicrosoft Office Word 2007.lnk [2011/10/30 16:02:47 | 000,001,324 | ---- | M] () -- C:WINDOWSSystem32d3d9caps.dat [2011/10/30 14:45:40 | 000,000,284 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-1003.job [2011/10/30 14:39:23 | 000,000,211 | ---- | M] () -- C:Documents and SettingsmamaBureaubladDe Toverboom - WELKOM - Basisschool 'De Toverboom'. Kom alles te weten over onze school..url [2011/10/30 09:55:19 | 000,000,302 | ---- | M] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:11 | 000,000,682 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladCCleaner.lnk [2011/10/30 07:17:24 | 000,001,682 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladWireless Connection Manager.lnk [2011/10/30 07:16:16 | 000,315,392 | ---- | M] () -- C:WINDOWSSystem32ANPDApi.dll [2011/10/30 07:16:16 | 000,048,640 | ---- | M] () -- C:WINDOWSSystem32ANPD64.SYS [2011/10/30 07:16:16 | 000,034,008 | ---- | M] () -- C:WINDOWSSystem32ANPD.VXD [2011/10/30 07:16:16 | 000,029,411 | ---- | M] () -- C:WINDOWSSystem32ANPD.SYS [2011/10/29 17:28:37 | 000,001,813 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladGoogle Chrome.lnk [2011/10/19 14:55:38 | 000,000,914 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladbol.com fotoservice.lnk [2011/10/19 14:55:38 | 000,000,884 | ---- | M] () -- C:Documents and SettingsAll UsersBureaubladCEWE Fotoshow.lnk [2011/10/14 05:51:45 | 000,293,272 | ---- | M] () -- C:WINDOWSSystem32FNTCACHE.DAT [2011/10/08 07:50:36 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIRfsClientNP.dll [2011/10/08 07:50:35 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIinit.dll [2011/10/08 07:50:35 | 000,030,592 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSSystem32LMIport.dll [1 D:Documents and SettingsmamaMijn documenten*.tmp files -> D:Documents and SettingsmamaMijn documenten*.tmp -> ] [1 C:WINDOWS*.tmp files -> C:WINDOWS*.tmp -> ] ========== Files Created - No Company Name ========== [2011/11/02 11:20:44 | 000,005,120 | ---- | C] () -- C:Documents and SettingsmamaLocal SettingsApplication DataDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/11/01 12:01:27 | 000,000,610 | ---- | C] () -- C:Documents and SettingsmamaBureaubladSIW.lnk [2011/11/01 09:48:43 | 000,294,216 | ---- | C] () -- C:Documents and SettingsmamaBureaubladgmer.zip [2011/10/30 21:44:37 | 000,002,445 | ---- | C] () -- C:Documents and SettingsmamaBureaubladHiJackThis.lnk [2011/10/30 17:40:33 | 000,000,244 | ---- | C] () -- C:Documents and SettingsmamaBureaubladToverboom InfoCentrum.url [2011/10/30 09:55:20 | 000,000,294 | ---- | C] () -- C:WINDOWStasksRealUpgradeLogonTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:19 | 000,000,302 | ---- | C] () -- C:WINDOWStasksRealUpgradeScheduledTaskS-1-5-21-2000478354-115176313-839522115-500.job [2011/10/30 09:55:11 | 000,000,682 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladCCleaner.lnk [2011/10/30 07:17:31 | 000,003,284 | ---- | C] () -- C:WINDOWSSystem32ANIWZCS{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/10/30 07:17:24 | 000,001,682 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladWireless Connection Manager.lnk [2011/10/30 07:16:23 | 000,000,005 | ---- | C] () -- C:WINDOWSSystem32ANIWZCSUSERNAME{57CC1820-8280-407F-8BB2-EB8E5714DF5F} [2011/10/30 07:16:16 | 000,315,392 | ---- | C] () -- C:WINDOWSSystem32ANPDApi.dll [2011/10/30 07:16:16 | 000,048,640 | ---- | C] () -- C:WINDOWSSystem32ANPD64.SYS [2011/10/30 07:16:16 | 000,034,008 | ---- | C] () -- C:WINDOWSSystem32ANPD.VXD [2011/10/30 07:16:16 | 000,029,411 | ---- | C] () -- C:WINDOWSSystem32ANPD.SYS [2011/10/30 07:15:33 | 000,013,931 | ---- | C] () -- C:WINDOWSSystem32RaCoInst.dat [2011/10/13 18:56:52 | 000,000,914 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladbol.com fotoservice.lnk [2011/10/13 18:56:52 | 000,000,884 | ---- | C] () -- C:Documents and SettingsAll UsersBureaubladCEWE Fotoshow.lnk [2011/08/13 16:41:18 | 000,204,800 | ---- | C] () -- C:WINDOWSSystem32IVIresizeW7.dll [2011/08/13 16:41:18 | 000,200,704 | ---- | C] () -- C:WINDOWSSystem32IVIresizeA6.dll [2011/08/13 16:41:18 | 000,192,512 | ---- | C] () -- C:WINDOWSSystem32IVIresizeP6.dll [2011/08/13 16:41:18 | 000,192,512 | ---- | C] () -- C:WINDOWSSystem32IVIresizeM6.dll [2011/08/13 16:41:18 | 000,188,416 | ---- | C] () -- C:WINDOWSSystem32IVIresizePX.dll [2011/08/13 16:41:18 | 000,020,480 | ---- | C] () -- C:WINDOWSSystem32IVIresize.dll [2011/08/11 13:40:49 | 000,061,244 | ---- | C] () -- C:WINDOWSSystem32x264vfw-uninstall.exe [2011/08/11 13:38:08 | 000,000,135 | ---- | C] () -- C:WINDOWShuffyuv.ini [2011/08/10 18:18:52 | 000,363,520 | ---- | C] () -- C:WINDOWSSystem32PsisDecd.dll [2011/07/10 22:04:39 | 000,021,504 | ---- | C] () -- C:WINDOWSjestertb.dll [2011/03/18 22:18:48 | 000,002,528 | ---- | C] () -- C:Documents and SettingsmamaApplication Data$_hpcst$.hpc [2011/03/08 20:05:24 | 000,000,162 | ---- | C] () -- C:WINDOWSwininit.ini [2011/02/23 19:49:33 | 000,000,552 | ---- | C] () -- C:WINDOWSSystem32d3d8caps.dat [2011/02/20 12:33:22 | 000,000,000 | ---- | C] () -- C:WINDOWSnsreg.dat [2010/11/18 17:36:02 | 000,027,648 | ---- | C] () -- C:WINDOWSSystem32AVSredirect.dll [2010/05/06 19:43:34 | 000,001,324 | ---- | C] () -- C:WINDOWSSystem32d3d9caps.dat [2010/04/06 10:37:57 | 000,000,056 | -H-- | C] () -- C:WINDOWSSystem32ezsidmv.dat [2010/04/06 10:30:31 | 000,015,498 | ---- | C] () -- C:WINDOWSVX1000.ini [2010/01/27 21:54:34 | 002,283,526 | ---- | C] () -- C:WINDOWSSystem32nvdata.bin [2009/12/24 14:53:19 | 000,087,472 | ---- | C] () -- C:WINDOWSSystem32ijjiChannelingPlugin.dll [2009/10/24 18:51:55 | 000,682,280 | ---- | C] () -- C:WINDOWSSystem32pbsvc.exe [2009/09/27 18:14:41 | 000,062,036 | -H-- | C] () -- C:WINDOWSSystem32mlfcache.dat [2009/08/06 09:42:23 | 000,138,160 | ---- | C] () -- C:WINDOWSSystem32driversPnkBstrK.sys [2009/08/06 09:42:01 | 000,271,200 | ---- | C] () -- C:WINDOWSSystem32PnkBstrB.exe [2009/08/06 09:41:56 | 000,075,136 | ---- | C] () -- C:WINDOWSSystem32PnkBstrA.exe [2009/08/06 09:41:46 | 000,000,287 | ---- | C] () -- C:WINDOWSgame.ini [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:WINDOWSSystem32OGACheckControl.dll [2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:WINDOWSSystem32OGAEXEC.exe [2009/07/12 16:39:51 | 000,000,751 | ---- | C] () -- C:WINDOWSSpiderman.INI [2009/07/12 10:32:17 | 000,158,952 | ---- | C] () -- C:WINDOWSSystem32PubPlugin.dll [2009/06/29 17:33:43 | 000,000,000 | ---- | C] () -- C:Documents and SettingsAll UsersApplication DataLauncherAccess.dt [2009/06/29 17:27:54 | 000,005,632 | ---- | C] () -- C:WINDOWSSystem32driversStarOpen.sys [2009/06/01 19:43:54 | 000,019,558 | ---- | C] () -- C:WINDOWShpoins01.dat [2009/06/01 19:43:54 | 000,016,606 | ---- | C] () -- C:WINDOWShpomdl01.dat [2009/05/22 09:48:05 | 000,004,205 | ---- | C] () -- C:WINDOWSODBCINST.INI [2009/05/22 09:45:27 | 000,293,272 | ---- | C] () -- C:WINDOWSSystem32FNTCACHE.DAT [2009/05/22 09:13:54 | 000,000,127 | ---- | C] () -- C:Documents and SettingsmamaLocal SettingsApplication Datafusioncache.dat [2009/05/22 08:19:56 | 000,024,576 | R--- | C] () -- C:WINDOWSSystem32AsIO.dll [2009/05/22 08:19:56 | 000,012,400 | R--- | C] () -- C:WINDOWSSystem32driversAsIO.sys [2009/05/22 08:19:54 | 000,011,832 | ---- | C] () -- C:WINDOWSSystem32driversAsInsHelp64.sys [2009/05/22 08:19:54 | 000,010,216 | ---- | C] () -- C:WINDOWSSystem32driversAsInsHelp32.sys [2009/05/22 08:06:28 | 000,028,928 | ---- | C] () -- C:WINDOWSAscd_log.ini [2009/05/22 08:05:27 | 000,005,810 | R--- | C] () -- C:WINDOWSSystem32driversASACPI.sys [2009/05/22 08:05:12 | 000,028,545 | ---- | C] () -- C:WINDOWSAscd_tmp.ini [2009/05/22 08:05:12 | 000,010,296 | ---- | C] () -- C:WINDOWSSystem32driversASUSHWIO.SYS [2009/05/22 08:01:16 | 000,002,048 | --S- | C] () -- C:WINDOWSbootstat.dat [2009/05/22 07:57:44 | 000,021,748 | ---- | C] () -- C:WINDOWSSystem32emptyregdb.dat [2009/02/09 06:18:00 | 001,724,416 | ---- | C] () -- C:WINDOWSSystem32nvwdmcpl.dll [2009/02/09 06:18:00 | 001,657,376 | ---- | C] () -- C:WINDOWSSystem32nwiz.exe [2009/02/09 06:18:00 | 001,507,328 | ---- | C] () -- C:WINDOWSSystem32nview.dll [2009/02/09 06:18:00 | 001,346,080 | ---- | C] () -- C:WINDOWSSystem32nvdspsch.exe [2009/02/09 06:18:00 | 001,101,824 | ---- | C] () -- C:WINDOWSSystem32nvwimg.dll [2009/02/09 06:18:00 | 000,466,944 | ---- | C] () -- C:WINDOWSSystem32nvshell.dll [2009/02/09 06:18:00 | 000,449,056 | ---- | C] () -- C:WINDOWSSystem32nvappbar.exe [2009/02/09 06:18:00 | 000,436,768 | ---- | C] () -- C:WINDOWSSystem32keystone.exe [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:WINDOWSSystem32physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:WINDOWSSystem32AgCPanelFrench.dll [2008/04/15 21:18:40 | 002,084,371 | ---- | C] () -- C:WINDOWSSystem32x264vfw.dll [2007/11/06 21:19:28 | 000,053,299 | ---- | C] () -- C:WINDOWSSystem32pthreadVC.dll [2004/08/04 13:00:00 | 013,107,200 | ---- | C] () -- C:WINDOWSSystem32oembios.bin [2004/08/04 13:00:00 | 000,706,232 | ---- | C] () -- C:WINDOWSSystem32perfh013.dat [2004/08/04 13:00:00 | 000,673,088 | ---- | C] () -- C:WINDOWSSystem32mlang.dat [2004/08/04 13:00:00 | 000,607,070 | ---- | C] () -- C:WINDOWSSystem32perfh009.dat [2004/08/04 13:00:00 | 000,318,670 | ---- | C] () -- C:WINDOWSSystem32perfi013.dat [2004/08/04 13:00:00 | 000,272,128 | ---- | C] () -- C:WINDOWSSystem32perfi009.dat [2004/08/04 13:00:00 | 000,218,003 | ---- | C] () -- C:WINDOWSSystem32dssec.dat [2004/08/04 13:00:00 | 000,185,908 | ---- | C] () -- C:WINDOWSSystem32perfc013.dat [2004/08/04 13:00:00 | 000,143,122 | ---- | C] () -- C:WINDOWSSystem32perfc009.dat [2004/08/04 13:00:00 | 000,046,258 | ---- | C] () -- C:WINDOWSSystem32mib.bin [2004/08/04 13:00:00 | 000,039,178 | ---- | C] () -- C:WINDOWSSystem32perfd013.dat [2004/08/04 13:00:00 | 000,028,626 | ---- | C] () -- C:WINDOWSSystem32perfd009.dat [2004/08/04 13:00:00 | 000,004,569 | ---- | C] () -- C:WINDOWSSystem32secupd.dat [2004/08/04 13:00:00 | 000,004,463 | ---- | C] () -- C:WINDOWSSystem32oembios.dat [2004/08/04 13:00:00 | 000,001,804 | ---- | C] () -- C:WINDOWSSystem32dcache.bin [2004/08/04 13:00:00 | 000,000,741 | ---- | C] () -- C:WINDOWSSystem32noise.dat [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:WINDOWSSystem32giveio.sys ========== LOP Check ========== [2011/06/05 18:17:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data1C119 [2009/08/13 17:27:03 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataActivision [2011/06/05 18:17:43 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Databoost_interprocess [2011/08/10 19:26:46 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCanonBJ [2011/03/14 17:01:35 | 000,000,000 | -H-D | M] -- C:Documents and SettingsAll UsersApplication DataCommon Files [2011/07/10 20:57:25 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataEasybits GO [2009/09/22 08:35:45 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataF-Secure [2011/10/19 15:31:15 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataHEMA Fotoservice [2011/08/13 16:42:06 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataInterVideo [2011/11/03 06:59:36 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataLogMeIn [2011/11/03 07:06:22 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstop [2011/10/30 17:56:16 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataPCPitstopDat [2010/01/27 22:03:05 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataTEMP [2011/10/19 14:58:56 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Datatmp [2009/12/05 19:06:30 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataUbisoft [2011/08/10 18:15:10 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication DataUlead Systems [2010/07/08 13:43:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/09/27 18:32:40 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/06/10 13:06:41 | 000,000,000 | ---D | M] -- C:Documents and SettingsAll UsersApplication Data{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009/11/08 09:09:14 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataActivision [2011/04/12 21:32:42 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataBabylonToolbar [2011/06/05 21:35:52 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication Databsbandmltbpi [2009/06/01 18:56:09 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataGenie-Soft [2011/06/12 20:49:28 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataPriceGong [2011/08/10 21:45:48 | 000,000,000 | ---D | M] -- C:Documents and SettingsmamaApplication DataUlead Systems [2009/06/04 18:37:34 | 000,000,344 | ---- | M] () -- C:WINDOWSTasksFRU Task #Hewlett-Packard#hp psc 1200 series#1243881968.job [2011/11/03 07:04:41 | 000,000,424 | -H-- | M] () -- C:WINDOWSTasksMP Scheduled Scan.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%*.* > [2009/05/22 21:24:16 | 000,001,024 | ---- | M] () -- C:.rnd [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () -- C:AUTOEXEC.BAT [2009/09/21 19:36:07 | 000,000,211 | -HS- | M] () -- C:boot.ini [2004/08/04 13:00:00 | 000,004,952 | RHS- | M] () -- C:Bootfont.bin [2009/08/17 14:07:00 | 000,000,074 | ---- | M] () -- C:CMLoader.log [2009/05/22 07:59:54 | 000,000,000 | ---- | M] () -- C:CONFIG.SYS [2010/11/17 18:56:16 | 000,000,135 | ---- | M] () -- C:error.log [2011/08/09 12:38:56 | 000,000,524 | ---- | M] () -- C:hpfr3420.xml [2011/08/09 12:38:56 | 000,206,064 | ---- | M] () -- C:hpfr3425.log [2009/08/15 23:05:02 | 000,000,921 | -H-- | M] () -- C:hpothb07.dat [2009/08/15 23:05:02 | 000,002,225 | -H-- | M] () -- C:hpothb07.tif [2011/02/16 17:22:12 | 000,460,824 | ---- | M] () -- C:img2-001.raw [2009/05/22 07:59:54 | 000,000,000 | RHS- | M] () -- C:IO.SYS [2009/05/22 07:59:54 | 000,000,000 | RHS- | M] () -- C:MSDOS.SYS [2004/08/04 13:00:00 | 000,047,564 | RHS- | M] () -- C:NTDETECT.COM [2009/05/22 08:41:40 | 000,251,712 | RHS- | M] () -- C:ntldr [2011/11/03 06:59:24 | 2145,386,496 | -HS- | M] () -- C:pagefile.sys [2009/05/22 08:07:45 | 000,001,589 | ---- | M] () -- C:RHDSetup.log < %systemroot%Fonts*.com > [2006/04/18 14:39:28 | 000,026,040 | ---- | M] () -- C:WINDOWSFontsGlobalMonospace.CompositeFont [2006/06/29 13:53:56 | 000,026,489 | ---- | M] () -- C:WINDOWSFontsGlobalSansSerif.CompositeFont [2006/04/18 14:39:28 | 000,029,779 | ---- | M] () -- C:WINDOWSFontsGlobalSerif.CompositeFont [2006/06/29 13:58:52 | 000,030,808 | ---- | M] () -- C:WINDOWSFontsGlobalUserInterface.CompositeFont < %systemroot%Fonts*.dll > < %systemroot%Fonts*.ini > [2009/05/22 07:59:35 | 000,000,067 | -HS- | M] () -- C:WINDOWSFontsdesktop.ini < %systemroot%Fonts*.ini2 > < %systemroot%Fonts*.exe > < %systemroot%system32spoolprtprocsw32x86*.* > [2010/08/25 04:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:WINDOWSsystem32spoolprtprocsw32x86CNMPDA9.DLL [2010/08/25 04:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:WINDOWSsystem32spoolprtprocsw32x86CNMPPA9.DLL [2008/07/06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:WINDOWSsystem32spoolprtprocsw32x86filterpipelineprintproc.dll [2011/10/08 07:50:36 | 000,052,096 | ---- | M] (LogMeIn, Inc.) -- C:WINDOWSsystem32spoolprtprocsw32x86LMIproc.dll [2008/07/06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:WINDOWSsystem32spoolprtprocsw32x86printfilterpipelinesvc.exe < %systemroot%REPAIR*.bak1 > < %systemroot%REPAIR*.ini > < %systemroot%system32*.jpg > < %systemroot%*.jpg > < %systemroot%*.png > < %systemroot%*.scr > [2010/04/17 02:11:10 | 000,307,056 | ---- | M] (Microsoft Corporation) -- C:WINDOWSWLXPGSS.SCR [1 C:WINDOWS*.tmp files -> C:WINDOWS*.tmp -> ] < %systemroot%*._sy > < %APPDATA%AdobeUpdate*.* > < %ALLUSERSPROFILE%Favorites*.* > < %APPDATA%Microsoft*.* > < %PROGRAMFILES%*.* > < %APPDATA%Update*.* > < %systemroot%*. /mp /s > < %systemroot%System32config*.sav > [2009/05/22 09:44:41 | 000,094,208 | ---- | M] () -- C:WINDOWSSystem32configdefault.sav [2009/05/22 09:44:41 | 000,663,552 | ---- | M] () -- C:WINDOWSSystem32configsoftware.sav [2009/05/22 09:44:41 | 000,450,560 | ---- | M] () -- C:WINDOWSSystem32configsystem.sav < %PROGRAMFILES%bak. /s > < %systemroot%system32bak. /s > < %ALLUSERSPROFILE%Start Menu*.lîk /x > < %systemroot%system32configsystemprofile*.dat /x > < %systemroot%*.config > < %systemroot%system32*.db > < %PROGRAMFILES%Internet Explorer*.dat > < %APPDATA%MikzosoftInternet ExplorerQuick Launch*.lnk /x > < %USERPROFILE%Deskuop*.exe > < %PROGRAMFILES%Common Files*.* > < %systemroot%*.src > [2007/04/10 22:46:53 | 000,013,023 | ---- | M] () -- C:WINDOWSVX1000.src [1 C:WINDOWS*.tmp files -> C:WINDOWS*.tmp -> ] < %systemroot%install*.* > < %systemroot%system32DLL*.* > < %systemroot%system32HelpFiles*.* > < %systemroot%system32rundll*.* > < %systemroot%winn32*.* > < %systemroot%Java*.* > < %systemroot%system32test*.* > < %systemroot%system32Rundll32*.* > < HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateAU > < HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall|LastSuccessTime /rs > HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstallLastSuccessTime: 2011-10-14 06:01:59 < MD5 for: EXPLORER.EXE > [2004/08/04 13:00:00 | 001,035,776 | ---- | M] (Microsoft Corporation) MD5=A1D7304A87FC3093150F5E3CC7B0F338 -- C:WINDOWS$NtServicePackUninstall$explorer.exe [2008/04/14 18:02:58 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=AA04F042A820BF1868E643575887E1A6 -- C:WINDOWSexplorer.exe [2008/04/14 18:02:58 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=AA04F042A820BF1868E643575887E1A6 -- C:WINDOWSServicePackFilesi386explorer.exe < MD5 for: EXPLORER.EXE-082F38A9.PF > [2011/11/03 07:06:16 | 000,133,228 | ---- | M] () MD5=EF2588AEAF4EB23E279B74BF9CFAF701 -- C:WINDOWSPrefetchEXPLORER.EXE-082F38A9.pf < MD5 for: EXPLORER.SCF > [2004/08/04 13:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:WINDOWSexplorer.scf < MD5 for: IEXPLORE.CHM > [2009/02/26 02:51:16 | 000,579,272 | ---- | M] () MD5=63E0C6D9070736AAAD95791A8C028E86 -- C:WINDOWSHelpiexplore.chm [2004/08/04 13:00:00 | 000,226,342 | ---- | M] () MD5=8CBC2453EBF6EE5AC54027A9F8CB0D42 -- C:WINDOWSie8iexplore.chm < MD5 for: IEXPLORE.EXE > [2008/04/14 18:03:01 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=164B6F619C579FAD4E548ACC654FF710 -- C:WINDOWSie8iexplore.exe [2008/04/14 18:03:01 | 000,093,184 | ---- | M] (Microsoft Corporation
  13. Hi JonTom, The computer belongs to a friend of mine. I think her kids installed tahat p2p and torrent software. I uninstalled it. I will pass your remarqs about p2p over to them. I did not find the file you mentioned above to be analyzed by virustotal. On that location I did find a file with the same extension: MpKslbcf0fce7.sys. So I uploaded that. Herre is the link: http://www.virustota...5c6e-1320225890 And I wish to get rid or the remnants of Babylon The pc is behaving quite well. No popups or errors showing up now. thanks, gagaman
  14. Hello Jontom, Thanks for taking a look at this. The requested logs: DDS-log . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: Run by mama at 9:51:24 on 2011-11-01 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3327.2599 [GMT 1:00] . AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes =============== . C:Program FilesEmsisoft Anti-Malwarea2service.exe C:WINDOWSsystem32svchost -k DcomLaunch svchost.exe C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe C:WINDOWSSystem32svchost.exe -k netsvcs C:WINDOWSsystem32svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:WINDOWSsystem32spoolsv.exe svchost.exe C:Program FilesSUPERAntiSpywareSASCORE.EXE C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe C:Program FilesBonjourmDNSResponder.exe C:Program FilesLogMeInx86LMIGuardianSvc.exe C:Program FilesLogMeInx86RaMaint.exe C:Program FilesLogMeInx86LogMeIn.exe C:Program FilesMicrosoft LifeCamMSCamS32.exe C:WINDOWSsystem32PnkBstrA.exe C:Program FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe C:WINDOWSsystem32svchost.exe -k imgsvc C:WINDOWSsystem32wuauclt.exe C:WINDOWSExplorer.EXE C:Program FilesASUSEPU-4 EngineFourEngine.exe C:Program FilesLogMeInx86LogMeInSystray.exe C:WINDOWSRTHDCPL.EXE C:WINDOWSvVX1000.exe C:Program FilesMicrosoft Security Clientmsseces.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesiTunesiTunesHelper.exe C:Program FilesPowerISOPWRISOVM.EXE C:Program FilesCommon FilesInterVideoSchSvrSchSvr.exe C:Program FilesD-LinkDWA-125 revAAirGCFG.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesD-LinkDWA-125 revAWZCSLDR2.exe C:Program FilesPCPitstopInfo CenterInfoCenter.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesSkypePhoneSkype.exe C:Program FilesInterVideoCommonBinWinCinemaMgr.exe C:Program FilesSpywareGuardsgmain.exe C:Program FilesSpywareGuardsgbhp.exe C:Program FilesiPodbiniPodService.exe C:WINDOWSsystem32wscntfy.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.be/ uRun: [CTFMON.EXE] c:windowssystem32ctfmon.exe uRun: [skype] "c:program filesskypephoneSkype.exe" /nosplash /minimized uRunOnce: [shockwave Updater] c:windowssystem32adobeshockwave 11SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.dadsproject.com/Klokkijken/klokkijken.php" mRun: [six Engine] "c:program filesasusepu-4 engineFourEngine.exe" -r mRun: [LogMeIn GUI] "c:program fileslogmeinx86LogMeInSystray.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [LifeCam] "c:program filesmicrosoft lifecamLifeExp.exe" mRun: [VX1000] c:windowsvVX1000.exe mRun: [MSC] "c:program filesmicrosoft security clientmsseces.exe" -hide -runkey mRun: [AppleSyncNotifier] c:program filescommon filesapplemobile device supportAppleSyncNotifier.exe mRun: [iTunesHelper] "c:program filesitunesiTunesHelper.exe" mRun: [PWRISOVM.EXE] c:program filespowerisoPWRISOVM.EXE -startup mRun: [uVS10 Preload] c:program filesulead systemsulead videostudio se dvduvPL.exe mRun: [WinDVR SchSvr] "c:program filescommon filesintervideoschsvrSchSvr.exe" mRun: [D-Link D-Link DWA-125] c:program filesd-linkdwa-125 revaAirGCFG.exe mRun: [WZCSLDR2] c:program filesd-linkdwa-125 revaWZCSLDR2.exe mRun: [info Center] c:program filespcpitstopinfo centerInfoCenter.exe dRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXE dRun: [DWQueuedReporting] "c:progra~1common~1micros~1dwdwtrig20.exe" -t StartupFolder: c:docume~1mamamenust~1progra~1opstar~1spywar~1.lnk - c:program filesspywareguardsgmain.exe StartupFolder: c:docume~1alluse~1menust~1progra~1opstar~1interv~1.lnk - c:program filesintervideocommonbinWinCinemaMgr.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~2office12REFIEBAR.DLL DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} - hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243013861984 DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 195.130.130.4 195.130.131.4 TCP: Interfaces{4F52C767-993D-4BB5-AE28-5E54599325CC} : DhcpNameServer = 195.130.131.132 195.130.130.4 TCP: Interfaces{57CC1820-8280-407F-8BB2-EB8E5714DF5F} : DhcpNameServer = 195.130.130.4 195.130.131.4 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Notify: !SASWinLogon - c:program filessuperantispywareSASWINLO.DLL Notify: LMIinit - LMIinit.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32WPDShServiceObj.dll SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:program filesspywareguardspywareguard.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:program filessuperantispywareSASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:documents and settingsmamaapplication datamozillafirefoxprofileshefq8rku.default FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17243 FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=adbartrp&AF=17243&q= FF - plugin: c:program filesgooglegoogle earthpluginnpgeplugin.dll FF - plugin: c:program filesgoogleupdate1.3.21.79npGoogleUpdate3.dll FF - plugin: c:program filesmicrosoft silverlight4.0.60831.0npctrlui.dll FF - plugin: c:program filesmicrosoftoffice livenpOLW.dll FF - plugin: c:program fileswindows livephoto galleryNPWLPG.dll . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:windowssystem32driversMpFilter.sys [2010-10-24 165648] R1 MpKsl9b6688ef;MpKsl9b6688ef;c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{fa7d8d51-0dc0-469c-aafb-2f442ee7cda1}MpKsl9b6688ef.sys [2011-11-1 28752] R1 SASDIFSV;SASDIFSV;c:program filessuperantispywareSASDIFSV.SYS [2009-5-14 12880] R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2009-5-14 67664] R2 !SASCORE;SAS Core Service;c:program filessuperantispywareSASCORE.EXE [2011-6-12 116608] R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:program filesemsisoft anti-malwarea2service.exe [2011-6-13 3045688] R2 ANPD;ANPD Service;c:windowssystem32ANPD.SYS [2011-10-30 29411] R2 fssfltr;FssFltr;c:windowssystem32driversfssfltr_tdi.sys [2009-10-11 54752] R2 LMIGuardianSvc;LMIGuardianSvc;c:program fileslogmeinx86LMIGuardianSvc.exe [2010-10-5 374152] R2 LMIInfo;LogMeIn Kernel Information Provider;c:program fileslogmeinx86rainfo.sys [2008-7-24 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:windowssystem32driversLMIRfsDriver.sys [2009-5-22 47640] R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:windowssystem32driversDrt2870.sys [2011-10-30 779136] S1 MpKsl2a03b60a;MpKsl2a03b60a;??c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{7262ea36-dceb-49b7-87ab-3885ae2c843c}mpksl2a03b60a.sys --> c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{7262ea36-dceb-49b7-87ab-3885ae2c843c}MpKsl2a03b60a.sys [?] S1 MpKslb124d8ed;MpKslb124d8ed;??c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{56bff251-6282-460b-b669-266224a92bb0}mpkslb124d8ed.sys --> c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{56bff251-6282-460b-b669-266224a92bb0}MpKslb124d8ed.sys [?] S1 MpKsld0e9bdc2;MpKsld0e9bdc2;??c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{70379d85-e50b-44ff-86e2-cfc904337769}mpksld0e9bdc2.sys --> c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{70379d85-e50b-44ff-86e2-cfc904337769}MpKsld0e9bdc2.sys [?] S3 a2acc;a2acc;c:program filesemsisoft anti-malwarea2accx86.sys [2011-6-13 73728] S3 Ambfilt;Ambfilt;c:windowssystem32driversAmbfilt.sys [2009-5-22 1691480] S3 D_Link_DWA-125;D_Link_DWA-125 Service;c:program filesd-linkdwa-125 revaANIWZCSdS.exe [2011-10-30 126976] S3 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:program filesd-linkdwa-125 revaANIWConnService.exe [2011-10-30 40960] S3 fsssvc;De service Windows Live Family Safety;c:program fileswindows livefamily safetyfsssvc.exe [2010-4-28 704872] S3 gupdate;Google Updateservice (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2009-11-22 135664] S3 gupdatem;Google Update-service (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2009-11-22 135664] S3 NPF;NetGroup Packet Filter Driver;c:windowssystem32driversnpf.sys [2007-11-6 34064] S3 npggsvc;nProtect GameGuard Service;c:windowssystem32gamemon.des -service --> c:windowssystem32GameMon.des -service [?] S3 PCPitstop Scheduling;PCPitstop Scheduling;c:program filespcpitstopPCPitstopScheduleService.exe [2011-10-30 91816] S3 SASENUM;SASENUM;c:program filessuperantispywareSASENUM.SYS [2009-5-14 12872] S3 SMIGrabber3C;SMI Grabber Device Tuner Filter 3C;c:windowssystem32driversSmiUsbGrabber3C.sys [2011-8-10 805632] S4 LMIRfsClientNP;LMIRfsClientNP; [x] . =============== Created Last 30 ================ . 2011-11-01 08:44:42 28752 ----a-w- c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{fa7d8d51-0dc0-469c-aafb-2f442ee7cda1}MpKsl9b6688ef.sys 2011-11-01 08:44:39 56200 ----a-w- c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{fa7d8d51-0dc0-469c-aafb-2f442ee7cda1}offreg.dll 2011-10-30 20:44:37 388096 ----a-r- c:documents and settingsmamaapplication datamicrosoftinstaller{45a66726-69bc-466b-a7a4-12fcba4883d7}HiJackThis.exe 2011-10-30 20:44:36 -------- d-----w- c:program filesTrend Micro 2011-10-30 17:26:21 -------- d--h--r- c:documents and settingsmamaOnlangs geopend 2011-10-30 16:56:16 -------- d-----w- c:documents and settingsall usersapplication dataPCPitstopDat 2011-10-30 16:41:29 6668624 ----a-w- c:documents and settingsall usersapplication datamicrosoftmicrosoft antimalwaredefinition updates{fa7d8d51-0dc0-469c-aafb-2f442ee7cda1}mpengine.dll 2011-10-30 06:16:16 48640 ----a-w- c:windowssystem32ANPD64.SYS 2011-10-30 06:16:16 34008 ----a-w- c:windowssystem32ANPD.VXD 2011-10-30 06:16:16 315392 ----a-w- c:windowssystem32ANPDApi.dll 2011-10-30 06:16:16 29411 ----a-w- c:windowssystem32ANPD.SYS 2011-10-30 06:15:34 779136 ----a-w- c:windowssystem32driversDrt2870.sys 2011-10-30 06:15:33 221184 ----a-w- c:windowssystem32RaCoInst.dll 2011-10-30 06:15:32 -------- d-----w- c:program filesD-Link 2011-10-19 14:31:15 -------- d-----w- c:documents and settingsall usersapplication dataHEMA Fotoservice 2011-10-19 14:31:13 -------- d-----w- c:program filesHEMA Fotoservice 2011-10-13 17:56:57 -------- d-----w- c:documents and settingsall usersapplication datatmp 2011-10-13 17:56:56 -------- d-----w- c:documents and settingsall usersapplication datahps 2011-10-13 17:55:38 -------- d-----w- c:program filesbol.com . ==================== Find3M ==================== . 2011-10-30 17:56:26 414368 ----a-w- c:windowssystem32FlashPlayerCPLApp.cpl 2011-10-08 06:50:36 83360 ----a-w- c:windowssystem32LMIRfsClientNP.dll 2011-10-08 06:50:36 52096 ----a-w- c:windowssystem32spoolprtprocsw32x86LMIproc.dll 2011-10-08 06:50:35 87424 ----a-w- c:windowssystem32LMIinit.dll 2011-10-08 06:50:35 30592 ----a-w- c:windowssystem32LMIport.dll 2011-09-26 09:41:44 614912 ----a-w- c:windowssystem32uiautomationcore.dll 2011-09-26 09:41:44 23040 ----a-w- c:windowssystem32oleaccrc.dll 2011-09-26 09:41:20 220160 ----a-w- c:windowssystem32oleacc.dll 2011-09-09 09:12:05 602624 ----a-w- c:windowssystem32crypt32.dll 2011-09-06 14:09:57 1859072 ----a-w- c:windowssystem32win32k.sys 2011-08-22 23:41:22 916480 ----a-w- c:windowssystem32wininet.dll 2011-08-22 23:41:20 43520 ----a-w- c:windowssystem32licmgr10.dll 2011-08-22 23:41:20 1469440 ----a-w- c:windowssystem32inetcpl.cpl 2011-08-22 11:58:28 385024 ----a-w- c:windowssystem32html.iec 2011-08-17 13:49:54 138496 ----a-w- c:windowssystem32driversafd.sys 2011-08-13 12:00:22 61244 ----a-w- c:windowssystem32x264vfw-uninstall.exe . ============= FINISH: 9:51:34,26 =============== Attach-log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: DeviceHarddiskVolume1 Install Date: 22/05/2009 9:01:14 System Uptime: 1/11/2011 9:44:14 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5QL PRO Processor: Intel Pentium III Xeon-processor | LGA775 | 2997/333mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 146 GiB total, 31,241 GiB free. D: is FIXED (NTFS) - 152 GiB total, 128,687 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP867: 30/10/2011 21:44:35 - Installed HiJackThis . ==== Installed Programs ====================== . Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1 - Nederlands Adobe Shockwave Player 11.5 AMCap Any Video Converter 3.1.1 Apple Application Support Apple Mobile Device Support Apple Software Update Applian Director Assassin's Creed ASUS nVidia Driver Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver µTorrent AviSynth 2.5 Beveiligingsupdate voor Microsoft Windows (KB2564958) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Media Encoder (KB2447961) Beveiligingsupdate voor Windows XP (KB2536276-v2) Beveiligingsupdate voor Windows XP (KB2562937) Beveiligingsupdate voor Windows XP (KB2566454) Beveiligingsupdate voor Windows XP (KB2567053) Beveiligingsupdate voor Windows XP (KB2567680) Beveiligingsupdate voor Windows XP (KB2570222) Beveiligingsupdate voor Windows XP (KB2570947) Beveiligingsupdate voor Windows XP (KB2592799) Beveiligingsupdate voor Windows XP (KB923789) bol.com fotoservice Bonjour Call of Duty® - World at War Call of Duty® - World at War 1.2 Patch Call of Duty® - World at War 1.3 Patch Call of Duty® - World at War 1.4 Patch Call of Duty® 2 Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.7 Patch Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Canon MP495 series MP Drivers CCleaner Click to Call with Skype Conduit Engine D-Link DWA-125 DScaler 4.1.15 Emsisoft Anti-Malware 5.1 EPU-4 Engine Fraps Free Audio Dub version 1.7.7 Free Studio version 5.0.8 Free Video Dub version 1.8 Free Video to MP3 Converter version 4.1 Free YouTube Download 2.10 GoGear ARIA Device Manager Google Chrome Google Earth Google Update Helper HEMA Fotoservice HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix voor Windows XP (KB2570791) HP-software voor foto- en beeldbewerking 2.0 - All-in-One HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma HP-software voor foto- en beeldbewerking 2.0 - HP psc 1200 hp psc 1200 series Huffyuv AVI lossless video codec (Remove Only) ijji - Gunz ijji REACTOR Info Center 1.0.0.7 InterVideo WinDVR 3 iTunes Java 6 Update 16 Junk Mail filter update Lame ACM MP3 Codec LimeWire 5.1.3 LogMeIn Media Converter for Philips Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Dutch Language Pack Microsoft .NET Framework 1.1 Security Update (KB2572067) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NLD Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft ActiveSync Microsoft Antimalware Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft LifeCam Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel Viewer Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Search Enhancement Pack Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft Software Update for Web Folders (Dutch) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MobileMe Control Panel Mozilla Firefox 4.0.1 (x86 nl) MSVCRT MSVCRT Redists MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA Drivers NVIDIA PhysX OGA Notifier 2.0.0048.0 Paint.NET v3.5.8 PC Matic 1.1.0.44 PhotoScape PowerISO PSP Video 9 6 PunkBuster Services QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime Realtek High Definition Audio Driver RealUpgrade 1.1 Revo Uninstaller 1.92 Safari SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio 3 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Segoe UI Skype™ 5.5 SMI Grabber Device Soldier Front Spybot - Search & Destroy SpywareBlaster 4.2 SpywareGuard v2.2 Steam Sudoku Beginner SUPERAntiSpyware Free Edition System Requirements Lab Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Ulead VideoStudio SE DVD Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Outlook 2007 Junk Email Filter (KB2596560) Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Update voor Windows XP (KB2607712) Update voor Windows XP (KB2616676) Videora iPod touch Converter 6 WebFldrs XP Windows-stuurprogrammapakket - Atheros (L1e) Net (03/31/2009 1.0.0.36) Windows-stuurprogrammapakket - NVIDIA (nv) Display (01/11/2010 6.14.11.9621) Windows-stuurprogrammapakket - Realtek Semiconductor Corp. HD Audio Driver (12/25/2009 5.10.0.6013) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Toolbar Windows Live Writer Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinPcap 4.0.2 WinRAR Wolfenstein - Enemy Territory x264vfw - H.264/MPEG-4 AVC codec (remove only) Xfire (remove only) YouSendIt Express YouTube Downloader 2.5.3 YouTube Downloader App 3.00 . ==== End Of File =========================== Gmer-log GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2011-11-01 11:41:29 Windows 5.1.2600 Service Pack 3 Harddisk0DR0 -> DeviceIdeIdeDeviceP2T0L0-7 SAMSUNG_HD322HJ rev.1AG01113 Running: gmer.exe; Driver: C:DOCUME~1mamaLOCALS~1Temppxlcypog.sys ---- Kernel code sections - GMER 1.0.15 ---- .text C:WINDOWSsystem32DRIVERSnv4_mini.sys section is writeable [0xB73C5380, 0x550AF5, 0xE8000020] ? C:DOCUME~1mamaLOCALS~1Tempmbr.sys Het systeem kan het opgegeven bestand niet vinden. ! ---- User code sections - GMER 1.0.15 ---- .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 415854D5 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 4165DB44 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 41755397 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 417552C9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 41755334 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 4175519A C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 417551FC C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 417553FA C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3276] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 4175525E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 415854D5 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 41659AD1 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 4164D10D C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 4165DB44 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 415C464E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 41755397 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 417552C9 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 41755334 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 4175519A C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 417551FC C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 417553FA C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 4175525E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] ole32.dll!CoCreateInstance 774BF1AC 5 Bytes JMP 4165DBA0 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:Program FilesInternet Exploreriexplore.exe[3488] ole32.dll!OleLoadFromStream 774E981B 5 Bytes JMP 417556FF C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice DriverTcpip DeviceTcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation) AttachedDevice FileSystemFastfat Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Files - GMER 1.0.15 ---- File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1} 0 bytes File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}mpasbase.vdm 13884592 bytes executable File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}mpasdlta.vdm 868872 bytes executable File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}mpavbase.vdm 47947952 bytes executable File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}mpavdlta.vdm 1460232 bytes executable File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}mpengine.dll 6668624 bytes File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}MpKsl9b6688ef.sys 28752 bytes executable <-- ROOTKIT !!! File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}offreg.dll 56200 bytes executable File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareScansmpcache-1F943C22AE6A0669A873060208DD33F2AD2A738C.bin.67 84844544 bytes File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareScansmpcache-1F943C22AE6A0669A873060208DD33F2AD2A738C.bin.80 8318976 bytes File C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareScansmpcache-1F943C22AE6A0669A873060208DD33F2AD2A738C.bin.87 1052672 bytes ---- Services - GMER 1.0.15 ---- Service C:Documents and SettingsAll UsersApplication DataMicrosoftMicrosoft AntimalwareDefinition Updates{FA7D8D51-0DC0-469C-AAFB-2F442EE7CDA1}MpKsl9b6688ef.sys [sYSTEM] MpKsl9b6688ef <-- ROOTKIT !!! ---- EOF - GMER 1.0.15 ----
  15. Hello HJT crew, The browsers (IE, FF) on this pc had a lot of toolbars (babylon, qword, and some others). Also the startpage could not be changed. I managed to get rid of them using ccleaner, emisoft antimalware,superantispyware and pcmatic. Maybe there are still leftovers, or other malware on this computer. Please take a look at the log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:45:28, on 30/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\vVX1000.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe C:\Program Files\PCPitstop\Info Center\InfoCenter.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [uVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe O4 - HKLM\..\Run: [WinDVR SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [D-Link D-Link DWA-125] C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe O4 - HKLM\..\Run: [info Center] C:\Program Files\PCPitstop\Info Center\InfoCenter.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.dadsproject.com/Klokkijken/klokkijken.php" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} (VersionControl Class) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1243013861984 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O20 - AppInit_DLLs: O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Emsisoft Anti-Malware 5.1 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: D_Link_DWA-125 Service (D_Link_DWA-125) - Wireless Service - C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe O23 - Service: D_Link_DWA-125_WPS Service (D_Link_DWA-125_WPS) - Unknown owner - C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PCPitstop Scheduling - PC Pitstop LLC - C:\Program Files\PCPitstop\PCPitstopScheduleService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 9528 bytes
×
×
  • Create New...