Solved AVG keeps finding Trojan horse Crypt.AQLW infections and Win32/Sireref.ER Malware

arnoldkooiker · Mar 4, 2012

Hello,

Over almost two weeks now AVG keeps finding infections, which can be quarantained but keeps coming back with different (.dll) file names. For what it's worth, I've found similar threats in this forum which also fits this description.

Anyway,since AVG can't seem to solve the problem I hope I can get some help here. Below the logs of the preliminary steps (subsequently mbam, gmer and both dds logs). By the way, since I live in the Netherlands, some logs contain dutch terms. I don't know if that's a problem?

================================================

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Databaseversie: v2012.03.04.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
user :: PC [administrator]

4-3-2012 14:27:24
mbam-log-2012-03-04 (14-27-24).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 239913
Verstreken tijd: 16 minuut/minuten, 24 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

================================================

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-03-04 14:50:16
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HD502IJ rev.1AA01112
Running: GMER-gntotgos.exe; Driver: C:\DOCUME~1\user\LOCALS~1\Temp\pxtdapob.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- Processes - GMER 1.0.15 ----

Process C:\WINDOWS\system32\ping.exe (*** hidden *** ) 2240

---- EOF - GMER 1.0.15 ----

================================================
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30
Run by user at 15:01:14 on 2012-03-04
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1919.1013 [GMT 1:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cerberus\Cerberus.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\RapidBIT\cidaemon.exe
C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hotmail.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Lexmark 3100 Series] "c:\program files\lexmark 3100 series\lxbrbmgr.exe"
mRun: [LXBRKsk] c:\progra~1\lexmar~1\LXBRKsk.exe
mRun: [WinampAgent] "c:\program files\winamp\Winampa.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [PinnacleDriverCheck] c:\windows\system32\PSDrvCheck.exe -CheckReg
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\sagemw~1.lnk - c:\program files\sagem wifi manager\WLANUTL.exe
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
LSP: mswsock.dll
Trusted Zone: enschede.nl\ienoportal
Trusted Zone: enschede.nl\portal
Trusted Zone: enschede.nl\webmail
Trusted Zone: localhost
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/43.10/uploader2.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1112288959018
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
TCP: Interfaces\{52503A0F-5C0B-42B1-B77D-EFE140159F74} : NameServer = 192.168.1.1
TCP: Interfaces\{A80290E0-1513-4894-83AE-BAB9896987DB} : NameServer = 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\windows\system32\rserver30\r3god.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {D58F39FF-953E-4F45-898F-59F243B9A523} - RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\3jf689pd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl
FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\3jf689pd.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg2012\Firefox
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-1-24 64288]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]
R1 raddrvv3;raddrvv3;c:\windows\system32\rserver30\raddrvv3.sys [2007-2-2 41176]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 Cerberus FTP Server;Cerberus FTP Server;c:\program files\cerberus\cerberus.exe -service --> c:\program files\cerberus\Cerberus.exe -Service [?]
R2 RServer3;Radmin Server V3;c:\windows\system32\rserver30\rserver3.exe [2007-2-2 1235032]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 Cap713x;Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2004-10-8 751104]
R3 mirrorv3;mirrorv3;c:\windows\system32\drivers\rminiv3.sys [2006-11-1 3328]
S2 AMService;AMService;c:\windows\temp\npsiif\setup.exe run --> c:\windows\temp\npsiif\setup.exe run [?]
S2 avg7core;Phnxvcdservice;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 avg7rsw;SGHIDI;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 avg7updsvc;Svcwmu;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 awhost32;Wpshelper;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 ca-messagequeuing;Icdsptsv;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 ccpwdsvc;Spbbcsvc;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 FlexService;Remote Connections Service;c:\program files\rapidbit\cisvc.exe [2009-5-17 41984]
S2 gupdate;Google Updateservice (gupdate);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
S2 LMIRfsDriver;Konfig;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 mcafeeantispyware;UCTblHid;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 mcsysmon;Ati2mpaa;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 mcupdmgr.exe;Atitunep;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 mfebopk;Nidomainservice;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 mksupdateint;Motoswitchservice;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 mpfirewl;Adiusbaw;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 naveng;RMSvc;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 ndasbus;Firesvc;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 ofcpfwsvc;Oraclesnmppeerencapsulator;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 Slpsvdr;Lxce_device;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 snoopfree;NETGEAR_MA111;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 starwindserviceae;W200mgmt;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 symantecantibotwatcher;Wampapache;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S2 webrootspysweeperservice;Sscdmdfl;c:\windows\system32\svchost.exe -k netsvcs [2005-3-31 14336]
S3 AllShare;SAMSUNG AllShare Service;c:\program files\samsung pc share manager\WiselinkPro.exe [2010-7-16 6638080]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 gupdatem;Google Update-service (gupdatem);"c:\program files\google\update\googleupdate.exe" /medsvc --> c:\program files\google\update\GoogleUpdate.exe [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-12-2 1181328]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2012-1-14 50704]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [2011-4-6 402432]
S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\c:\windows\system32\zdcndis5.sys --> c:\windows\system32\ZDCndis5.SYS [?]
.
=============== Created Last 30 ================
.
2012-03-01 21:26:03 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-01 21:26:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-29 21:24:13 -------- d-----w- c:\program files\ESET
2012-02-20 22:22:55 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2012-02-20 22:19:23 -------- dc-h--w- c:\windows\ie8
2012-02-14 18:50:25 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-14 18:50:25 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-05 14:19:22 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-02-04 14:35:41 -------- d-----w- c:\program files\CCleaner
2012-02-04 14:13:08 -------- d-----w- c:\documents and settings\user\local settings\application data\Google
2012-02-04 14:12:58 -------- d-----w- c:\documents and settings\user\local settings\application data\Deployment
.
==================== Find3M ====================
.
2012-02-05 12:45:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-22 19:36:24 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys
2012-01-22 10:53:37 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2012-01-14 11:54:23 50704 ----a-w- c:\windows\system32\drivers\npf.sys
2012-01-14 11:54:23 281104 ----a-w- c:\windows\system32\wpcap.dll
2012-01-14 11:54:23 100880 ----a-w- c:\windows\system32\Packet.dll
2012-01-12 17:20:33 1860096 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:42:06 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42:06 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23:17 385024 ------w- c:\windows\system32\html.iec
.
============= FINISH: 15:01:28,70 ===============

================================================

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 13-8-2008 11:12:40
System Uptime: 4-3-2012 14:16:54 (1 hours ago)
.
Motherboard: FOXCONN | | A6VMX
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | Socket 940 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 134,137 GiB free.
D: is FIXED (NTFS) - 225 GiB total, 30,905 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: SAGEM Wi-Fi 11g USB adapter
Device ID: USB\VID_079B&PID_0062\5&1C9BD01C&0&4
Manufacturer: Sagem, SA
Name: SAGEM Wi-Fi 11g USB adapter #2
PNP Device ID: USB\VID_079B&PID_0062\5&1C9BD01C&0&4
Service: SG762_XP
.
==== System Restore Points ===================
.
RP224: 5-12-2011 22:36:15 - Controlepunt van systeem
RP225: 6-12-2011 22:41:54 - Controlepunt van systeem
RP226: 7-12-2011 22:56:40 - Controlepunt van systeem
RP227: 10-12-2011 13:14:33 - Controlepunt van systeem
RP228: 11-12-2011 14:02:57 - Controlepunt van systeem
RP229: 12-12-2011 22:06:44 - Controlepunt van systeem
RP230: 13-12-2011 22:18:24 - Controlepunt van systeem
RP231: 13-12-2011 22:55:00 - Software Distribution Service 3.0
RP232: 15-12-2011 17:53:18 - Controlepunt van systeem
RP233: 17-12-2011 14:22:59 - Controlepunt van systeem
RP234: 19-12-2011 22:21:08 - Controlepunt van systeem
RP235: 21-12-2011 10:21:03 - Controlepunt van systeem
RP236: 22-12-2011 22:51:16 - Controlepunt van systeem
RP237: 23-12-2011 23:45:17 - Controlepunt van systeem
RP238: 28-12-2011 10:48:39 - Controlepunt van systeem
RP239: 2-1-2012 13:40:20 - Controlepunt van systeem
RP240: 3-1-2012 13:53:22 - Controlepunt van systeem
RP241: 4-1-2012 14:53:13 - Controlepunt van systeem
RP242: 5-1-2012 16:41:29 - Controlepunt van systeem
RP243: 6-1-2012 17:11:32 - Controlepunt van systeem
RP244: 8-1-2012 13:36:24 - Controlepunt van systeem
RP245: 9-1-2012 20:16:36 - Controlepunt van systeem
RP246: 9-1-2012 21:29:30 - Herstelbewerking
RP247: 9-1-2012 23:18:29 - Software Distribution Service 3.0
RP248: 11-1-2012 10:19:01 - Controlepunt van systeem
RP249: 11-1-2012 10:42:16 - Software Distribution Service 3.0
RP250: 11-1-2012 23:13:06 - Software Distribution Service 3.0
RP251: 14-1-2012 14:35:53 - Herstelbewerking
RP252: 14-1-2012 14:53:29 - na uninstall Alcohol 120% (a347bus.sys BSOD)
RP253: 14-1-2012 17:42:37 - Geïnstalleerd AVG 2012
RP254: 14-1-2012 17:42:57 - Geïnstalleerd AVG 2012
RP255: 14-1-2012 23:24:15 - Software Distribution Service 3.0
RP256: 16-1-2012 11:40:06 - Controlepunt van systeem
RP257: 17-1-2012 14:41:13 - Controlepunt van systeem
RP258: 18-1-2012 16:41:29 - Controlepunt van systeem
RP259: 19-1-2012 18:13:59 - Controlepunt van systeem
RP260: 21-1-2012 0:00:28 - Controlepunt van systeem
RP261: 22-1-2012 11:59:22 - clean, geen threats meer door AVG/TDSSkiller
RP262: 23-1-2012 12:24:34 - Controlepunt van systeem
RP263: 24-1-2012 22:17:52 - Controlepunt van systeem
RP264: 25-1-2012 13:34:21 - Removed SDP Downloader
RP265: 1-2-2012 8:15:33 - Controlepunt van systeem
RP266: 2-2-2012 20:36:57 - Herstelbewerking
RP267: 2-2-2012 20:44:46 - Herstelbewerking
RP268: 3-2-2012 20:03:27 - Herstelbewerking
RP269: 4-2-2012 12:31:51 - Herstelbewerking
RP270: 4-2-2012 14:31:15 - Installed Java(TM) 6 Update 30
RP271: 4-2-2012 14:35:33 - Removed Java(TM) 6 Update 7
RP272: 5-2-2012 16:39:41 - Controlepunt van systeem
RP273: 8-2-2012 15:18:04 - Controlepunt van systeem
RP274: 13-2-2012 15:38:16 - Controlepunt van systeem
RP275: 14-2-2012 23:14:02 - Software Distribution Service 3.0
RP276: 16-2-2012 21:58:45 - Controlepunt van systeem
RP277: 20-2-2012 22:09:51 - Controlepunt van systeem
RP278: 20-2-2012 23:15:00 - Software Distribution Service 3.0
RP279: 21-2-2012 23:26:19 - Software Distribution Service 3.0
RP280: 24-2-2012 22:48:32 - Controlepunt van systeem
RP281: 26-2-2012 12:17:42 - Controlepunt van systeem
RP282: 27-2-2012 22:57:37 - Controlepunt van systeem
RP283: 29-2-2012 13:22:46 - Controlepunt van systeem
RP284: 1-3-2012 22:16:49 - Herstelbewerking
RP285: 4-3-2012 14:01:46 - Herstelbewerking
RP286: 4-3-2012 14:14:21 - Herstelbewerking
RP287: 4-3-2012 14:17:40 - Herstelbewerking
.
==== Installed Programs ======================
.
.sol Editor 1.1.0.1
360Share Pro(remove only)
3DMark06
7-Zip 9.20
Aangifte inkomstenbelasting 2007
Aangifte inkomstenbelasting 2008
Aangifte inkomstenbelasting 2009
Aangifte inkomstenbelasting 2010
ABBYY FineReader 5.0 Sprint
ABC (remove only)
AC-3 ACM Codec
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0
Alky for Applications (Windows XP)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AutoUpdate
AVG 2012
Beveiligingsupdate for Windows Media Player 10 (KB936782)
Beveiligingsupdate for Windows XP (KB923689)
Beveiligingsupdate for Windows XP (KB941569)
Beveiligingsupdate voor Microsoft Windows (KB2564958)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2183461)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2360131)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2416400)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2482017)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2497640)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2530548)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2544521)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2559049)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2586448)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2618444)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB2647516)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB972260)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB974455)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB976325)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB978207)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB982381)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)
Beveiligingsupdate voor Windows Media Player (KB2378111)
Beveiligingsupdate voor Windows Media Player (KB911564)
Beveiligingsupdate voor Windows Media Player (KB952069)
Beveiligingsupdate voor Windows Media Player (KB954155)
Beveiligingsupdate voor Windows Media Player (KB968816)
Beveiligingsupdate voor Windows Media Player (KB973540)
Beveiligingsupdate voor Windows Media Player (KB975558)
Beveiligingsupdate voor Windows Media Player (KB978695)
Beveiligingsupdate voor Windows Media Player 11 (KB936782)
Beveiligingsupdate voor Windows Media Player 11 (KB954154)
Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)
Beveiligingsupdate voor Windows XP (KB2079403)
Beveiligingsupdate voor Windows XP (KB2115168)
Beveiligingsupdate voor Windows XP (KB2121546)
Beveiligingsupdate voor Windows XP (KB2160329)
Beveiligingsupdate voor Windows XP (KB2229593)
Beveiligingsupdate voor Windows XP (KB2259922)
Beveiligingsupdate voor Windows XP (KB2279986)
Beveiligingsupdate voor Windows XP (KB2286198)
Beveiligingsupdate voor Windows XP (KB2296011)
Beveiligingsupdate voor Windows XP (KB2296199)
Beveiligingsupdate voor Windows XP (KB2347290)
Beveiligingsupdate voor Windows XP (KB2360937)
Beveiligingsupdate voor Windows XP (KB2387149)
Beveiligingsupdate voor Windows XP (KB2393802)
Beveiligingsupdate voor Windows XP (KB2412687)
Beveiligingsupdate voor Windows XP (KB2419632)
Beveiligingsupdate voor Windows XP (KB2423089)
Beveiligingsupdate voor Windows XP (KB2436673)
Beveiligingsupdate voor Windows XP (KB2440591)
Beveiligingsupdate voor Windows XP (KB2443105)
Beveiligingsupdate voor Windows XP (KB2476490)
Beveiligingsupdate voor Windows XP (KB2476687)
Beveiligingsupdate voor Windows XP (KB2478960)
Beveiligingsupdate voor Windows XP (KB2478971)
Beveiligingsupdate voor Windows XP (KB2479628)
Beveiligingsupdate voor Windows XP (KB2479943)
Beveiligingsupdate voor Windows XP (KB2481109)
Beveiligingsupdate voor Windows XP (KB2483185)
Beveiligingsupdate voor Windows XP (KB2485376)
Beveiligingsupdate voor Windows XP (KB2485663)
Beveiligingsupdate voor Windows XP (KB2503658)
Beveiligingsupdate voor Windows XP (KB2503665)
Beveiligingsupdate voor Windows XP (KB2506212)
Beveiligingsupdate voor Windows XP (KB2506223)
Beveiligingsupdate voor Windows XP (KB2507618)
Beveiligingsupdate voor Windows XP (KB2507938)
Beveiligingsupdate voor Windows XP (KB2508272)
Beveiligingsupdate voor Windows XP (KB2508429)
Beveiligingsupdate voor Windows XP (KB2509553)
Beveiligingsupdate voor Windows XP (KB2510581)
Beveiligingsupdate voor Windows XP (KB2511455)
Beveiligingsupdate voor Windows XP (KB2524375)
Beveiligingsupdate voor Windows XP (KB2535512)
Beveiligingsupdate voor Windows XP (KB2536276-v2)
Beveiligingsupdate voor Windows XP (KB2536276)
Beveiligingsupdate voor Windows XP (KB2544893-v2)
Beveiligingsupdate voor Windows XP (KB2544893)
Beveiligingsupdate voor Windows XP (KB2555917)
Beveiligingsupdate voor Windows XP (KB2562937)
Beveiligingsupdate voor Windows XP (KB2566454)
Beveiligingsupdate voor Windows XP (KB2567053)
Beveiligingsupdate voor Windows XP (KB2567680)
Beveiligingsupdate voor Windows XP (KB2570222)
Beveiligingsupdate voor Windows XP (KB2570947)
Beveiligingsupdate voor Windows XP (KB2584146)
Beveiligingsupdate voor Windows XP (KB2585542)
Beveiligingsupdate voor Windows XP (KB2592799)
Beveiligingsupdate voor Windows XP (KB2598479)
Beveiligingsupdate voor Windows XP (KB2603381)
Beveiligingsupdate voor Windows XP (KB2618451)
Beveiligingsupdate voor Windows XP (KB2619339)
Beveiligingsupdate voor Windows XP (KB2620712)
Beveiligingsupdate voor Windows XP (KB2624667)
Beveiligingsupdate voor Windows XP (KB2631813)
Beveiligingsupdate voor Windows XP (KB2633171)
Beveiligingsupdate voor Windows XP (KB2639417)
Beveiligingsupdate voor Windows XP (KB2646524)
Beveiligingsupdate voor Windows XP (KB2660465)
Beveiligingsupdate voor Windows XP (KB2661637)
Beveiligingsupdate voor Windows XP (KB923561)
Beveiligingsupdate voor Windows XP (KB923789)
Beveiligingsupdate voor Windows XP (KB938464)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951066)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951698)
Beveiligingsupdate voor Windows XP (KB951748)
Beveiligingsupdate voor Windows XP (KB952004)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB953839)
Beveiligingsupdate voor Windows XP (KB954211)
Beveiligingsupdate voor Windows XP (KB954459)
Beveiligingsupdate voor Windows XP (KB954600)
Beveiligingsupdate voor Windows XP (KB955069)
Beveiligingsupdate voor Windows XP (KB956391)
Beveiligingsupdate voor Windows XP (KB956572)
Beveiligingsupdate voor Windows XP (KB956744)
Beveiligingsupdate voor Windows XP (KB956802)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956841)
Beveiligingsupdate voor Windows XP (KB956844)
Beveiligingsupdate voor Windows XP (KB957095)
Beveiligingsupdate voor Windows XP (KB957097)
Beveiligingsupdate voor Windows XP (KB958644)
Beveiligingsupdate voor Windows XP (KB958687)
Beveiligingsupdate voor Windows XP (KB958690)
Beveiligingsupdate voor Windows XP (KB958869)
Beveiligingsupdate voor Windows XP (KB959426)
Beveiligingsupdate voor Windows XP (KB960225)
Beveiligingsupdate voor Windows XP (KB960715)
Beveiligingsupdate voor Windows XP (KB960803)
Beveiligingsupdate voor Windows XP (KB960859)
Beveiligingsupdate voor Windows XP (KB961371)
Beveiligingsupdate voor Windows XP (KB961373)
Beveiligingsupdate voor Windows XP (KB961501)
Beveiligingsupdate voor Windows XP (KB968537)
Beveiligingsupdate voor Windows XP (KB969059)
Beveiligingsupdate voor Windows XP (KB969898)
Beveiligingsupdate voor Windows XP (KB969947)
Beveiligingsupdate voor Windows XP (KB970238)
Beveiligingsupdate voor Windows XP (KB970430)
Beveiligingsupdate voor Windows XP (KB971468)
Beveiligingsupdate voor Windows XP (KB971486)
Beveiligingsupdate voor Windows XP (KB971557)
Beveiligingsupdate voor Windows XP (KB971633)
Beveiligingsupdate voor Windows XP (KB971657)
Beveiligingsupdate voor Windows XP (KB971961)
Beveiligingsupdate voor Windows XP (KB972270)
Beveiligingsupdate voor Windows XP (KB973346)
Beveiligingsupdate voor Windows XP (KB973354)
Beveiligingsupdate voor Windows XP (KB973507)
Beveiligingsupdate voor Windows XP (KB973525)
Beveiligingsupdate voor Windows XP (KB973869)
Beveiligingsupdate voor Windows XP (KB973904)
Beveiligingsupdate voor Windows XP (KB974112)
Beveiligingsupdate voor Windows XP (KB974318)
Beveiligingsupdate voor Windows XP (KB974392)
Beveiligingsupdate voor Windows XP (KB974571)
Beveiligingsupdate voor Windows XP (KB975025)
Beveiligingsupdate voor Windows XP (KB975467)
Beveiligingsupdate voor Windows XP (KB975560)
Beveiligingsupdate voor Windows XP (KB975561)
Beveiligingsupdate voor Windows XP (KB975562)
Beveiligingsupdate voor Windows XP (KB975713)
Beveiligingsupdate voor Windows XP (KB977165)
Beveiligingsupdate voor Windows XP (KB977816)
Beveiligingsupdate voor Windows XP (KB977914)
Beveiligingsupdate voor Windows XP (KB978037)
Beveiligingsupdate voor Windows XP (KB978251)
Beveiligingsupdate voor Windows XP (KB978262)
Beveiligingsupdate voor Windows XP (KB978338)
Beveiligingsupdate voor Windows XP (KB978542)
Beveiligingsupdate voor Windows XP (KB978601)
Beveiligingsupdate voor Windows XP (KB978706)
Beveiligingsupdate voor Windows XP (KB979309)
Beveiligingsupdate voor Windows XP (KB979482)
Beveiligingsupdate voor Windows XP (KB979559)
Beveiligingsupdate voor Windows XP (KB979683)
Beveiligingsupdate voor Windows XP (KB979687)
Beveiligingsupdate voor Windows XP (KB980195)
Beveiligingsupdate voor Windows XP (KB980218)
Beveiligingsupdate voor Windows XP (KB980232)
Beveiligingsupdate voor Windows XP (KB980436)
Beveiligingsupdate voor Windows XP (KB981322)
Beveiligingsupdate voor Windows XP (KB981349)
Beveiligingsupdate voor Windows XP (KB981852)
Beveiligingsupdate voor Windows XP (KB981957)
Beveiligingsupdate voor Windows XP (KB981997)
Beveiligingsupdate voor Windows XP (KB982132)
Beveiligingsupdate voor Windows XP (KB982214)
Beveiligingsupdate voor Windows XP (KB982665)
Beveiligingsupdate voor Windows XP (KB982802)
Bonjour
BrettspielWelt
Carcassonne
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCleaner
CD-Text Player
CDCheck
Cerberus FTP Server
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
CoCSoft Stream Down 5.1
Codec Pack - All In 1 6.0.3.0
Commando
Compatibiliteitspakket voor het 2007 Microsoft Office system
DC++ 0.674
Direct Show Ogg Vorbis Filter (remove only)
DivX Codec
DivX Converter
doPDF 5.3 printer
DVD-lab PRO 1.53
DVD Shrink 3.2
eMule
ESET Online Scanner v3
Essentiële update voor Windows Media Player 11 (KB959772)
ExtractNow
Feurio! CD-Writer
ffdshow (remove only)
FontLab Studio 5
FTP Explorer
Gadget Installer
Gadget voor recente documenten in Microsoft Office 2007
GoldWave v4.26
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hema Album Software Advanced
HFX PRO for Studio
High Definition Audio Driver Package - KB888111
HighMAT-uitbreiding voor de wizard Cd branden van Microsoft Windows XP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix voor Windows Internet Explorer 7 (KB947864)
Hotfix voor Windows Media Player 11 (KB939683)
Hotfix voor Windows XP (KB2158563)
Hotfix voor Windows XP (KB2443685)
Hotfix voor Windows XP (KB2570791)
Hotfix voor Windows XP (KB2633952)
Hotfix voor Windows XP (KB952287)
Hotfix voor Windows XP (KB961118)
Hotfix voor Windows XP (KB970653-v3)
Hotfix voor Windows XP (KB976098-v2)
Hotfix voor Windows XP (KB979306)
Hotfix voor Windows XP (KB981793)
IrfanView (remove only)
iTunes
Jasc Paint Shop Pro 8
Java Auto Updater
Java(TM) 6 Update 30
Kinderopvangtoeslag 2010
Kinderopvangtoeslag 2011
Lexmark 3100 Series
LimeWire 4.12.11
Macromedia Flash MX
MadOnion.com/3DMark2001 SE
Malwarebytes Anti-Malware versie 1.60.1.1000
Maple 8
Media Markt
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Dutch Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows Journal Viewer
MobileMe Control Panel
Mozilla Firefox (3.0.19)
Mpeg Layer3 Codec FHG-Radium v1.263
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MultipleIEs
Nero 6 Ultra Edition
NSIS JPsEffects
Ogg Codecs 0.81.15562
Orange Livebox
Orange USB Wi-Fi drivers
Orange USB Wi-Fi manager
Pinnacle Hollywood FX for Studio
PowerDVD
QuickTime
RadLight Ogg Media DirectShow filter (remove only)
Radmin Server 3.0
REALTEK GbE & FE Ethernet PCI-E NIC Driver
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
SAMSUNG PC Share Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Segoe UI
Skins
SopCast 3.0.0
SpeedFan (remove only)
SPSS DDL 5.5
SPVOD Player1.8
Sqirlz Morph
Studio 9
Tantrix Match
TMPGEnc-2.59.47.155-Plus-EN
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update voor Windows Internet Explorer 7 (KB976749)
Update voor Windows Internet Explorer 7 (KB980182)
Update voor Windows Internet Explorer 8 (KB2598845)
Update voor Windows XP (KB2141007)
Update voor Windows XP (KB2345886)
Update voor Windows XP (KB2467659)
Update voor Windows XP (KB2541763)
Update voor Windows XP (KB2616676-v2)
Update voor Windows XP (KB2616676)
Update voor Windows XP (KB2641690)
Update voor Windows XP (KB898461)
Update voor Windows XP (KB951072-v2)
Update voor Windows XP (KB951978)
Update voor Windows XP (KB955759)
Update voor Windows XP (KB955839)
Update voor Windows XP (KB961503)
Update voor Windows XP (KB967715)
Update voor Windows XP (KB968389)
Update voor Windows XP (KB971029)
Update voor Windows XP (KB971737)
Update voor Windows XP (KB973687)
Update voor Windows XP (KB973815)
VeryPDF PDF To Image Converter v2.1
Verzoek of wijziging voorlopige aanslag 2010
Verzoek of wijziging voorlopige aanslag 2011
Verzoek voorlopige teruggaaf 2008
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 0.9.8a
WebFldrs XP
Winamp (remove only)
WinAVI Video Converter
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
Windows Sidebar
Windows XP Service Pack 3
WinRAR archiver
WinZip
Xvid 1.1.3 final uninstall
.
==== End Of File ===========================

arnoldkooiker · Mar 4, 2012

Addition

Oh, in addition. Since my System Recovery wasn't functioning as it supposed to be (restore points couldn't be restored, because no changes were made, at least that is what was said), I removed all old restore points by disabling System Recovery and then enabled it again. Now, at least that works fine again, so although it is infected there is a restore point to which I can restore if needed.

Broni · Mar 4, 2012

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=====================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

=====================================================================

Download Bootkit Remover to your desktop.

Unzip downloaded file to your Desktop.
Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
It will show a Black screen with some data on it.
Right click on the screen and click Select All.
Press CTRL+C
Open a Notepad and press CTRL+V
Post the output back here.

arnoldkooiker · Mar 5, 2012

aswMBR- and bootkit-log

Hello Broni,

Already thanks for your help. Below the output of the aswMBR-scan and the bootkit_cleaner.

============================================================

aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-03-05 19:08:41
-----------------------------
19:08:41.937 OS Version: Windows 5.1.2600 Service Pack 3
19:08:41.937 Number of processors: 2 586 0x6B02
19:08:41.937 ComputerName: PC UserName:
19:08:43.171 Initialize success
19:09:54.750 AVAST engine defs: 12030500
19:10:07.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:10:07.640 Disk 0 Vendor: SAMSUNG_HD502IJ 1AA01112 Size: 476940MB BusType: 3
19:10:07.656 Disk 0 MBR read successfully
19:10:07.671 Disk 0 MBR scan
19:10:07.687 Disk 0 Windows XP default MBR code
19:10:07.687 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476937 MB offset 63
19:10:07.687 Disk 0 scanning sectors +976768065
19:10:07.765 Disk 0 scanning C:\WINDOWS\system32\drivers
19:10:13.203 File: C:\WINDOWS\system32\drivers\cdrom.sys **INFECTED** Win32:Smadow [Rtk]
19:10:20.781 Disk 0 trace - called modules:
19:10:20.812 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xb72c9ff0]<<
19:10:20.812 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a598ab8]
19:10:20.812 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> [0x8a4d95b0]
19:10:20.812 \Driver\00000606[0x8a590880] -> IRP_MJ_CREATE -> 0xb72c9ff0
19:10:21.625 AVAST engine scan C:\WINDOWS
19:10:49.468 AVAST engine scan C:\WINDOWS\system32
19:13:41.625 AVAST engine scan C:\WINDOWS\system32\drivers
19:13:48.687 File: C:\WINDOWS\system32\drivers\cdrom.sys **INFECTED** Win32:Smadow [Rtk]
19:14:08.687 AVAST engine scan C:\Documents and Settings\user
19:25:45.375 AVAST engine scan C:\Documents and Settings\All Users
19:28:51.875 Scan finished successfully
19:49:46.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\user\Bureaublad\MBR.dat"
19:49:46.937 The log file has been saved successfully to "C:\Documents and Settings\user\Bureaublad\aswMBR.txt"

============================================================

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 69cccfbb74623f0a8d61f6ab49d5681b

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>

Done;
Press any key to quit...

============================================================

Broni · Mar 5, 2012

Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.
Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

arnoldkooiker · Mar 5, 2012

TDSSKiller log

23:41:31.0062 5032 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
23:41:31.0203 5032 ============================================================
23:41:31.0203 5032 Current date / time: 2012/03/05 23:41:31.0203
23:41:31.0203 5032 SystemInfo:
23:41:31.0203 5032
23:41:31.0203 5032 OS Version: 5.1.2600 ServicePack: 3.0
23:41:31.0203 5032 Product type: Workstation
23:41:31.0203 5032 ComputerName: PC
23:41:31.0203 5032 UserName: user
23:41:31.0203 5032 Windows directory: C:\WINDOWS
23:41:31.0203 5032 System windows directory: C:\WINDOWS
23:41:31.0203 5032 Processor architecture: Intel x86
23:41:31.0203 5032 Number of processors: 2
23:41:31.0203 5032 Page size: 0x1000
23:41:31.0203 5032 Boot type: Normal boot
23:41:31.0203 5032 ============================================================
23:41:33.0046 5032 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:41:33.0093 5032 Drive \Device\Harddisk5\DR6 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:41:33.0109 5032 \Device\Harddisk0\DR0:
23:41:33.0109 5032 MBR used
23:41:33.0109 5032 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
23:41:33.0109 5032 \Device\Harddisk5\DR6:
23:41:33.0109 5032 MBR used
23:41:33.0109 5032 \Device\Harddisk5\DR6\Partition0: MBR, Type 0x7, StartLBA 0xF9CA3B, BlocksNum 0x1C223C85
23:41:33.0187 5032 Initialize success
23:41:33.0187 5032 ============================================================
23:41:40.0156 2912 ============================================================
23:41:40.0156 2912 Scan started
23:41:40.0156 2912 Mode: Manual;
23:41:40.0156 2912 ============================================================
23:41:40.0703 2912 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
23:41:40.0703 2912 61883 - ok
23:41:40.0718 2912 Abiosdsk - ok
23:41:40.0718 2912 abp480n5 - ok
23:41:40.0781 2912 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:41:40.0781 2912 ACPI - ok
23:41:40.0812 2912 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:41:40.0812 2912 ACPIEC - ok
23:41:40.0843 2912 adpu160m - ok
23:41:40.0875 2912 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:41:40.0875 2912 aec - ok
23:41:40.0921 2912 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:41:40.0921 2912 AFD - ok
23:41:40.0921 2912 Aha154x - ok
23:41:40.0937 2912 aic78u2 - ok
23:41:40.0953 2912 aic78xx - ok
23:41:40.0968 2912 AliIde - ok
23:41:40.0984 2912 amsint - ok
23:41:41.0046 2912 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:41:41.0046 2912 Arp1394 - ok
23:41:41.0109 2912 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys
23:41:41.0109 2912 ASAPIW2k - ok
23:41:41.0125 2912 asc - ok
23:41:41.0125 2912 asc3350p - ok
23:41:41.0140 2912 asc3550 - ok
23:41:41.0171 2912 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:41:41.0171 2912 AsyncMac - ok
23:41:41.0218 2912 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:41:41.0218 2912 atapi - ok
23:41:41.0218 2912 Atdisk - ok
23:41:41.0359 2912 ati2mtag (6b618c7764e03a78599d74e31b8ab17b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:41:41.0390 2912 ati2mtag - ok
23:41:41.0406 2912 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:41:41.0406 2912 Atmarpc - ok
23:41:41.0468 2912 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:41:41.0468 2912 audstub - ok
23:41:41.0531 2912 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
23:41:41.0531 2912 Avc - ok
23:41:41.0593 2912 AVCSTRM (e625773d7b950842d582f713656859c0) C:\WINDOWS\system32\DRIVERS\avcstrm.sys
23:41:41.0593 2912 AVCSTRM - ok
23:41:41.0671 2912 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
23:41:41.0796 2912 AVGIDSDriver - ok
23:41:41.0828 2912 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
23:41:41.0828 2912 AVGIDSEH - ok
23:41:41.0859 2912 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
23:41:41.0859 2912 AVGIDSFilter - ok
23:41:41.0906 2912 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
23:41:41.0906 2912 AVGIDSShim - ok
23:41:41.0968 2912 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
23:41:41.0968 2912 Avgldx86 - ok
23:41:42.0000 2912 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
23:41:42.0000 2912 Avgmfx86 - ok
23:41:42.0046 2912 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
23:41:42.0046 2912 Avgrkx86 - ok
23:41:42.0125 2912 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
23:41:42.0140 2912 Avgtdix - ok
23:41:42.0234 2912 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:41:42.0234 2912 Beep - ok
23:41:42.0359 2912 Cap713x (8f36328ce5a41880d1f208797289961e) C:\WINDOWS\system32\DRIVERS\Cap713x.sys
23:41:42.0359 2912 Cap713x - ok
23:41:42.0406 2912 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:41:42.0406 2912 cbidf2k - ok
23:41:42.0468 2912 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:41:42.0468 2912 CCDECODE - ok
23:41:42.0484 2912 cd20xrnt - ok
23:41:42.0546 2912 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:41:42.0562 2912 Cdaudio - ok
23:41:42.0578 2912 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:41:42.0593 2912 Cdfs - ok
23:41:42.0656 2912 Cdrom (c17e85f23a160fd7840cabb958861a84) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:41:42.0656 2912 Cdrom - ok
23:41:42.0703 2912 Changer - ok
23:41:42.0734 2912 CmdIde - ok
23:41:42.0750 2912 Cpqarray - ok
23:41:42.0812 2912 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
23:41:42.0812 2912 ctxusbm - ok
23:41:42.0843 2912 dac2w2k - ok
23:41:42.0859 2912 dac960nt - ok
23:41:42.0890 2912 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:41:42.0890 2912 Disk - ok
23:41:42.0968 2912 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
23:41:42.0968 2912 dmboot - ok
23:41:42.0984 2912 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
23:41:42.0984 2912 dmio - ok
23:41:43.0000 2912 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:41:43.0000 2912 dmload - ok
23:41:43.0031 2912 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:41:43.0031 2912 DMusic - ok
23:41:43.0046 2912 dpti2o - ok
23:41:43.0046 2912 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:41:43.0046 2912 drmkaud - ok
23:41:43.0140 2912 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:41:43.0140 2912 Fastfat - ok
23:41:43.0187 2912 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:41:43.0187 2912 Fdc - ok
23:41:43.0218 2912 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
23:41:43.0218 2912 Fips - ok
23:41:43.0312 2912 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:41:43.0312 2912 Flpydisk - ok
23:41:43.0359 2912 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:41:43.0359 2912 FltMgr - ok
23:41:43.0390 2912 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:41:43.0390 2912 Fs_Rec - ok
23:41:43.0421 2912 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:41:43.0421 2912 Ftdisk - ok
23:41:43.0437 2912 FXDrv32 - ok
23:41:43.0453 2912 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
23:41:43.0453 2912 gagp30kx - ok
23:41:43.0500 2912 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
23:41:43.0500 2912 GEARAspiWDM - ok
23:41:43.0546 2912 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
23:41:43.0546 2912 giveio - ok
23:41:43.0593 2912 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:41:43.0593 2912 Gpc - ok
23:41:43.0625 2912 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:41:43.0625 2912 HDAudBus - ok
23:41:43.0687 2912 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:41:43.0687 2912 HidUsb - ok
23:41:43.0703 2912 hpn - ok
23:41:43.0765 2912 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:41:43.0765 2912 HTTP - ok
23:41:43.0781 2912 i2omgmt - ok
23:41:43.0796 2912 i2omp - ok
23:41:43.0796 2912 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:41:43.0812 2912 i8042prt - ok
23:41:43.0843 2912 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:41:43.0843 2912 Imapi - ok
23:41:43.0859 2912 ini910u - ok
23:41:44.0031 2912 IntcAzAudAddService (41ef008d7b089ce6f5f2e4a61d5638e6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:41:44.0078 2912 IntcAzAudAddService - ok
23:41:44.0125 2912 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys
23:41:44.0125 2912 IntelIde - ok
23:41:44.0187 2912 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:41:44.0187 2912 Ip6Fw - ok
23:41:44.0203 2912 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:41:44.0203 2912 IpFilterDriver - ok
23:41:44.0218 2912 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:41:44.0218 2912 IpInIp - ok
23:41:44.0265 2912 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:41:44.0265 2912 IpNat - ok
23:41:44.0312 2912 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:41:44.0312 2912 IPSec - ok
23:41:44.0359 2912 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:41:44.0359 2912 IRENUM - ok
23:41:44.0375 2912 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:41:44.0375 2912 isapnp - ok
23:41:44.0421 2912 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:41:44.0421 2912 Kbdclass - ok
23:41:44.0468 2912 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:41:44.0468 2912 kbdhid - ok
23:41:44.0515 2912 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:41:44.0515 2912 kmixer - ok
23:41:44.0578 2912 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:41:44.0578 2912 KSecDD - ok
23:41:44.0625 2912 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys
23:41:44.0625 2912 Lbd - ok
23:41:44.0640 2912 lbrtfdc - ok
23:41:44.0765 2912 mirrorv3 (d96ea49ab9a9174331bc023fd0cadc18) C:\WINDOWS\system32\DRIVERS\rminiv3.sys
23:41:44.0781 2912 mirrorv3 - ok
23:41:44.0812 2912 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:41:44.0812 2912 mnmdd - ok
23:41:44.0859 2912 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
23:41:44.0859 2912 Modem - ok
23:41:44.0890 2912 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:41:44.0890 2912 Mouclass - ok
23:41:44.0906 2912 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:41:44.0906 2912 mouhid - ok
23:41:44.0921 2912 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:41:44.0937 2912 MountMgr - ok
23:41:44.0937 2912 mraid35x - ok
23:41:44.0984 2912 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:41:44.0984 2912 MRxDAV - ok
23:41:45.0046 2912 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:41:45.0046 2912 MRxSmb - ok
23:41:45.0093 2912 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
23:41:45.0093 2912 MSDV - ok
23:41:45.0140 2912 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:41:45.0140 2912 Msfs - ok
23:41:45.0140 2912 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:41:45.0140 2912 MSKSSRV - ok
23:41:45.0171 2912 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:41:45.0187 2912 MSPCLOCK - ok
23:41:45.0187 2912 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:41:45.0187 2912 MSPQM - ok
23:41:45.0250 2912 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:41:45.0250 2912 mssmbios - ok
23:41:45.0328 2912 MSTAPE (5c3f9bdf4db23b75306388fc26a0a8e5) C:\WINDOWS\system32\DRIVERS\mstape.sys
23:41:45.0343 2912 MSTAPE - ok
23:41:45.0375 2912 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
23:41:45.0375 2912 MSTEE - ok
23:41:45.0406 2912 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:41:45.0406 2912 Mup - ok
23:41:45.0484 2912 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:41:45.0484 2912 NABTSFEC - ok
23:41:45.0593 2912 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:41:45.0609 2912 NDIS - ok
23:41:45.0625 2912 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:41:45.0640 2912 NdisIP - ok
23:41:45.0687 2912 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:41:45.0687 2912 NdisTapi - ok
23:41:45.0703 2912 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:41:45.0703 2912 Ndisuio - ok
23:41:45.0718 2912 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:41:45.0734 2912 NdisWan - ok
23:41:45.0781 2912 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:41:45.0781 2912 NDProxy - ok
23:41:45.0828 2912 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:41:45.0828 2912 NetBIOS - ok
23:41:45.0859 2912 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:41:45.0859 2912 NetBT - ok
23:41:45.0906 2912 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:41:45.0906 2912 NIC1394 - ok
23:41:45.0968 2912 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
23:41:45.0968 2912 NPF - ok
23:41:45.0984 2912 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:41:45.0984 2912 Npfs - ok
23:41:46.0046 2912 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:41:46.0062 2912 Ntfs - ok
23:41:46.0140 2912 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:41:46.0140 2912 Null - ok
23:41:46.0156 2912 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:41:46.0156 2912 NwlnkFlt - ok
23:41:46.0187 2912 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:41:46.0187 2912 NwlnkFwd - ok
23:41:46.0218 2912 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:41:46.0218 2912 ohci1394 - ok
23:41:46.0312 2912 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
23:41:46.0312 2912 Parport - ok
23:41:46.0312 2912 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:41:46.0312 2912 PartMgr - ok
23:41:46.0359 2912 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
23:41:46.0359 2912 ParVdm - ok
23:41:46.0375 2912 PCANDIS5 - ok
23:41:46.0390 2912 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
23:41:46.0390 2912 PCI - ok
23:41:46.0390 2912 PCIDump - ok
23:41:46.0421 2912 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:41:46.0421 2912 PCIIde - ok
23:41:46.0468 2912 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
23:41:46.0468 2912 PCLEPCI - ok
23:41:46.0484 2912 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:41:46.0484 2912 Pcmcia - ok
23:41:46.0500 2912 PDCOMP - ok
23:41:46.0515 2912 PDFRAME - ok
23:41:46.0531 2912 PDRELI - ok
23:41:46.0546 2912 PDRFRAME - ok
23:41:46.0546 2912 perc2 - ok
23:41:46.0562 2912 perc2hib - ok
23:41:46.0625 2912 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:41:46.0625 2912 PptpMiniport - ok
23:41:46.0687 2912 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys
23:41:46.0687 2912 Processor - ok
23:41:46.0703 2912 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:41:46.0703 2912 PSched - ok
23:41:46.0734 2912 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:41:46.0734 2912 Ptilink - ok
23:41:46.0765 2912 ql1080 - ok
23:41:46.0765 2912 Ql10wnt - ok
23:41:46.0781 2912 ql12160 - ok
23:41:46.0781 2912 ql1240 - ok
23:41:46.0796 2912 ql1280 - ok
23:41:46.0828 2912 raddrvv3 (bfadb3f81e4e8ab07bca46f2882989da) C:\WINDOWS\system32\rserver30\raddrvv3.sys
23:41:46.0843 2912 raddrvv3 - ok
23:41:46.0843 2912 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:41:46.0843 2912 RasAcd - ok
23:41:46.0875 2912 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:41:46.0875 2912 Rasl2tp - ok
23:41:46.0890 2912 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:41:46.0890 2912 RasPppoe - ok
23:41:46.0906 2912 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:41:46.0906 2912 Raspti - ok
23:41:46.0968 2912 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:41:46.0968 2912 Rdbss - ok
23:41:46.0984 2912 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:41:47.0000 2912 RDPCDD - ok
23:41:47.0031 2912 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
23:41:47.0046 2912 RDPWD - ok
23:41:47.0062 2912 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:41:47.0078 2912 redbook - ok
23:41:47.0171 2912 RTL8023xp (6dbd011d47ebd394a5ea7843b8afa7ea) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
23:41:47.0171 2912 RTL8023xp - ok
23:41:47.0234 2912 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
23:41:47.0234 2912 rtl8139 - ok
23:41:47.0296 2912 RTLE8023xp (3400495f5b219d5153c770a95499579c) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
23:41:47.0296 2912 RTLE8023xp - ok
23:41:47.0437 2912 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:41:47.0437 2912 Secdrv - ok
23:41:47.0484 2912 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:41:47.0484 2912 serenum - ok
23:41:47.0515 2912 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
23:41:47.0515 2912 Serial - ok
23:41:47.0578 2912 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:41:47.0578 2912 Sfloppy - ok
23:41:47.0640 2912 SG762_XP (478b4415dfb3a45b6fe61ec781e07d7b) C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys
23:41:47.0656 2912 SG762_XP - ok
23:41:47.0671 2912 Simbad - ok
23:41:47.0734 2912 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:41:47.0734 2912 SLIP - ok
23:41:47.0750 2912 Sparrow - ok
23:41:47.0812 2912 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
23:41:47.0828 2912 speedfan - ok
23:41:47.0843 2912 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:41:47.0843 2912 splitter - ok
23:41:47.0859 2912 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
23:41:47.0859 2912 sr - ok
23:41:47.0890 2912 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:41:47.0921 2912 Srv - ok
23:41:47.0953 2912 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:41:47.0953 2912 streamip - ok
23:41:48.0015 2912 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:41:48.0015 2912 swenum - ok
23:41:48.0031 2912 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:41:48.0031 2912 swmidi - ok
23:41:48.0046 2912 symc810 - ok
23:41:48.0062 2912 symc8xx - ok
23:41:48.0093 2912 sym_hi - ok
23:41:48.0093 2912 sym_u3 - ok
23:41:48.0156 2912 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:41:48.0156 2912 sysaudio - ok
23:41:48.0187 2912 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:41:48.0187 2912 Tcpip - ok
23:41:48.0218 2912 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:41:48.0218 2912 TDPIPE - ok
23:41:48.0234 2912 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:41:48.0234 2912 TDTCP - ok
23:41:48.0250 2912 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:41:48.0265 2912 TermDD - ok
23:41:48.0296 2912 TosIde - ok
23:41:48.0390 2912 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:41:48.0390 2912 Udfs - ok
23:41:48.0406 2912 ultra - ok
23:41:48.0453 2912 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:41:48.0453 2912 Update - ok
23:41:48.0484 2912 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:41:48.0484 2912 usbccgp - ok
23:41:48.0531 2912 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:41:48.0531 2912 usbehci - ok
23:41:48.0593 2912 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:41:48.0593 2912 usbhub - ok
23:41:48.0656 2912 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:41:48.0671 2912 usbohci - ok
23:41:48.0703 2912 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:41:48.0703 2912 usbprint - ok
23:41:48.0734 2912 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:41:48.0734 2912 usbscan - ok
23:41:48.0750 2912 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:41:48.0750 2912 USBSTOR - ok
23:41:48.0828 2912 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:41:48.0828 2912 VgaSave - ok
23:41:48.0859 2912 ViaIde - ok
23:41:48.0890 2912 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
23:41:48.0906 2912 VolSnap - ok
23:41:48.0937 2912 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:41:48.0937 2912 Wanarp - ok
23:41:48.0953 2912 WDICA - ok
23:41:49.0000 2912 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:41:49.0015 2912 wdmaud - ok
23:41:49.0140 2912 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:41:49.0140 2912 WSTCODEC - ok
23:41:49.0156 2912 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:41:49.0156 2912 WudfPf - ok
23:41:49.0187 2912 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:41:49.0187 2912 WudfRd - ok
23:41:49.0203 2912 ZDCndis5 - ok
23:41:49.0250 2912 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys
23:41:49.0250 2912 ZDPSp50 - ok
23:41:49.0312 2912 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
23:41:49.0468 2912 \Device\Harddisk0\DR0 - ok
23:41:49.0484 2912 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR6
23:41:49.0718 2912 \Device\Harddisk5\DR6 - ok
23:41:49.0718 2912 Boot (0x1200) (976bbb25b46b842757750c3ac7825dbd) \Device\Harddisk0\DR0\Partition0
23:41:49.0718 2912 \Device\Harddisk0\DR0\Partition0 - ok
23:41:49.0734 2912 Boot (0x1200) (1baf50819c3ee4b97c0ed3380ee5967a) \Device\Harddisk5\DR6\Partition0
23:41:49.0734 2912 \Device\Harddisk5\DR6\Partition0 - ok
23:41:49.0734 2912 ============================================================
23:41:49.0734 2912 Scan finished
23:41:49.0734 2912 ============================================================
23:41:49.0750 4584 Detected object count: 0
23:41:49.0750 4584 Actual detected object count: 0

Broni · Mar 5, 2012

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe

Double-click on the Rkill icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

arnoldkooiker · Mar 7, 2012

Combofix log

I ran combofix, below the log. For your information, at the last reboot Combofix stated that I should approve a reboot by Combofix, but there didn't came up anything to confirm. Since I had no other option, I had to manually restart the pc (I think this situation may resulted because not everything was completely booted after the first reboot by Combofix when it found a rootkit - for example there was not ready a taskbar shown).

I trust you inform me when I can reinstall AVG?

===========================================

ComboFix 12-03-06.01 - user 07-03-2012 8:32.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1919.1531 [GMT 1:00]
Gestart vanuit: c:\documents and settings\user\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\config.Bin
c:\documents and settings\user\WINDOWS
c:\windows\$NtUninstallKB22540$\2881797448
c:\windows\$NtUninstallKB22540$\3428815955\@
c:\windows\$NtUninstallKB22540$\3428815955\bckfg.tmp
c:\windows\$NtUninstallKB22540$\3428815955\cfg.ini
c:\windows\$NtUninstallKB22540$\3428815955\Desktop.ini
c:\windows\$NtUninstallKB22540$\3428815955\kwrd.dll
c:\windows\$NtUninstallKB22540$\3428815955\L\gvkvicoc
c:\windows\$NtUninstallKB22540$\3428815955\twl.dll
c:\windows\$NtUninstallKB22540$\3428815955\U\00000001.@
c:\windows\$NtUninstallKB22540$\3428815955\U\00000002.@
c:\windows\$NtUninstallKB22540$\3428815955\U\00000004.@
c:\windows\$NtUninstallKB22540$\3428815955\U\80000000.@
c:\windows\$NtUninstallKB22540$\3428815955\U\80000004.@
c:\windows\$NtUninstallKB22540$\3428815955\U\80000032.@
c:\windows\$NtUninstallKB22540$\3428815955\version
c:\windows\IsUn0413.exe
c:\windows\iun6002.exe
c:\windows\system32\alcan5wn.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Nagasoft
c:\windows\system32\Nagasoft\Codecs\asyncflt.ax
c:\windows\system32\Nagasoft\Codecs\atrc.dll
c:\windows\system32\Nagasoft\Codecs\cook.dll
c:\windows\system32\Nagasoft\Codecs\drvc.dll
c:\windows\system32\Nagasoft\Codecs\msvcr71.dll
c:\windows\system32\Nagasoft\Codecs\raac.dll
c:\windows\system32\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\system32\Nagasoft\Codecs\WMFDemux.dll
c:\windows\system32\Nagasoft\GifShower.dll
c:\windows\system32\Nagasoft\Uninstall.exe
c:\windows\system32\Nagasoft\vjocx.dll
c:\windows\system32\Packet.dll
c:\windows\system32\se2Bnd5.dll
c:\windows\system32\SET8E.tmp
c:\windows\system32\SET9A.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\SETE6.tmp
c:\windows\system32\wpcap.dll
.
Besmet exemplaar van c:\windows\system32\drivers\cdrom.sys werd aangetroffen en gedesinfecteerd
Hersteld exemplaar van - The cat found it

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AMSERVICE
-------\Legacy_FRAMEWORK
-------\Legacy_MI-RAYSAT_3DSMAX8
-------\Legacy_NPF
-------\Service_AMService
-------\Service_framework
-------\Service_mi-raysat_3dsmax8
-------\Service_NPF
-------\Legacy_ltxred
-------\Legacy_vvdsvc
-------\Legacy_vvdsvc
-------\Service_ltxred
-------\Service_vvdsvc
-------\Service_vvdsvc
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-07 to 2012-03-07 ))))))))))))))))))))))))))))))
.
.
2012-03-07 07:28 . 2008-04-13 22:10 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2012-03-04 14:52 . 2012-03-04 14:52 -------- d-----w- c:\windows\system32\wbem\Repository
2012-03-01 21:26 . 2012-03-01 21:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-01 21:26 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-29 21:24 . 2012-02-29 21:24 -------- d-----w- c:\program files\ESET
2012-02-21 18:54 . 2012-02-21 18:54 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2012-02-20 22:22 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2012-02-20 22:19 . 2012-02-20 22:20 -------- dc-h--w- c:\windows\ie8
2012-02-14 18:50 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-14 18:50 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-07 07:21 . 2012-02-05 14:19 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-02-05 12:45 . 2011-05-16 18:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-22 19:36 . 2008-01-30 10:22 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys
2012-01-22 10:53 . 2005-03-31 17:55 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2012-01-12 17:20 . 2005-03-31 17:55 1860096 ----a-w- c:\windows\system32\win32k.sys
2011-12-17 19:42 . 2005-03-31 17:55 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2005-03-31 17:55 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2005-03-31 17:55 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2005-03-31 17:55 385024 ------w- c:\windows\system32\html.iec
2010-03-10 23:01 . 2010-03-10 23:01 124272 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2010-03-10 23:40 . 2010-03-10 23:40 13168 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2010-03-10 23:02 . 2010-03-10 23:02 70512 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2010-03-10 23:01 . 2010-03-10 23:01 91504 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2010-03-10 23:01 . 2010-03-10 23:01 22384 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2010-03-10 23:00 . 2010-03-10 23:00 255344 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2010-03-10 23:01 . 2010-03-10 23:01 31088 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2010-03-10 23:01 . 2010-03-10 23:01 40304 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2009-10-05 12:49 . 2009-10-05 12:49 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2010-03-10 23:02 . 2010-03-10 23:02 23920 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-05-07 1280000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 16125440]
"Lexmark 3100 Series"="c:\program files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-04 106496]
"LXBRKsk"="c:\progra~1\LEXMAR~1\LXBRKsk.exe" [2003-06-13 282624]
"WinampAgent"="c:\program files\Winamp\Winampa.exe" [2003-04-02 12288]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-16 47392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-10 300400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk - c:\program files\SAGEM WiFi manager\WLANUTL.exe [2011-4-6 925696]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ----a-r- c:\windows\SkyTel.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"d:\\D-schijf\\Games\\World Series of Poker TOC\\WSOPTOC.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\ABC\\abc.exe"=
"c:\\WINDOWS\\system32\\rserver30\\rserver3.exe"=
"c:\\Program Files\\Audiograbber\\audiograbber.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Maple 8\\bin.win\\mserver.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Samsung PC Share Manager\\WiselinkPro.exe"=
"c:\\Program Files\\Samsung PC Share Manager\\http_ss_win_pro.exe"=
"d:\\D-schijf\\Games\\Commandos, Behind Enemy Lines\\mpserver.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Cerberus\\Cerberus.exe"=
"c:\\Program Files\\FTP Explorer\\ftpx.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"\\??\\c:\\WINDOWS\\system32\\winlogon.exe"=
"%windir%\explorer.exe"= %windir%\explorer.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4899:TCP"= 4899:TCP:Remote Administrator
"21:TCP"= 21:TCP:FTP
"2121:TCP"= 2121:TCP:FTP 2121
"1179:UDP"= 1179:UDP:Windows Media Format SDK (sidebar.exe)
"1178:UDP"= 1178:UDP:Windows Media Format SDK (sidebar.exe)
.
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [5-10-2009 10:08 65584]
R1 raddrvv3;raddrvv3;c:\windows\system32\rserver30\raddrvv3.sys [2-2-2007 13:54 41176]
R2 Cerberus FTP Server;Cerberus FTP Server;c:\program files\Cerberus\Cerberus.exe -Service --> c:\program files\Cerberus\Cerberus.exe -Service [?]
R2 RServer3;Radmin Server V3;c:\windows\system32\rserver30\rserver3.exe [2-2-2007 13:35 1235032]
R3 Cap713x;Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [8-10-2004 15:58 751104]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;c:\windows\system32\drivers\WlanBZXP.sys [6-4-2011 9:11 402432]
S2 FlexService;Remote Connections Service;c:\program files\RapidBIT\cisvc.exe [17-5-2009 5:16 41984]
S2 gupdate;Google Updateservice (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 AllShare;SAMSUNG AllShare Service;c:\program files\Samsung PC Share Manager\WiselinkPro.exe [16-7-2010 16:23 6638080]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 gupdatem;Google Update-service (gupdatem);"c:\program files\Google\Update\GoogleUpdate.exe" /medsvc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
HPFXBULK
vaiomediaplatform-photoserver-appserver
regsrvc
backupexecalertserver
jtagserver
SE2Bmdm
tapeware
symwsc
s125obex
NvNdis
FVNETusb
AtcL002
mksupdateint
mfebopk
w200obex
mmc_2K
viagfx
ELhid
se59unic
avidsdmservice
SaiClass
GoBack2K
BrPar
ql2100
rimmptsk
winpower
ose
WaveEnrollmentService
SE2Cobex
wmccds
pmshellsrv
symids
mvserver
rtl8029
vncmirror
MRENDIS5
tphkdrv
inspect
ccpwdsvc
nocashio
SE27mdfl
viaagp1
sbhooksvc
NWSAP
clsched
gusvc
btfirst
se45obex
bcftdi
blueletscoaudio
MSW_USB
SaiH040B
Defrag32b
ilicensesvc
ssdiagn
nvax
isdrv120
cidaemon
F700iob
tsircsrv
wacomvhid
AVerBDA
SbcpHid
k750mdfl
yats32
logonsvcid
EACSys
w550bus
starwindserviceae
awhost32
adpu320
ZSMC211
clnt_clientman
taphss
aamqdispatcher
SE2Dmgmt
int15
radclock
FETNDIS
adaptecstoragemanageragent
iaimfp4
digictrl
amdk77
sermouse
dot4print
w300bus
lxdj_device
iviregmgr
netwg311
w810obex
pdlncbas
k750mdm
rimusb
traprcvr
ZTEusbmdm6k
IntuitUpdateService
nmservice
HBtnKey
eamon
WmUsbHid
EPSON_EB_RPCV4_01
QWAVE
mlkkbdntdriver
aolavupd
aswlsvc
cercsr6
lvprcsrv
PGPwded
RVIEG01
bc_pat_f
idebusdr
dvpapi
carboniteservice
ntgrip
wg6n
{85ccb53b-23d8-4e73-b1b7-9ddb71827d9b}
avg7updsvc
CnxTrUsb
marvinbus
psadd
NETw5x32
stunnel
Slpsvdr
p1110vid
fallback
admjoy
dlcf_device
TryAndDecideService
fa_scheduler
uhcd
MobilePreInstallerService
mrvw245
ec2007service
WNCPKT
mcafeeantispyware
belgium_id_card_service
btwaudio
MA_CMIDI
avcgbdr
PCISys
usnsvc
trackcam4
CVirtA
ofcpfwsvc
botcbs
viamraid
WLAN_USB
PTDCMdm
tphdexlgsvc
p17xfilt
MRESP50
omsad
atitunep
Hotkey
anio
dlacdbhm
USBVCD
SetupNT
CTDevice_Srv
RTHDMIAzAudService
hsvcmod
mi-raysat_3dsMax2008_32
s116unic
pinnaclemarvinusb
ixiaendpoint
USBCamera
oracleorahomemanagementserver
ctprxy2k
bc_ip_f
konfig
S7oppilx
WavxDMgr
pelmouse
rpskt
BcmSqlStartupSvc
pwd_2K
avupdsvc
igateway
cdrbsdrv
papycpu2
oraclexeclragent
GTWModem
CXTUNE
sthda
A88xTuner
pinetmgr
bdpredir
ltxred
MegaSR
iaantmon
aswtdi
pgsql-8.0
UCTblHid
alertservice
ShockMgr
vmx86
lwwlicenseservice
se58mdm
b57w2k
SymIM
pdengine
merakpop3
sndsrvc
bwcsrv
defragfs
cvsnt
WD_FireWire_HID
SE27mgmt
sonicstagemonitoring
SSFS0BB9
cpqdfw
streamloadservice
Wdf01000
mcnasvc
superproserver
webfilter
IWCA
HWSCtrl
alcaudsl
us30sys
npkcsvc
hidbatt
ftpqueue
nimxdfk
olregcap
ATMsg
mgisvr
REVOSENS
enethusb
SilverLink
ISODrive
ONSIO
webrootspysweeperservice
s217unic
p3
DCamUSBSQTECH
CYGF32X
websenseclientdeployservice
PID_08A0
SunkFilt39
qmofiltr
CTHWIUT.DLL
raysatxsi5_0server
aeaudio
rkhdrv31
DSI_SiUSBXp_3_1
fingrd32
s125bus
cfosspeed
cpqnicmgmt
amoagent
vmkbd2
ypcservice
zpsc
cmudau
basic2
ssm_bus
nlsvc
backupexecdevicemediaservice
nsausvc
tvichw32
v2imount
backupexecnamingservice
MTDVC2_ENUM
imagesrv
RivaTuner32
ssscsisv
rismxdp
trufos
lktimesync
snoopfree
scanexplicit
ireike
qcmerced
oracle_load_balancer_60_client-forms6i
s616nd5
mwsejcap
procexp90
U2SP
sonywbms
WmiAcpi
NCPro
mcupdmgr.exe
DfwWebAgent
SQLAgent$MICROSOFTSMLBIZ
mcsysmon
dladresn
se58nd5
hsxhwazl
USBMN1X1
vpcnets2
btwdndis
MRV6X32P
tosrfnds
transbaseservice
s116obex
AsusACPI
naveng
forcewarewebinterface
fuj02b1
upperdev
pptchpad
zntport
hsf_msft
mssql$microsoftbcm
Maplom
s117unic
WINFLASH
KMWDFilter
tdimsys
ctxcpuusync
revudfservice
EpmPsd
cpntsrv
CSRBC
PAC7302
DCamUSBGrandTek
WmVirHid
qconsvc
ati2mtaa
mcdbus
vwlogger
bdselfpr
nvnetbus
servicelayer
tpsrv
minilog
ndasbus
McciCMService
sqlagent$sony_mediamgr
EL2000
asmagent
cwcspud
BrUsbSer
sfhlp01
naimagent32
vcsw
noipducservice
psasrv
iaimtv3
avg7core
ClntMgmt.sys
mrpostman
emu10k1
w550mdfl
cwafadmincontroller
ha20x2k
FontCache3.0.0.0.
tosrfbd
autocomplete
msmframework
websenseusagemonitor
AdfuUd
usb20l
symantecantibotwatcher
pnmsrv
emupia
Sk99202k
mpfirewl
gmer
zebrsce
bwmservice
hcf_msft
avg7rsw
AFGSp50
omnidrv
pdlndsdl
dcsloader
govsrv
LMIRfsDriver
omniserv
PGPdisk
SE2Dbus
SfCtlCom
ca-messagequeuing
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Inhoud van de 'Gedeelde Taken' map
.
2012-02-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006Core.job
- c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-04 14:13]
.
2012-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006UA.job
- c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-02-04 14:13]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.hotmail.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
Trusted Zone: enschede.nl\ienoportal
Trusted Zone: enschede.nl\portal
Trusted Zone: enschede.nl\webmail
Trusted Zone: localhost
TCP: Interfaces\{52503A0F-5C0B-42B1-B77D-EFE140159F74}: NameServer = 192.168.1.1
TCP: Interfaces\{A80290E0-1513-4894-83AE-BAB9896987DB}: NameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\3jf689pd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.nl
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS VERWIJDERD - - - -
.
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
SafeBoot-67199368.sys
MSConfigStartUp-lphccg8j0ej6p - c:\windows\system32\lphccg8j0ej6p.exe
AddRemove-360Share Pro - c:\program files\360Share Pro\bt-uninst.exe
AddRemove-ComandoDeinstKey - c:\games\Commandos
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Feurio - c:\program files\Feurio!\Feurio_Uninstall.exe
AddRemove-JPsEffects - c:\program files\Pinnacle\Studio 9\Plugins\JPsEffects\uninstall_9.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Ahead\nero\uninstall\UNNERO.exe
AddRemove-SPVOD Player1.8 - c:\windows\system32\Nagasoft\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-07 08:57
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
.
c:\windows\$NtUninstallKB22540$:SummaryInformation 0 bytes hidden from API
.
Scan succesvol afgerond
verborgen bestanden: 1
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3996)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\ftpxext.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Cerberus\Cerberus.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rserver30\FamItrfc.Exe
c:\windows\RTHDCPL.EXE
c:\program files\Lexmark 3100 Series\lxbrbmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Citrix\ICA Client\wfcrun32.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\RapidBIT\cidaemon.exe
.
**************************************************************************
.
Voltooingstijd: 2012-03-07 09:02:35 - machine werd herstart
ComboFix-quarantined-files.txt 2012-03-07 08:02
.
Pre-Run: 148.798.455.808 bytes beschikbaar
Post-Run: 153.039.630.336 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 138C7C98A07DE7AD756499FEE01997F5

Broni · Mar 7, 2012

Looks good.

How is computer doing?

Reinstall AVG and see if it'll complain about anything.

Then....

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
serial.sys
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

arnoldkooiker · Mar 7, 2012

Good to hear it looks good. So far no complaints, everythings seems to work as it should be. I'm now reinstalling AVG. I'll get back to you after that, to tell you how that works out and then proceed to OTL.

arnoldkooiker · Mar 7, 2012

AVG reinstall

After reinstalling AVG I ran a full computer scan and an anti-rootkit scan. The latter didn't turn up anything, but on the full computer scan it came up with an infection of the c:\windows\system32\drivers\serial.sys. I've copied the scanresult and put it here below (between []-brackets I've put a translation to english of the dutch messages).

Can I still proceed to the OTL-step as you instructed above? Or maybe should I perform something else first?

Besides this, everything still seems to work okay and no problems encountered yet. Also so far no new AVG detections of the original problem (but I realize it might be far to early to jump to any conclusion)

==============================================
Infections:

"";"C:\WINDOWS\system32\DRIVERS\serial.sys";"Trojan horse PSW.Agent.ASTO";"Object staat op de witte lijst [Object is on white list] (systeemkritisch bestand/systeembestand dat niet verwijderd moet worden) [systemcritical file that cannot be removed]"
"";"C:\WINDOWS\system32\drivers\serial.sys";"Trojan horse PSW.Agent.ASTO";"Object staat op de witte lijst [Object is on white list] (systeemkritisch bestand/systeembestand dat niet verwijderd moet worden) [systemcritical file that cannot be removed]"

Warnings:
"";"HKLM\SYSTEM\CurrentControlSet\services\Serial";"Registersleutel gevonden met verwijzing naar geïnfecteerd bestand [Registerkey found directing to infected file] C:\WINDOWS\system32\DRIVERS\serial.sys";"Verplaatst naar de quarantaine" [Moved to quarantaine]

Broni · Mar 7, 2012

We'll check on that file.
I adjusted OTL script so you can run it now.

arnoldkooiker · Mar 7, 2012

Thanks, I've seen the modification at the end. I'll run it tomorrow (it's almost 12 a.m. here now)

Broni · Mar 7, 2012

No problem

arnoldkooiker · Mar 8, 2012

OTL.txt - part 1

OTL logfile created on: 8-3-2012 20:07:01 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\user\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,87 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 70,86% Memory free
3,72 Gb Paging File | 3,18 Gb Available in Paging File | 85,48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 142,06 Gb Free Space | 30,50% Space Free | Partition Type: NTFS
Drive D: | 225,07 Gb Total Space | 31,05 Gb Free Space | 13,80% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-03-07 21:07:25 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Bureaublad\OTL.exe
PRC - [2012-03-07 20:36:39 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012-03-07 20:36:39 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2012-01-24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-10-10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011-02-05 21:19:13 | 000,494,592 | --S- | M] (BitMicro Software Corporation) -- C:\Program Files\RapidBIT\cidaemon.exe
PRC - [2010-03-11 00:22:04 | 000,599,408 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010-03-11 00:21:16 | 000,300,400 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2008-04-14 21:33:00 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-02-02 14:40:20 | 000,100,504 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\FamItrfc.Exe
PRC - [2007-02-02 14:35:06 | 001,235,032 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\rserver3.exe
PRC - [2006-01-19 15:54:34 | 000,925,696 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
PRC - [2004-09-22 22:17:18 | 000,815,104 | ---- | M] (Grant Averett) -- C:\Program Files\Cerberus\Cerberus.exe
PRC - [2003-09-04 03:30:52 | 000,106,496 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
PRC - [2003-09-04 03:11:50 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
PRC - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

========== Modules (No Company Name) ==========

MOD - [2012-03-07 20:36:39 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-03-07 20:36:39 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
MOD - [2012-02-15 09:05:18 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012-02-15 09:05:03 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
MOD - [2012-02-15 09:04:12 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
MOD - [2012-02-15 09:03:59 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012-02-15 09:01:53 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012-02-15 09:01:49 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012-02-15 09:01:37 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012-02-15 09:01:22 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
MOD - [2012-02-15 08:59:31 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012-02-14 23:22:18 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012-02-14 23:22:14 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2012-02-14 23:22:12 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011-10-14 02:08:06 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2010-02-17 19:57:19 | 000,022,016 | ---- | M] () -- C:\WINDOWS\system32\rserver30\R3GOD.DLL
MOD - [2008-03-23 00:01:42 | 000,026,576 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vshell32.dll
MOD - [2008-03-23 00:01:40 | 000,040,400 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vuser32.dll
MOD - [2008-03-23 00:01:40 | 000,011,216 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vuxtheme.dll
MOD - [2008-03-23 00:01:36 | 000,082,384 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vntdll.dll
MOD - [2008-03-23 00:01:36 | 000,058,320 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vkernel32.dll
MOD - [2008-03-23 00:01:34 | 000,019,920 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vmsvcrt.dll
MOD - [2008-03-23 00:01:32 | 000,046,032 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vadvapi32.dll
MOD - [2008-03-23 00:01:30 | 000,047,056 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vgdiplus.dll
MOD - [2008-03-23 00:01:30 | 000,008,144 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vdwmapi.dll
MOD - [2008-03-23 00:00:36 | 000,096,208 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vcomctl32.dll
MOD - [2008-01-30 11:19:30 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2635.38726__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2635.38926__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,229,376 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2635.38683__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,184,320 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2635.38740__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2635.38956__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2635.38945__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2635.38717__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2635.38739__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2635.38702__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,015,872 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2635.38839__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:29 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2635.38985__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:29 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2635.38913__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2635.38991__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2635.38733__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2635.38918__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:29 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2635.38697__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2635.38911__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:29 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2635.38902__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:29 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2635.38732__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,913,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2635.38951__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,667,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2635.38850__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,651,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2635.38906__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,577,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2635.38754__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,475,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2635.38842__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2635.38704__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2635.38932__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:28 | 000,319,488 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2635.38834__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2635.38747__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2635.38870__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2635.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2635.38846__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2635.38846__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2635.38759__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2635.38869__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2635.38888__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2613.19911__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2613.19938__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2613.19938__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2613.19946__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008-01-30 11:19:27 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2613.19937__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2613.19903__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2613.19914__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2613.19936__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008-01-30 11:19:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2613.19946__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2613.19936__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2635.39013__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008-01-30 11:19:27 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2613.19902__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2613.19973__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008-01-30 11:19:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2613.19924__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2613.19906__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2613.19923__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2613.19922__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2613.19937__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2613.19902__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2613.19937__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2613.19921__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2613.19911__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2613.19910__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2613.19931__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2613.19921__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2613.19938__90ba9c70f846762e\DEM.OS.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2613.19934__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2613.19924__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2613.19916__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008-01-30 11:19:26 | 000,466,944 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2635.38712__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008-01-30 11:19:26 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2635.38969__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008-01-30 11:19:26 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2635.38682__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008-01-30 11:19:26 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2635.38968__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008-01-30 11:19:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2613.19921__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008-01-30 11:19:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2613.19906__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008-01-30 11:19:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2613.19944__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008-01-30 11:19:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2613.19922__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008-01-30 11:19:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2613.19908__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008-01-30 11:19:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2613.19916__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008-01-30 11:19:25 | 001,404,928 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2635.38692__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008-01-30 11:19:25 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2635.38682__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008-01-30 11:19:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2635.38680__90ba9c70f846762e\AEM.Server.dll
MOD - [2008-01-30 11:19:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2613.19912__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008-01-30 11:19:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008-01-30 11:19:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2613.19938__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008-01-30 11:19:25 | 000,019,968 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2635.38969__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2006-01-18 13:09:40 | 000,045,056 | ---- | M] () -- C:\Program Files\SAGEM WiFi manager\ZDWlan.dll
MOD - [2006-01-18 13:09:36 | 000,212,992 | ---- | M] () -- C:\Program Files\SAGEM WiFi manager\dot1x_dll.dll
MOD - [2003-09-04 03:11:58 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 3100 Series\mcrdchkr.dll
MOD - [2003-09-04 03:11:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3100 Series\regutil.dll
MOD - [2003-07-29 10:45:10 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBRPP5C.DLL
MOD - [2003-06-23 10:01:48 | 000,049,152 | ---- | M] () -- C:\Program Files\Lexmark 3100 Series\ConvDIB.dll
MOD - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ZTEusbmdm6k)
SRV - File not found [Auto | Stopped] -- -- (ZSMC211)
SRV - File not found [Auto | Stopped] -- -- (zpsc)
SRV - File not found [Auto | Stopped] -- -- (zntport)
SRV - File not found [Auto | Stopped] -- -- (zebrsce)
SRV - File not found [Auto | Stopped] -- -- (ypcservice)
SRV - File not found [Auto | Stopped] -- -- (yats32)
SRV - File not found [Auto | Stopped] -- -- (WNCPKT)
SRV - File not found [Auto | Stopped] -- -- (WmVirHid)
SRV - File not found [Auto | Stopped] -- -- (WmUsbHid)
SRV - File not found [Auto | Stopped] -- -- (WmiAcpi)
SRV - File not found [Auto | Stopped] -- -- (wmccds)
SRV - File not found [Auto | Stopped] -- -- (WLAN_USB)
SRV - File not found [Auto | Stopped] -- -- (winpower)
SRV - File not found [Auto | Stopped] -- -- (WINFLASH)
SRV - File not found [Auto | Stopped] -- -- (wg6n)
SRV - File not found [Auto | Stopped] -- -- (websenseusagemonitor)
SRV - File not found [Auto | Stopped] -- -- (websenseclientdeployservice)
SRV - File not found [Auto | Stopped] -- -- (webrootspysweeperservice)
SRV - File not found [Auto | Stopped] -- -- (webfilter)
SRV - File not found [Auto | Stopped] -- -- (Wdf01000)
SRV - File not found [Auto | Stopped] -- -- (WD_FireWire_HID)
SRV - File not found [Auto | Stopped] -- -- (WavxDMgr)
SRV - File not found [Auto | Stopped] -- -- (WaveEnrollmentService)
SRV - File not found [Auto | Stopped] -- -- (wacomvhid)
SRV - File not found [Auto | Stopped] -- -- (w810obex)
SRV - File not found [Auto | Stopped] -- -- (w550mdfl)
SRV - File not found [Auto | Stopped] -- -- (w550bus)
SRV - File not found [Auto | Stopped] -- -- (w300bus)
SRV - File not found [Auto | Stopped] -- -- (w200obex)
SRV - File not found [Auto | Stopped] -- -- (vwlogger)
SRV - File not found [Auto | Stopped] -- -- (vpcnets2)
SRV - File not found [Auto | Stopped] -- -- (vncmirror)
SRV - File not found [Auto | Stopped] -- -- (vmx86)
SRV - File not found [Auto | Stopped] -- -- (vmkbd2)
SRV - File not found [Auto | Stopped] -- -- (viamraid)
SRV - File not found [Auto | Stopped] -- -- (viagfx)
SRV - File not found [Auto | Stopped] -- -- (viaagp1)
SRV - File not found [Auto | Stopped] -- -- (vcsw)
SRV - File not found [Auto | Stopped] -- -- (vaiomediaplatform-photoserver-appserver)
SRV - File not found [Auto | Stopped] -- -- (v2imount)
SRV - File not found [Auto | Stopped] -- -- (usnsvc)
SRV - File not found [Auto | Stopped] -- -- (USBVCD)
SRV - File not found [Auto | Stopped] -- -- (USBMN1X1)
SRV - File not found [Auto | Stopped] -- -- (USBCamera)
SRV - File not found [Auto | Stopped] -- -- (usb20l)
SRV - File not found [Auto | Stopped] -- -- (us30sys)
SRV - File not found [Auto | Stopped] -- -- (upperdev)
SRV - File not found [Auto | Stopped] -- -- (uhcd)
SRV - File not found [Auto | Stopped] -- -- (UCTblHid)
SRV - File not found [Auto | Stopped] -- -- (U2SP)
SRV - File not found [Auto | Stopped] -- -- (tvichw32)
SRV - File not found [Auto | Stopped] -- -- (tsircsrv)
SRV - File not found [Auto | Stopped] -- -- (TryAndDecideService)
SRV - File not found [Auto | Stopped] -- -- (trufos)
SRV - File not found [Auto | Stopped] -- -- (traprcvr)
SRV - File not found [Auto | Stopped] -- -- (transbaseservice)
SRV - File not found [Auto | Stopped] -- -- (trackcam4)
SRV - File not found [Auto | Stopped] -- -- (tpsrv)
SRV - File not found [Auto | Stopped] -- -- (tphkdrv)
SRV - File not found [Auto | Stopped] -- -- (tphdexlgsvc)
SRV - File not found [Auto | Stopped] -- -- (tosrfnds)
SRV - File not found [Auto | Stopped] -- -- (tosrfbd)
SRV - File not found [Auto | Stopped] -- -- (tdimsys)
SRV - File not found [Auto | Stopped] -- -- (taphss)
SRV - File not found [Auto | Stopped] -- -- (tapeware)
SRV - File not found [Auto | Stopped] -- -- (symwsc)
SRV - File not found [Auto | Stopped] -- -- (SymIM)
SRV - File not found [Auto | Stopped] -- -- (symids)
SRV - File not found [Auto | Stopped] -- -- (symantecantibotwatcher)
SRV - File not found [Auto | Stopped] -- -- (superproserver)
SRV - File not found [Auto | Stopped] -- -- (SunkFilt39)
SRV - File not found [Auto | Stopped] -- -- (stunnel)
SRV - File not found [Auto | Stopped] -- -- (streamloadservice)
SRV - File not found [Auto | Stopped] -- -- (sthda)
SRV - File not found [Auto | Stopped] -- -- (starwindserviceae)
SRV - File not found [Auto | Stopped] -- -- (ssscsisv)
SRV - File not found [Auto | Stopped] -- -- (ssm_bus)
SRV - File not found [Auto | Stopped] -- -- (SSFS0BB9)
SRV - File not found [Auto | Stopped] -- -- (ssdiagn)
SRV - File not found [Auto | Stopped] -- -- (sqlagent$sony_mediamgr)
SRV - File not found [Auto | Stopped] -- -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - File not found [Auto | Stopped] -- -- (sonywbms)
SRV - File not found [Auto | Stopped] -- -- (sonicstagemonitoring)
SRV - File not found [Auto | Stopped] -- -- (snoopfree)
SRV - File not found [Auto | Stopped] -- -- (sndsrvc)
SRV - File not found [Auto | Stopped] -- -- (Slpsvdr)
SRV - File not found [Auto | Stopped] -- -- (Sk99202k)
SRV - File not found [Auto | Stopped] -- -- (SilverLink)
SRV - File not found [Auto | Stopped] -- -- (ShockMgr)
SRV - File not found [Auto | Stopped] -- -- (sfhlp01)
SRV - File not found [Auto | Stopped] -- -- (SfCtlCom)
SRV - File not found [Auto | Stopped] -- -- (SetupNT)
SRV - File not found [Auto | Stopped] -- -- (servicelayer)
SRV - File not found [Auto | Stopped] -- -- (sermouse)
SRV - File not found [Auto | Stopped] -- -- (se59unic)
SRV - File not found [Auto | Stopped] -- -- (se58nd5)
SRV - File not found [Auto | Stopped] -- -- (se58mdm)
SRV - File not found [Auto | Stopped] -- -- (se45obex)
SRV - File not found [Auto | Stopped] -- -- (SE2Dmgmt)
SRV - File not found [Auto | Stopped] -- -- (SE2Dbus)
SRV - File not found [Auto | Stopped] -- -- (SE2Cobex)
SRV - File not found [Auto | Stopped] -- -- (SE2Bmdm)
SRV - File not found [Auto | Stopped] -- -- (SE27mgmt)
SRV - File not found [Auto | Stopped] -- -- (SE27mdfl)
SRV - File not found [Auto | Stopped] -- -- (scanexplicit)
SRV - File not found [Auto | Stopped] -- -- (sbhooksvc)
SRV - File not found [Auto | Stopped] -- -- (SbcpHid)
SRV - File not found [Auto | Stopped] -- -- (SaiH040B)
SRV - File not found [Auto | Stopped] -- -- (SaiClass)
SRV - File not found [Auto | Stopped] -- -- (S7oppilx)
SRV - File not found [Auto | Stopped] -- -- (s616nd5)
SRV - File not found [Auto | Stopped] -- -- (s217unic)
SRV - File not found [Auto | Stopped] -- -- (s125obex)
SRV - File not found [Auto | Stopped] -- -- (s125bus)
SRV - File not found [Auto | Stopped] -- -- (s117unic)
SRV - File not found [Auto | Stopped] -- -- (s116unic)
SRV - File not found [Auto | Stopped] -- -- (s116obex)
SRV - File not found [Auto | Stopped] -- -- (RVIEG01)
SRV - File not found [Auto | Stopped] -- -- (rtl8029)
SRV - File not found [Auto | Stopped] -- -- (RTHDMIAzAudService)
SRV - File not found [Auto | Stopped] -- -- (rpskt)
SRV - File not found [Auto | Stopped] -- -- (rkhdrv31)
SRV - File not found [Auto | Stopped] -- -- (RivaTuner32)
SRV - File not found [Auto | Stopped] -- -- (rismxdp)
SRV - File not found [Auto | Stopped] -- -- (rimusb)
SRV - File not found [Auto | Stopped] -- -- (rimmptsk)
SRV - File not found [Auto | Stopped] -- -- (revudfservice)
SRV - File not found [Auto | Stopped] -- -- (REVOSENS)
SRV - File not found [Auto | Stopped] -- -- (regsrvc)
SRV - File not found [Auto | Stopped] -- -- (raysatxsi5_0server)
SRV - File not found [Auto | Stopped] -- -- (radclock)
SRV - File not found [Auto | Stopped] -- -- (QWAVE)
SRV - File not found [Auto | Stopped] -- -- (qmofiltr)
SRV - File not found [Auto | Stopped] -- -- (ql2100)
SRV - File not found [Auto | Stopped] -- -- (qconsvc)
SRV - File not found [Auto | Stopped] -- -- (qcmerced)
SRV - File not found [Auto | Stopped] -- -- (pwd_2K)
SRV - File not found [Auto | Stopped] -- -- (PTDCMdm)
SRV - File not found [Auto | Stopped] -- -- (psasrv)
SRV - File not found [Auto | Stopped] -- -- (psadd)
SRV - File not found [Auto | Stopped] -- -- (procexp90)
SRV - File not found [Auto | Stopped] -- -- (pptchpad)
SRV - File not found [Auto | Stopped] -- -- (pnmsrv)
SRV - File not found [Auto | Stopped] -- -- (pmshellsrv)
SRV - File not found [Auto | Stopped] -- -- (pinnaclemarvinusb)
SRV - File not found [Auto | Stopped] -- -- (pinetmgr)
SRV - File not found [Auto | Stopped] -- -- (PID_08A0)
SRV - File not found [Auto | Stopped] -- -- (pgsql-8.0)
SRV - File not found [Auto | Stopped] -- -- (PGPwded)
SRV - File not found [Auto | Stopped] -- -- (PGPdisk)
SRV - File not found [Auto | Stopped] -- -- (pelmouse)
SRV - File not found [Auto | Stopped] -- -- (pdlndsdl)
SRV - File not found [Auto | Stopped] -- -- (pdlncbas)
SRV - File not found [Auto | Stopped] -- -- (pdengine)
SRV - File not found [Auto | Stopped] -- -- (PCISys)
SRV - File not found [Auto | Stopped] -- -- (papycpu2)
SRV - File not found [Auto | Stopped] -- -- (PAC7302)
SRV - File not found [Auto | Stopped] -- -- (p3)
SRV - File not found [Auto | Stopped] -- -- (p17xfilt)
SRV - File not found [Auto | Stopped] -- -- (p1110vid)
SRV - File not found [Auto | Stopped] -- -- (ose)
SRV - File not found [Auto | Stopped] -- -- (oraclexeclragent)
SRV - File not found [Auto | Stopped] -- -- (oracleorahomemanagementserver)
SRV - File not found [Auto | Stopped] -- -- (oracle_load_balancer_60_client-forms6i)
SRV - File not found [Auto | Stopped] -- -- (ONSIO)
SRV - File not found [Auto | Stopped] -- -- (omsad)
SRV - File not found [Auto | Stopped] -- -- (omniserv)
SRV - File not found [Auto | Stopped] -- -- (omnidrv)
SRV - File not found [Auto | Stopped] -- -- (olregcap)
SRV - File not found [Auto | Stopped] -- -- (ofcpfwsvc)
SRV - File not found [Auto | Stopped] -- -- (NWSAP)
SRV - File not found [Auto | Stopped] -- -- (nvnetbus)
SRV - File not found [Auto | Stopped] -- -- (NvNdis)
SRV - File not found [Auto | Stopped] -- -- (nvax)
SRV - File not found [Auto | Stopped] -- -- (ntgrip)
SRV - File not found [Auto | Stopped] -- -- (nsausvc)
SRV - File not found [Auto | Stopped] -- -- (npkcsvc)
SRV - File not found [Auto | Stopped] -- -- (noipducservice)
SRV - File not found [Auto | Stopped] -- -- (nocashio)
SRV - File not found [Auto | Stopped] -- -- (nmservice)
SRV - File not found [Auto | Stopped] -- -- (nlsvc)
SRV - File not found [Auto | Stopped] -- -- (nimxdfk)
SRV - File not found [Auto | Stopped] -- -- (netwg311)
SRV - File not found [Auto | Stopped] -- -- (NETw5x32)
SRV - File not found [Auto | Stopped] -- -- (ndasbus)
SRV - File not found [Auto | Stopped] -- -- (NCPro)
SRV - File not found [Auto | Stopped] -- -- (naveng)
SRV - File not found [Auto | Stopped] -- -- (naimagent32)
SRV - File not found [Auto | Stopped] -- -- (mwsejcap)
SRV - File not found [Auto | Stopped] -- -- (mvserver)
SRV - File not found [Auto | Stopped] -- -- (MTDVC2_ENUM)
SRV - File not found [Auto | Stopped] -- -- (MSW_USB)
SRV - File not found [Auto | Stopped] -- -- (mssql$microsoftbcm)
SRV - File not found [Auto | Stopped] -- -- (msmframework)
SRV - File not found [Auto | Stopped] -- -- (mrvw245)
SRV - File not found [Auto | Stopped] -- -- (MRV6X32P)
SRV - File not found [Auto | Stopped] -- -- (mrpostman)
SRV - File not found [Auto | Stopped] -- -- (MRESP50)
SRV - File not found [Auto | Stopped] -- -- (MRENDIS5)
SRV - File not found [Auto | Stopped] -- -- (mpfirewl)
SRV - File not found [Auto | Stopped] -- -- (MobilePreInstallerService)
SRV - File not found [Auto | Stopped] -- -- (mmc_2K)
SRV - File not found [Auto | Stopped] -- -- (mlkkbdntdriver)
SRV - File not found [Auto | Stopped] -- -- (mksupdateint)
SRV - File not found [Auto | Stopped] -- -- (mi-raysat_3dsMax2008_32)
SRV - File not found [Auto | Stopped] -- -- (minilog)
SRV - File not found [Auto | Stopped] -- -- (mgisvr)
SRV - File not found [Auto | Stopped] -- -- (mfebopk)
SRV - File not found [Auto | Stopped] -- -- (merakpop3)
SRV - File not found [Auto | Stopped] -- -- (MegaSR)
SRV - File not found [Auto | Stopped] -- -- (mcupdmgr.exe)
SRV - File not found [Auto | Stopped] -- -- (mcsysmon)
SRV - File not found [Auto | Stopped] -- -- (mcnasvc)
SRV - File not found [Auto | Stopped] -- -- (mcdbus)
SRV - File not found [Auto | Stopped] -- -- (McciCMService)
SRV - File not found [Auto | Stopped] -- -- (mcafeeantispyware)
SRV - File not found [Auto | Stopped] -- -- (marvinbus)
SRV - File not found [Auto | Stopped] -- -- (Maplom)
SRV - File not found [Auto | Stopped] -- -- (MA_CMIDI)
SRV - File not found [Auto | Stopped] -- -- (lxdj_device)
SRV - File not found [Auto | Stopped] -- -- (lwwlicenseservice)
SRV - File not found [Auto | Stopped] -- -- (lvprcsrv)
SRV - File not found [Auto | Stopped] -- -- (logonsvcid)
SRV - File not found [Auto | Stopped] -- -- (LMIRfsDriver)
SRV - File not found [Auto | Stopped] -- -- (lktimesync)
SRV - File not found [Auto | Stopped] -- -- (konfig)
SRV - File not found [Auto | Stopped] -- -- (KMWDFilter)
SRV - File not found [Auto | Stopped] -- -- (k750mdm)
SRV - File not found [Auto | Stopped] -- -- (k750mdfl)
SRV - File not found [Auto | Stopped] -- -- (jtagserver)
SRV - File not found [Auto | Stopped] -- -- (ixiaendpoint)
SRV - File not found [Auto | Stopped] -- -- (IWCA)
SRV - File not found [Auto | Stopped] -- -- (iviregmgr)
SRV - File not found [Auto | Stopped] -- -- (ISODrive)
SRV - File not found [Auto | Stopped] -- -- (isdrv120)
SRV - File not found [Auto | Stopped] -- -- (irmon)
SRV - File not found [Auto | Stopped] -- -- (ireike)
SRV - File not found [Auto | Stopped] -- -- (IntuitUpdateService)
SRV - File not found [Auto | Stopped] -- -- (int15)
SRV - File not found [Auto | Stopped] -- -- (inspect)
SRV - File not found [Auto | Stopped] -- -- (imagesrv)
SRV - File not found [Auto | Stopped] -- -- (ilicensesvc)
SRV - File not found [Auto | Stopped] -- -- (igateway)
SRV - File not found [Auto | Stopped] -- -- (idebusdr)
SRV - File not found [Auto | Stopped] -- -- (iaimtv3)
SRV - File not found [Auto | Stopped] -- -- (iaimfp4)
SRV - File not found [Auto | Stopped] -- -- (iaantmon)
SRV - File not found [Auto | Stopped] -- -- (HWSCtrl)
SRV - File not found [Auto | Stopped] -- -- (hsxhwazl)
SRV - File not found [Auto | Stopped] -- -- (hsvcmod)
SRV - File not found [Auto | Stopped] -- -- (hsf_msft)
SRV - File not found [Auto | Stopped] -- -- (HPFXBULK)
SRV - File not found [Auto | Stopped] -- -- (Hotkey)
SRV - File not found [Auto | Stopped] -- -- (hidbatt)
SRV - File not found [Auto | Stopped] -- -- (helpsvc)
SRV - File not found [Auto | Stopped] -- -- (hcf_msft)
SRV - File not found [Auto | Stopped] -- -- (HBtnKey)
SRV - File not found [Auto | Stopped] -- -- (ha20x2k)
SRV - File not found [Auto | Stopped] -- -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- -- (gupdatem) Google Update-service (gupdatem)
SRV - File not found [Auto | Stopped] -- -- (gupdate) Google Updateservice (gupdate)
SRV - File not found [Auto | Stopped] -- -- (GTWModem)
SRV - File not found [Auto | Stopped] -- -- (govsrv)
SRV - File not found [Auto | Stopped] -- -- (GoBack2K)
SRV - File not found [Auto | Stopped] -- -- (FVNETusb)
SRV - File not found [Auto | Stopped] -- -- (fuj02b1)
SRV - File not found [Auto | Stopped] -- -- (ftpqueue)
SRV - File not found [Auto | Stopped] -- -- (forcewarewebinterface)
SRV - File not found [Auto | Stopped] -- -- (FontCache3.0.0.0.)
SRV - File not found [Auto | Stopped] -- -- (fingrd32)
SRV - File not found [Auto | Stopped] -- -- (FETNDIS)
SRV - File not found [Auto | Stopped] -- -- (fallback)
SRV - File not found [Auto | Stopped] -- -- (fa_scheduler)
SRV - File not found [Auto | Stopped] -- -- (F700iob)
SRV - File not found [Auto | Stopped] -- -- (EPSON_EB_RPCV4_01)
SRV - File not found [Auto | Stopped] -- -- (EpmPsd)
SRV - File not found [Auto | Stopped] -- -- (enethusb)
SRV - File not found [Auto | Stopped] -- -- (emupia)
SRV - File not found [Auto | Stopped] -- -- (emu10k1)
SRV - File not found [Auto | Stopped] -- -- (ELhid)
SRV - File not found [Auto | Stopped] -- -- (EL2000)
SRV - File not found [Auto | Stopped] -- -- (ec2007service)
SRV - File not found [Auto | Stopped] -- -- (eamon)
SRV - File not found [Auto | Stopped] -- -- (EACSys)
SRV - File not found [Auto | Stopped] -- -- (dvpapi)
SRV - File not found [Auto | Stopped] -- -- (DSI_SiUSBXp_3_1)
SRV - File not found [Auto | Stopped] -- -- (dot4print)
SRV - File not found [Auto | Stopped] -- -- (dlcf_device)
SRV - File not found [Auto | Stopped] -- -- (dladresn)
SRV - File not found [Auto | Stopped] -- -- (dlacdbhm)
SRV - File not found [Auto | Stopped] -- -- (digictrl)
SRV - File not found [Auto | Stopped] -- -- (DfwWebAgent)
SRV - File not found [Auto | Stopped] -- -- (defragfs)
SRV - File not found [Auto | Stopped] -- -- (Defrag32b)
SRV - File not found [Auto | Stopped] -- -- (dcsloader)
SRV - File not found [Auto | Stopped] -- -- (DCamUSBSQTECH)
SRV - File not found [Auto | Stopped] -- -- (DCamUSBGrandTek)
SRV - File not found [Auto | Stopped] -- -- (CYGF32X)
SRV - File not found [Auto | Stopped] -- -- (CXTUNE)
SRV - File not found [Auto | Stopped] -- -- (cwcspud)
SRV - File not found [Auto | Stopped] -- -- (cwafadmincontroller)
SRV - File not found [Auto | Stopped] -- -- (cvsnt)
SRV - File not found [Auto | Stopped] -- -- (CVirtA)
SRV - File not found [Auto | Stopped] -- -- (ctxcpuusync)
SRV - File not found [Auto | Stopped] -- -- (ctprxy2k)
SRV - File not found [Auto | Stopped] -- -- (CTHWIUT.DLL)
SRV - File not found [Auto | Stopped] -- -- (CTDevice_Srv)
SRV - File not found [Auto | Stopped] -- -- (CSRBC)
SRV - File not found [Auto | Stopped] -- -- (cpqnicmgmt)
SRV - File not found [Auto | Stopped] -- -- (cpqdfw)
SRV - File not found [Auto | Stopped] -- -- (cpntsrv)
SRV - File not found [Auto | Stopped] -- -- (CnxTrUsb)
SRV - File not found [Auto | Stopped] -- -- (cmudau)
SRV - File not found [Auto | Stopped] -- -- (clsched)
SRV - File not found [Auto | Stopped] -- -- (ClntMgmt.sys)
SRV - File not found [Auto | Stopped] -- -- (clnt_clientman)
SRV - File not found [Auto | Stopped] -- -- (cidaemon)
SRV - File not found [Auto | Stopped] -- -- (cfosspeed)
SRV - File not found [Auto | Stopped] -- -- (cercsr6)
SRV - File not found [Auto | Stopped] -- -- (cdrbsdrv)
SRV - File not found [Auto | Stopped] -- -- (ccpwdsvc)
SRV - File not found [Auto | Stopped] -- -- (carboniteservice)
SRV - File not found [Auto | Stopped] -- -- (ca-messagequeuing)
SRV - File not found [Auto | Stopped] -- -- (bwmservice)
SRV - File not found [Auto | Stopped] -- -- (bwcsrv)
SRV - File not found [Auto | Stopped] -- -- (btwdndis)
SRV - File not found [Auto | Stopped] -- -- (btwaudio)
SRV - File not found [Auto | Stopped] -- -- (btfirst)
SRV - File not found [Auto | Stopped] -- -- (BrUsbSer)
SRV - File not found [Auto | Stopped] -- -- (BrPar)
SRV - File not found [Auto | Stopped] -- -- (botcbs)
SRV - File not found [Auto | Stopped] -- -- (blueletscoaudio)
SRV - File not found [Auto | Stopped] -- -- (belgium_id_card_service)
SRV - File not found [Auto | Stopped] -- -- (bdselfpr)
SRV - File not found [Auto | Stopped] -- -- (bdpredir)
SRV - File not found [Auto | Stopped] -- -- (BcmSqlStartupSvc)
SRV - File not found [Auto | Stopped] -- -- (bcftdi)
SRV - File not found [Auto | Stopped] -- -- (bc_pat_f)
SRV - File not found [Auto | Stopped] -- -- (bc_ip_f)
SRV - File not found [Auto | Stopped] -- -- (basic2)
SRV - File not found [Auto | Stopped] -- -- (backupexecnamingservice)
SRV - File not found [Auto | Stopped] -- -- (backupexecdevicemediaservice)
SRV - File not found [Auto | Stopped] -- -- (backupexecalertserver)
SRV - File not found [Auto | Stopped] -- -- (b57w2k)
SRV - File not found [Auto | Stopped] -- -- (awhost32)
SRV - File not found [Auto | Stopped] -- -- (avupdsvc)
SRV - File not found [Auto | Stopped] -- -- (avidsdmservice)
SRV - File not found [Auto | Stopped] -- -- (avg7updsvc)
SRV - File not found [Auto | Stopped] -- -- (avg7rsw)
SRV - File not found [Auto | Stopped] -- -- (avg7core)
SRV - File not found [Auto | Stopped] -- -- (AVerBDA)
SRV - File not found [Auto | Stopped] -- -- (avcgbdr)
SRV - File not found [Auto | Stopped] -- -- (autocomplete)
SRV - File not found [Auto | Stopped] -- -- (ATMsg)
SRV - File not found [Auto | Stopped] -- -- (atitunep)
SRV - File not found [Auto | Stopped] -- -- (ati2mtaa)
SRV - File not found [Auto | Stopped] -- -- (AtcL002)
SRV - File not found [Auto | Stopped] -- -- (aswtdi)
SRV - File not found [Auto | Stopped] -- -- (aswlsvc)
SRV - File not found [Auto | Stopped] -- -- (AsusACPI)
SRV - File not found [Auto | Stopped] -- -- (asmagent)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (aolavupd)
SRV - File not found [Auto | Stopped] -- -- (anio)
SRV - File not found [Auto | Stopped] -- -- (amoagent)
SRV - File not found [Auto | Stopped] -- -- (amdk77)
SRV - File not found [Auto | Stopped] -- -- (alertservice)
SRV - File not found [Auto | Stopped] -- -- (alcaudsl)
SRV - File not found [Auto | Stopped] -- -- (AFGSp50)
SRV - File not found [Auto | Stopped] -- -- (aeaudio)
SRV - File not found [Auto | Stopped] -- -- (adpu320)
SRV - File not found [Auto | Stopped] -- -- (admjoy)
SRV - File not found [Auto | Stopped] -- -- (AdfuUd)
SRV - File not found [Auto | Stopped] -- -- (adaptecstoragemanageragent)
SRV - File not found [Auto | Stopped] -- -- (aamqdispatcher)
SRV - File not found [Auto | Stopped] -- -- (A88xTuner)
SRV - File not found [Auto | Stopped] -- -- ({85ccb53b-23d8-4e73-b1b7-9ddb71827d9b})
SRV - [2012-03-07 20:36:39 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010-07-16 16:23:30 | 006,638,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2009-05-17 05:16:24 | 000,041,984 | --S- | M] (BitMicro Software Corporation) [Auto | Stopped] -- C:\Program Files\RapidBIT\cisvc.exe -- (FlexService)
SRV - [2007-02-02 14:35:06 | 001,235,032 | ---- | M] (Famatech International Corp.) [Auto | Running] -- C:\WINDOWS\System32\rserver30\RServer3.exe -- (RServer3)
SRV - [2004-09-22 22:17:18 | 000,815,104 | ---- | M] (Grant Averett) [Auto | Running] -- C:\Program Files\Cerberus\Cerberus.exe -- (Cerberus FTP Server)

arnoldkooiker · Mar 8, 2012

OTL.txt - part 2

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZDPNDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZDCndis5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCLEPCI)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PCANDIS5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (FXDrv32)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-07-11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2009-10-05 10:08:42 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2008-04-13 23:16:10 | 000,049,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mstape.sys -- (MSTAPE)
DRV - [2008-04-13 23:16:08 | 000,013,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2007-05-31 08:19:22 | 000,096,896 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-03-02 21:53:19 | 001,972,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007-03-01 10:27:26 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-02-02 14:54:26 | 000,041,176 | ---- | M] (Famatech International Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2006-11-01 04:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2006-10-13 09:16:36 | 000,081,664 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-01-18 13:09:40 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2005-12-22 13:45:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2004-10-08 15:58:00 | 000,751,104 | ---- | M] (Asus) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap713x.sys -- (Cap713x)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-stuurprogramma voor Realtek RTL8139(A/B/C)
DRV - [2004-03-10 15:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

IE - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
IE - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..\SearchScopes,DefaultScope = {15457935-CDA2-498D-ABA2-BB3E0C6C9604}
IE - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..\SearchScopes\{15457935-CDA2-498D-ABA2-BB3E0C6C9604}: "URL" = http://www.google.nl/search?hl=nl&rlz=1G1GGLQ_NLNL286&q={searchTerms}&meta=
IE - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={99458DB6-A93D-4CD5-9080-E4B745F94197}&mid=2d27e4ca70d547d188f7d129f5d83e53-f1b8bc111bf0aabc6f2beb9a758fe9843f208faa&lang=nl&ds=AVG&pr=fr&d=2012-03-07 20:36:41&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.nl"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ [2012-03-07 20:35:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-03-07 20:36:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012-03-07 20:36:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-02 21:53:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-03 19:46:48 | 000,000,000 | ---D | M]

[2008-08-16 13:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2012-02-05 13:43:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\3jf689pd.default\extensions
[2009-09-12 11:20:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\3jf689pd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-02-07 11:42:51 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\3jf689pd.default\extensions\firefox@tvunetworks.com
[2012-02-05 13:43:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-31 22:05:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011-04-03 09:41:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-07-01 18:31:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-02-04 14:31:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012-03-07 20:35:39 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX
[2008-12-02 19:06:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-03-11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2010-03-11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2010-03-11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2010-03-11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2011-11-10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-03-11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2010-03-11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012-03-07 20:36:37 | 000,003,747 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011-02-05 10:17:10 | 000,001,890 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2011-02-05 10:17:10 | 000,004,558 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2011-02-05 10:17:10 | 000,001,111 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\vandale-nl.xml
[2011-02-05 10:17:10 | 000,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml
[2011-02-05 10:17:10 | 000,000,802 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-nl.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\WINDOWS\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\

O1 HOSTS File: ([2012-03-07 08:57:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Lexmark 3100 Series] C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LXBRKsk] C:\Program Files\Lexmark 3100 Series\lxbrksk.exe ( )
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\Winampa.exe ()
O4 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: enschede.nl ([ienoportal] https in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: enschede.nl ([portal] https in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: enschede.nl ([webmail] https in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: localhost ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Ranges: Range2 ([http] in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/43.10/uploader2.cab (UploadListView Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1112288959018 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52503A0F-5C0B-42B1-B77D-EFE140159F74}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A80290E0-1513-4894-83AE-BAB9896987DB}: NameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\rserver30\r3god.dll) - C:\WINDOWS\system32\rserver30\R3GOD.DLL ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Application Data\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Application Data\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-03-31 17:08:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007-01-06 16:59:44 | 000,000,095 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: HPFXBULK - File not found
NetSvcs: vaiomediaplatform-photoserver-appserver - File not found
NetSvcs: regsrvc - File not found
NetSvcs: backupexecalertserver - File not found
NetSvcs: jtagserver - File not found
NetSvcs: SE2Bmdm - File not found
NetSvcs: tapeware - File not found
NetSvcs: symwsc - File not found
NetSvcs: s125obex - File not found
NetSvcs: NvNdis - File not found
NetSvcs: FVNETusb - File not found
NetSvcs: AtcL002 - File not found
NetSvcs: mksupdateint - File not found
NetSvcs: mfebopk - File not found
NetSvcs: w200obex - File not found
NetSvcs: mmc_2K - File not found
NetSvcs: viagfx - File not found
NetSvcs: ELhid - File not found
NetSvcs: se59unic - File not found
NetSvcs: avidsdmservice - File not found
NetSvcs: SaiClass - File not found
NetSvcs: GoBack2K - File not found
NetSvcs: BrPar - File not found
NetSvcs: ql2100 - File not found
NetSvcs: rimmptsk - File not found
NetSvcs: winpower - File not found
NetSvcs: ose - File not found
NetSvcs: WaveEnrollmentService - File not found
NetSvcs: SE2Cobex - File not found
NetSvcs: wmccds - File not found
NetSvcs: pmshellsrv - File not found
NetSvcs: symids - File not found
NetSvcs: mvserver - File not found
NetSvcs: rtl8029 - File not found
NetSvcs: vncmirror - File not found
NetSvcs: MRENDIS5 - File not found
NetSvcs: tphkdrv - File not found
NetSvcs: inspect - File not found
NetSvcs: ccpwdsvc - File not found
NetSvcs: nocashio - File not found
NetSvcs: SE27mdfl - File not found
NetSvcs: viaagp1 - File not found
NetSvcs: sbhooksvc - File not found
NetSvcs: NWSAP - File not found
NetSvcs: clsched - File not found
NetSvcs: gusvc - File not found
NetSvcs: btfirst - File not found
NetSvcs: se45obex - File not found
NetSvcs: bcftdi - File not found
NetSvcs: blueletscoaudio - File not found
NetSvcs: MSW_USB - File not found
NetSvcs: SaiH040B - File not found
NetSvcs: Defrag32b - File not found
NetSvcs: ilicensesvc - File not found
NetSvcs: ssdiagn - File not found
NetSvcs: nvax - File not found
NetSvcs: isdrv120 - File not found
NetSvcs: cidaemon - File not found
NetSvcs: F700iob - File not found
NetSvcs: tsircsrv - File not found
NetSvcs: wacomvhid - File not found
NetSvcs: AVerBDA - File not found
NetSvcs: SbcpHid - File not found
NetSvcs: k750mdfl - File not found
NetSvcs: yats32 - File not found
NetSvcs: logonsvcid - File not found
NetSvcs: EACSys - File not found
NetSvcs: w550bus - File not found
NetSvcs: starwindserviceae - File not found
NetSvcs: awhost32 - File not found
NetSvcs: adpu320 - File not found
NetSvcs: ZSMC211 - File not found
NetSvcs: clnt_clientman - File not found
NetSvcs: taphss - File not found
NetSvcs: aamqdispatcher - File not found
NetSvcs: SE2Dmgmt - File not found
NetSvcs: int15 - File not found
NetSvcs: radclock - File not found
NetSvcs: FETNDIS - File not found
NetSvcs: adaptecstoragemanageragent - File not found
NetSvcs: iaimfp4 - File not found
NetSvcs: digictrl - File not found
NetSvcs: amdk77 - File not found
NetSvcs: sermouse - File not found
NetSvcs: dot4print - File not found
NetSvcs: w300bus - File not found
NetSvcs: lxdj_device - File not found
NetSvcs: iviregmgr - File not found
NetSvcs: netwg311 - File not found
NetSvcs: w810obex - File not found
NetSvcs: pdlncbas - File not found
NetSvcs: k750mdm - File not found
NetSvcs: rimusb - File not found
NetSvcs: traprcvr - File not found
NetSvcs: ZTEusbmdm6k - File not found
NetSvcs: IntuitUpdateService - File not found
NetSvcs: nmservice - File not found
NetSvcs: HBtnKey - File not found
NetSvcs: eamon - File not found
NetSvcs: WmUsbHid - File not found
NetSvcs: EPSON_EB_RPCV4_01 - File not found
NetSvcs: QWAVE - File not found
NetSvcs: mlkkbdntdriver - File not found
NetSvcs: aolavupd - File not found
NetSvcs: aswlsvc - File not found
NetSvcs: cercsr6 - File not found
NetSvcs: lvprcsrv - File not found
NetSvcs: PGPwded - File not found
NetSvcs: RVIEG01 - File not found
NetSvcs: bc_pat_f - File not found
NetSvcs: idebusdr - File not found
NetSvcs: dvpapi - File not found
NetSvcs: carboniteservice - File not found
NetSvcs: ntgrip - File not found
NetSvcs: wg6n - File not found
NetSvcs: {85ccb53b-23d8-4e73-b1b7-9ddb71827d9b} - File not found
NetSvcs: avg7updsvc - File not found
NetSvcs: CnxTrUsb - File not found
NetSvcs: marvinbus - File not found
NetSvcs: psadd - File not found
NetSvcs: NETw5x32 - File not found
NetSvcs: stunnel - File not found
NetSvcs: Slpsvdr - File not found
NetSvcs: p1110vid - File not found
NetSvcs: fallback - File not found
NetSvcs: admjoy - File not found
NetSvcs: dlcf_device - File not found
NetSvcs: TryAndDecideService - File not found
NetSvcs: fa_scheduler - File not found
NetSvcs: uhcd - File not found
NetSvcs: MobilePreInstallerService - File not found
NetSvcs: mrvw245 - File not found
NetSvcs: ec2007service - File not found
NetSvcs: WNCPKT - File not found
NetSvcs: mcafeeantispyware - File not found
NetSvcs: belgium_id_card_service - File not found
NetSvcs: btwaudio - File not found
NetSvcs: MA_CMIDI - File not found
NetSvcs: avcgbdr - File not found
NetSvcs: PCISys - File not found
NetSvcs: usnsvc - File not found
NetSvcs: trackcam4 - File not found
NetSvcs: CVirtA - File not found
NetSvcs: ofcpfwsvc - File not found
NetSvcs: botcbs - File not found
NetSvcs: irmon - File not found
NetSvcs: viamraid - File not found
NetSvcs: WLAN_USB - File not found
NetSvcs: PTDCMdm - File not found
NetSvcs: tphdexlgsvc - File not found
NetSvcs: p17xfilt - File not found
NetSvcs: MRESP50 - File not found
NetSvcs: omsad - File not found
NetSvcs: atitunep - File not found
NetSvcs: Hotkey - File not found
NetSvcs: anio - File not found
NetSvcs: dlacdbhm - File not found
NetSvcs: USBVCD - File not found
NetSvcs: SetupNT - File not found
NetSvcs: CTDevice_Srv - File not found
NetSvcs: RTHDMIAzAudService - File not found
NetSvcs: hsvcmod - File not found
NetSvcs: mi-raysat_3dsMax2008_32 - File not found
NetSvcs: s116unic - File not found
NetSvcs: pinnaclemarvinusb - File not found
NetSvcs: ixiaendpoint - File not found
NetSvcs: USBCamera - File not found
NetSvcs: oracleorahomemanagementserver - File not found
NetSvcs: ctprxy2k - File not found
NetSvcs: bc_ip_f - File not found
NetSvcs: konfig - File not found
NetSvcs: S7oppilx - File not found
NetSvcs: WavxDMgr - File not found
NetSvcs: pelmouse - File not found
NetSvcs: rpskt - File not found
NetSvcs: BcmSqlStartupSvc - File not found
NetSvcs: pwd_2K - File not found
NetSvcs: avupdsvc - File not found
NetSvcs: igateway - File not found
NetSvcs: cdrbsdrv - File not found
NetSvcs: papycpu2 - File not found
NetSvcs: oraclexeclragent - File not found
NetSvcs: GTWModem - File not found
NetSvcs: CXTUNE - File not found
NetSvcs: sthda - File not found
NetSvcs: A88xTuner - File not found
NetSvcs: pinetmgr - File not found
NetSvcs: bdpredir - File not found
NetSvcs: ltxred - File not found
NetSvcs: MegaSR - File not found
NetSvcs: iaantmon - File not found
NetSvcs: aswtdi - File not found
NetSvcs: pgsql-8.0 - File not found
NetSvcs: UCTblHid - File not found
NetSvcs: alertservice - File not found
NetSvcs: ShockMgr - File not found
NetSvcs: vmx86 - File not found
NetSvcs: lwwlicenseservice - File not found
NetSvcs: se58mdm - File not found
NetSvcs: b57w2k - File not found
NetSvcs: SymIM - File not found
NetSvcs: pdengine - File not found
NetSvcs: merakpop3 - File not found
NetSvcs: sndsrvc - File not found
NetSvcs: bwcsrv - File not found
NetSvcs: defragfs - File not found
NetSvcs: cvsnt - File not found
NetSvcs: WD_FireWire_HID - File not found
NetSvcs: SE27mgmt - File not found
NetSvcs: sonicstagemonitoring - File not found
NetSvcs: SSFS0BB9 - File not found
NetSvcs: cpqdfw - File not found
NetSvcs: streamloadservice - File not found
NetSvcs: Wdf01000 - File not found
NetSvcs: mcnasvc - File not found
NetSvcs: superproserver - File not found
NetSvcs: webfilter - File not found
NetSvcs: IWCA - File not found
NetSvcs: HWSCtrl - File not found
NetSvcs: alcaudsl - File not found
NetSvcs: us30sys - File not found
NetSvcs: npkcsvc - File not found
NetSvcs: hidbatt - File not found
NetSvcs: ftpqueue - File not found
NetSvcs: nimxdfk - File not found
NetSvcs: olregcap - File not found
NetSvcs: ATMsg - File not found
NetSvcs: mgisvr - File not found
NetSvcs: REVOSENS - File not found
NetSvcs: enethusb - File not found
NetSvcs: SilverLink - File not found
NetSvcs: ISODrive - File not found
NetSvcs: ONSIO - File not found
NetSvcs: webrootspysweeperservice - File not found
NetSvcs: s217unic - File not found
NetSvcs: p3 - File not found
NetSvcs: DCamUSBSQTECH - File not found
NetSvcs: CYGF32X - File not found
NetSvcs: websenseclientdeployservice - File not found
NetSvcs: PID_08A0 - File not found
NetSvcs: SunkFilt39 - File not found
NetSvcs: qmofiltr - File not found
NetSvcs: CTHWIUT.DLL - File not found
NetSvcs: raysatxsi5_0server - File not found
NetSvcs: aeaudio - File not found
NetSvcs: rkhdrv31 - File not found
NetSvcs: DSI_SiUSBXp_3_1 - File not found
NetSvcs: fingrd32 - File not found
NetSvcs: s125bus - File not found
NetSvcs: cfosspeed - File not found
NetSvcs: cpqnicmgmt - File not found
NetSvcs: amoagent - File not found
NetSvcs: vmkbd2 - File not found
NetSvcs: ypcservice - File not found
NetSvcs: zpsc - File not found
NetSvcs: cmudau - File not found
NetSvcs: basic2 - File not found
NetSvcs: ssm_bus - File not found
NetSvcs: nlsvc - File not found
NetSvcs: backupexecdevicemediaservice - File not found
NetSvcs: nsausvc - File not found
NetSvcs: tvichw32 - File not found
NetSvcs: v2imount - File not found
NetSvcs: backupexecnamingservice - File not found
NetSvcs: MTDVC2_ENUM - File not found
NetSvcs: imagesrv - File not found
NetSvcs: RivaTuner32 - File not found
NetSvcs: ssscsisv - File not found
NetSvcs: rismxdp - File not found
NetSvcs: trufos - File not found
NetSvcs: lktimesync - File not found
NetSvcs: snoopfree - File not found
NetSvcs: scanexplicit - File not found
NetSvcs: ireike - File not found
NetSvcs: qcmerced - File not found
NetSvcs: oracle_load_balancer_60_client-forms6i - File not found
NetSvcs: s616nd5 - File not found
NetSvcs: mwsejcap - File not found
NetSvcs: procexp90 - File not found
NetSvcs: U2SP - File not found
NetSvcs: sonywbms - File not found
NetSvcs: WmiAcpi - File not found
NetSvcs: NCPro - File not found
NetSvcs: mcupdmgr.exe - File not found
NetSvcs: DfwWebAgent - File not found
NetSvcs: SQLAgent$MICROSOFTSMLBIZ - File not found
NetSvcs: mcsysmon - File not found
NetSvcs: dladresn - File not found
NetSvcs: se58nd5 - File not found
NetSvcs: hsxhwazl - File not found
NetSvcs: USBMN1X1 - File not found
NetSvcs: vpcnets2 - File not found
NetSvcs: btwdndis - File not found
NetSvcs: MRV6X32P - File not found
NetSvcs: tosrfnds - File not found
NetSvcs: transbaseservice - File not found
NetSvcs: s116obex - File not found
NetSvcs: AsusACPI - File not found
NetSvcs: naveng - File not found
NetSvcs: forcewarewebinterface - File not found
NetSvcs: fuj02b1 - File not found
NetSvcs: upperdev - File not found
NetSvcs: pptchpad - File not found
NetSvcs: zntport - File not found
NetSvcs: hsf_msft - File not found
NetSvcs: mssql$microsoftbcm - File not found
NetSvcs: Maplom - File not found
NetSvcs: s117unic - File not found
NetSvcs: WINFLASH - File not found
NetSvcs: KMWDFilter - File not found
NetSvcs: tdimsys - File not found
NetSvcs: ctxcpuusync - File not found
NetSvcs: revudfservice - File not found
NetSvcs: EpmPsd - File not found
NetSvcs: cpntsrv - File not found
NetSvcs: CSRBC - File not found
NetSvcs: PAC7302 - File not found
NetSvcs: DCamUSBGrandTek - File not found
NetSvcs: WmVirHid - File not found
NetSvcs: qconsvc - File not found
NetSvcs: ati2mtaa - File not found
NetSvcs: mcdbus - File not found
NetSvcs: vwlogger - File not found
NetSvcs: bdselfpr - File not found
NetSvcs: nvnetbus - File not found
NetSvcs: servicelayer - File not found
NetSvcs: tpsrv - File not found
NetSvcs: minilog - File not found
NetSvcs: ndasbus - File not found
NetSvcs: McciCMService - File not found
NetSvcs: sqlagent$sony_mediamgr - File not found
NetSvcs: EL2000 - File not found
NetSvcs: asmagent - File not found
NetSvcs: cwcspud - File not found
NetSvcs: BrUsbSer - File not found
NetSvcs: sfhlp01 - File not found
NetSvcs: naimagent32 - File not found
NetSvcs: vcsw - File not found
NetSvcs: noipducservice - File not found
NetSvcs: psasrv - File not found
NetSvcs: iaimtv3 - File not found
NetSvcs: avg7core - File not found
NetSvcs: ClntMgmt.sys - File not found
NetSvcs: mrpostman - File not found
NetSvcs: emu10k1 - File not found
NetSvcs: w550mdfl - File not found
NetSvcs: cwafadmincontroller - File not found
NetSvcs: ha20x2k - File not found
NetSvcs: FontCache3.0.0.0. - File not found
NetSvcs: tosrfbd - File not found
NetSvcs: autocomplete - File not found
NetSvcs: msmframework - File not found
NetSvcs: websenseusagemonitor - File not found
NetSvcs: AdfuUd - File not found
NetSvcs: usb20l - File not found
NetSvcs: symantecantibotwatcher - File not found
NetSvcs: pnmsrv - File not found
NetSvcs: emupia - File not found
NetSvcs: Sk99202k - File not found
NetSvcs: mpfirewl - File not found
NetSvcs: gmer - File not found
NetSvcs: zebrsce - File not found
NetSvcs: bwmservice - File not found
NetSvcs: hcf_msft - File not found
NetSvcs: avg7rsw - File not found
NetSvcs: AFGSp50 - File not found
NetSvcs: omnidrv - File not found
NetSvcs: pdlndsdl - File not found
NetSvcs: dcsloader - File not found
NetSvcs: govsrv - File not found
NetSvcs: LMIRfsDriver - File not found
NetSvcs: omniserv - File not found
NetSvcs: PGPdisk - File not found
NetSvcs: SE2Dbus - File not found
NetSvcs: SfCtlCom - File not found
NetSvcs: ca-messagequeuing - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\L3CODECP.ACM (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Program Files\FFDshow\ffdshow.ax ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

arnoldkooiker · Mar 8, 2012

OTL.txt - part 3

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-03-07 21:07:29 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Bureaublad\OTL.exe
[2012-03-07 20:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\AVG2012
[2012-03-07 20:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\AVG 2012
[2012-03-07 20:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\AVG Secure Search
[2012-03-07 20:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012-03-07 20:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012-03-07 20:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012-03-07 20:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012-03-07 20:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012-03-07 08:26:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012-03-07 08:24:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012-03-07 08:24:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012-03-07 08:24:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012-03-07 08:24:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012-03-07 08:24:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012-03-07 08:24:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-03-07 08:01:40 | 009,601,504 | ---- | C] (OPSWAT, Inc.) -- C:\Documents and Settings\user\Bureaublad\AppRemover.exe
[2012-03-07 07:49:52 | 004,428,059 | R--- | C] (Swearware) -- C:\Documents and Settings\user\Bureaublad\ComboFix.exe
[2012-03-05 19:54:13 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Documents and Settings\user\Bureaublad\boot_cleaner.exe
[2012-03-05 19:08:01 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Documents and Settings\user\Bureaublad\aswMBR.exe
[2012-03-05 11:24:50 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Bureaublad\TDSSKiller.exe
[2012-03-04 14:58:32 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\user\Bureaublad\dds.scr
[2012-03-04 14:35:53 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureaublad\Malwarebytes' Anti-Malware mbam--setup-1.60.1.1000.exe
[2012-03-01 22:26:03 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-03-01 22:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-02-29 22:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Anti virus, malware
[2012-02-29 22:30:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Start\Programma's\Anti virus, malware
[2012-02-29 22:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-02-20 23:19:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-03-08 19:49:40 | 091,119,021 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-03-08 19:46:06 | 000,000,023 | ---- | M] () -- C:\WINDOWS\FLASHKSK.INI
[2012-03-08 19:45:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-03-07 23:18:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006UA.job
[2012-03-07 21:07:25 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Bureaublad\OTL.exe
[2012-03-07 08:57:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-03-07 08:26:44 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012-03-07 08:21:05 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012-03-07 08:02:05 | 009,601,504 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\user\Bureaublad\AppRemover.exe
[2012-03-07 07:59:50 | 000,000,448 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2012-03-07 07:58:36 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2012-03-07 07:49:59 | 004,428,059 | R--- | M] (Swearware) -- C:\Documents and Settings\user\Bureaublad\ComboFix.exe
[2012-03-06 19:52:29 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-03-05 19:53:15 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\user\Bureaublad\bootkit_remover.zip
[2012-03-05 19:49:46 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\user\Bureaublad\MBR.dat
[2012-03-05 19:08:04 | 004,730,880 | ---- | M] (AVAST Software) -- C:\Documents and Settings\user\Bureaublad\aswMBR.exe
[2012-03-05 11:24:50 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Bureaublad\TDSSKiller.exe
[2012-03-04 15:18:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006Core.job
[2012-03-04 14:58:15 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\user\Bureaublad\dds.scr
[2012-03-04 13:34:00 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\user\Bureaublad\GMER-gntotgos.exe
[2012-03-04 10:13:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-03-01 22:23:43 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureaublad\Malwarebytes' Anti-Malware mbam--setup-1.60.1.1000.exe
[2012-02-29 19:19:58 | 000,145,086 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012-02-25 17:14:23 | 000,001,065 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012-02-21 19:51:49 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk
[2012-02-16 19:58:25 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Gemeente Enschede Citrix Portal - CSG4.url
[2012-02-15 21:15:30 | 000,001,888 | ---- | M] () -- C:\WINDOWS\goldwave.ini
[2012-02-15 21:14:44 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-02-15 11:12:39 | 000,204,288 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-15 08:57:31 | 000,650,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-14 23:22:44 | 000,509,338 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2012-02-14 23:22:44 | 000,441,552 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-02-14 23:22:44 | 000,091,014 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2012-02-14 23:22:44 | 000,071,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-02-12 20:51:53 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\user\Mijn documenten\PDVD_MediaDisc.PlayList
[2012-02-11 12:29:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-02-09 19:53:56 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-03-07 08:26:44 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012-03-07 08:26:40 | 000,261,936 | RHS- | C] () -- C:\cmldr
[2012-03-07 08:24:17 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-03-07 08:24:17 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-03-07 08:24:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-03-07 08:24:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-03-07 08:24:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-03-05 19:53:17 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\user\Bureaublad\bootkit_remover.zip
[2012-03-05 19:49:46 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\user\Bureaublad\MBR.dat
[2012-03-04 13:33:59 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\user\Bureaublad\GMER-gntotgos.exe
[2012-02-14 19:50:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-02-14 19:50:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012-01-09 20:43:37 | 000,013,234 | -HS- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\3283598863
[2012-01-09 20:43:37 | 000,013,234 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3283598863
[2012-01-09 20:41:47 | 000,013,348 | -HS- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\2520970206
[2012-01-09 20:41:45 | 000,013,352 | -HS- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\job0c0r2vnmw
[2012-01-09 20:41:45 | 000,013,348 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2520970206
[2012-01-09 20:26:42 | 000,013,352 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\job0c0r2vnmw
[2011-04-27 21:41:36 | 000,286,720 | ---- | C] () -- C:\Documents and Settings\user\Application Data\fontdb.mdb
[2011-02-23 02:53:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-02-12 10:21:43 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2011-02-12 10:21:43 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2011-02-12 10:20:10 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2011-02-12 10:20:10 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2011-02-12 10:20:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2011-02-12 10:20:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nsprs.dll
[2011-01-12 20:30:13 | 000,160,361 | ---- | C] () -- C:\WINDOWS\Sqirlz Morph Uninstaller.exe
[2010-11-19 20:47:23 | 000,124,088 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-04-12 10:50:20 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\PDF2IMG.dat
[2010-03-16 21:34:03 | 000,003,633 | ---- | C] () -- C:\WINDOWS\iexplore.ini

========== LOP Check ==========

[2012-03-07 20:36:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012-03-07 20:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2010-11-16 10:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012-02-03 19:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2012-01-14 17:44:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010-07-31 13:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Net
[2010-08-12 19:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hema Album Software Advanced
[2012-03-08 19:49:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008-08-20 22:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008-09-14 10:15:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WebDrive
[2010-04-17 12:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-05-15 21:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010-01-24 21:48:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2008-09-02 20:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\.ABC
[2012-03-07 20:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVG Secure Search
[2012-03-07 20:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVG2012
[2011-03-13 13:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Belastingdienst
[2011-04-27 21:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\BorWare
[2010-07-31 13:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DAEMON Tools Net
[2012-01-14 18:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ehg
[2012-01-23 20:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Heri
[2008-08-26 19:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ICAClient
[2008-09-14 13:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\IrfanView
[2010-12-13 20:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2011-05-16 19:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Octoshape
[2012-01-14 12:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Teqi
[2012-01-04 12:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uskyq
[2012-01-14 15:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uzmigy
[2012-01-24 20:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Yrys

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2005-03-31 17:08:54 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2008-09-14 13:20:48 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012-03-07 08:26:44 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004-08-04 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,261,936 | RHS- | M] () -- C:\cmldr
[2012-03-07 09:02:36 | 000,023,201 | ---- | M] () -- C:\ComboFix.txt
[2005-03-31 17:08:54 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-20 21:23:11 | 000,020,329 | ---- | M] () -- C:\debug.log
[2005-03-31 17:08:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005-03-31 17:08:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-04 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-05-28 09:04:08 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2012-03-08 19:45:52 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009-12-16 18:43:29 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009-11-10 21:12:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009-11-15 12:01:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009-11-15 16:47:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009-11-18 21:11:46 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009-11-18 22:57:11 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009-11-21 16:45:30 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009-11-24 22:17:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2009-11-24 23:00:11 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2009-11-28 12:09:26 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2009-11-28 12:11:20 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2009-11-28 13:22:41 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009-12-01 21:42:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2009-12-02 22:04:37 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2009-12-02 22:43:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2009-12-02 22:46:41 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2009-12-07 19:02:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2009-12-08 17:58:46 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2009-12-09 20:58:55 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2009-12-10 19:08:40 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2009-12-16 18:43:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009-11-10 21:12:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009-11-15 12:01:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009-11-15 16:47:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009-11-18 21:11:45 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009-11-18 22:57:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009-11-21 16:45:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009-11-24 22:17:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009-11-24 23:00:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009-11-28 12:09:26 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009-11-28 12:11:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009-11-28 13:22:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009-12-01 21:42:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009-12-02 22:04:37 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009-12-02 22:43:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009-12-02 22:46:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009-12-07 19:02:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009-12-08 17:58:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009-12-09 20:58:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009-12-10 19:08:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2012-03-05 23:44:01 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.17.0_05.03.2012_23.43.54_log.txt
[2012-03-05 23:44:17 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.17.0_05.03.2012_23.44.15_log.txt
[2012-03-05 23:42:21 | 000,054,046 | ---- | M] () -- C:\TDSSKiller.2.7.19.0_05.03.2012_23.41.31_log.txt
[2012-03-05 23:45:00 | 000,054,046 | ---- | M] () -- C:\TDSSKiller.2.7.19.0_05.03.2012_23.44.43_log.txt

< %systemroot%\Fonts\*.com >
[2006-04-18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-06-29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-06-29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2005-03-31 17:08:24 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2003-07-29 10:45:10 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBRPP5C.DLL
[2008-07-06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005-03-31 19:00:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005-03-31 19:00:27 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005-03-31 19:00:27 | 000,425,984 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2005-03-31 17:12:48 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureaublad weergeven.scf
[2008-08-13 10:12:57 | 000,000,131 | -HS- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2012-02-16 19:58:25 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Gemeente Enschede Citrix Portal - CSG4.url

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012-02-11 12:29:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2004-08-04 13:00:00 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\tasks\desktop.ini
[2012-03-04 15:18:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006Core.job
[2012-03-07 23:18:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006UA.job
[2012-03-08 19:46:00 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >
Sqirlz Morph Uninstaller.exe

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2012-03-08 20:04:11 | 001,163,264 | ---- | M] () -- C:\Documents and Settings\user\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007-06-27 15:57:10 | 000,317,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008-04-14 21:32:24 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004-08-04 00:15:40 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004-08-04 00:15:40 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008-05-02 15:05:59 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008-04-13 22:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008-04-14 21:33:08 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004-08-04 00:15:40 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004-08-04 00:15:40 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004-08-04 00:15:40 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004-08-04 00:15:40 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004-08-04 00:15:40 | 000,118,265 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< MD5 for: SERIAL.SYS >
[2004-08-04 13:00:00 | 018,788,859 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:serial.sys
[2008-04-14 21:46:08 | 020,107,370 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:serial.sys
[2004-08-04 13:00:00 | 018,788,859 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:serial.sys
[2008-04-14 21:46:08 | 020,107,370 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:serial.sys
[2008-04-14 21:06:26 | 000,065,536 | ---- | M] () MD5=2B554A5C190850E56F7AED5A7A007EF9 -- C:\WINDOWS\system32\drivers\serial.sys
[2008-04-14 21:06:26 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=92C21762653BB2CE51147EB8A9AA654F -- C:\WINDOWS\ServicePackFiles\i386\serial.sys
[2008-04-14 21:06:26 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=92C21762653BB2CE51147EB8A9AA654F -- C:\WINDOWS\system32\dllcache\serial.sys

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$NtUninstallKB22540$] -> Error: Cannot create file handle -> Unknown point type

< End of report >

arnoldkooiker · Mar 8, 2012

Extras.txt

OTL Extras logfile created on: 8-3-2012 20:07:01 - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\user\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,87 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 70,86% Memory free
3,72 Gb Paging File | 3,18 Gb Available in Paging File | 85,48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 142,06 Gb Free Space | 30,50% Space Free | Partition Type: NTFS
Drive D: | 225,07 Gb Total Space | 31,05 Gb Free Space | 13,80% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Media Markt] -- "C:\Program Files\Media Markt\Media Markt.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled

xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled

xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled

xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled

xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled

xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled

xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled

xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled

xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled

xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled

xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled

xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled

xpsp2res.dll,-22002
"4899:TCP" = 4899:TCP:*:Enabled:Remote Administrator
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Service voor delen via het netwerk
"21:TCP" = 21:TCP:*:Enabled:FTP
"2121:TCP" = 2121:TCP:*:Enabled:FTP 2121
"1179:UDP" = 1179:UDP:*:Enabled:Windows Media Format SDK (sidebar.exe)
"1178:UDP" = 1178:UDP:*:Enabled:Windows Media Format SDK (sidebar.exe)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\explorer.exe" = %windir%\explorer.exe -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"D:\D-schijf\Games\World Series of Poker TOC\WSOPTOC.exe" = D:\D-schijf\Games\World Series of Poker TOC\WSOPTOC.exe:*:Enabled:WSOPTOC -- ()
"C:\Program Files\DC++\DCPlusPlus.exe" = C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled

C++ -- ()
"C:\Program Files\ABC\abc.exe" = C:\Program Files\ABC\abc.exe:*:Enabled:abc -- ()
"C:\WINDOWS\system32\rserver30\rserver3.exe" = C:\WINDOWS\system32\rserver30\rserver3.exe:*:Enabled:rserver3.exe -- (Famatech International Corp.)
"C:\Program Files\Audiograbber\audiograbber.exe" = C:\Program Files\Audiograbber\audiograbber.exe:*:Enabled:Audiograbber -- ()
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Maple 8\bin.win\mserver.exe" = C:\Program Files\Maple 8\bin.win\mserver.exe:*:Enabled:mserver -- ()
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Samsung PC Share Manager\WiselinkPro.exe" = C:\Program Files\Samsung PC Share Manager\WiselinkPro.exe:*:Enabled:AllShare -- ()
"C:\Program Files\Samsung PC Share Manager\http_ss_win_pro.exe" = C:\Program Files\Samsung PC Share Manager\http_ss_win_pro.exe:*:Enabled

CSM_http_ss_win_pro -- ()
"D:\D-schijf\Games\Commandos, Behind Enemy Lines\mpserver.exe" = D:\D-schijf\Games\Commandos, Behind Enemy Lines\mpserver.exe:*:Enabled:mpserver -- ()
"C:\Program Files\Cerberus\Cerberus.exe" = C:\Program Files\Cerberus\Cerberus.exe:*:Enabled:Cerberus FTP Server Application -- (Grant Averett)
"C:\Program Files\FTP Explorer\ftpx.exe" = C:\Program Files\FTP Explorer\ftpx.exe:*:Enabled:FTP Explorer Application -- (FTPx Corp.)
"C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:FTP-bestandsoverdrachtprogramma -- (Microsoft Corporation)
"%windir%\explorer.exe" = %windir%\explorer.exe -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Installer voor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled

ersoonlijke e-mailscanner -- (AVG Technologies CZ, s.r.o.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
".sol Editor" = .sol Editor 1.1.0.1
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix online plug-in (Web)
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{10162E91-BB26-AF99-909C-E840C15890E8}" = Catalyst Control Center Graphics Full Existing
"{10F5387D-1728-423A-A578-B00982CF2646}" = Windows Live Messenger
"{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 30
"{29C0E9C5-7718-D07B-633F-FD5BE27BBCE5}" = ccc-core-preinstall
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2A5782B3-9767-5DF6-8F5A-4900CD698845}" = Catalyst Control Center Graphics Light
"{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}" = Windows Live Call
"{2ED60C17-4568-4CD5-830A-03C4688B09A1}" = Orange USB Wi-Fi drivers
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38EC695A-64CD-7C76-3C21-9ECB49880C70}" = Catalyst Control Center Core Implementation
"{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX
"{3F3733A5-8322-454D-A638-3B74E1C83752}" = Gadget Installer
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{47E0F183-E938-A97E-A3CF-9FD4D9893439}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{508D86EE-931E-4DEA-0BF8-25E30CE9EB42}" = ccc-utility
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}" = Windows Live Essentials
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5B23E5AD-23E2-45C8-A24C-97D3A23FB6EE}" = Carcassonne
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E2F380E-A308-437A-BA02-D5F563C92A13}" = Cerberus FTP Server
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix online plug-in (USB)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7A81A7E3-7391-ADFF-9014-F8F45F0337F6}" = CCC Help English
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}" = Windows Live aanmeldhulp
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{805C099D-2A20-DBF8-780C-52CA10916A14}" = Catalyst Control Center Graphics Full New
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix online plug-in (DV)
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E79A5A3-AA5F-DA1F-4BF2-EEC290A08709}" = Skins
"{90110413-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
"{90120000-008A-0413-0000-0000000FF1CE}" = Gadget voor recente documenten in Microsoft Office 2007
"{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AAD51583-6D43-4444-A1FF-0C8345345526}" = Radmin Server 3.0
"{AAFD22B6-A6C7-4134-AF4E-080BCBCD3493}" = Orange USB Wi-Fi manager
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{C064F50C-4B08-3136-48F5-B92130A47267}" = Catalyst Control Center Graphics Previews Common
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0C3F1F4-6F91-4E1A-B93E-811F756EF1D6}" = SPSS DDL 5.5
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D02FCF71-B9A2-406F-ABE5-8E183526CDDF}" = Studio 9
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{E7E84E23-C5C0-4B15-B13A-C63149E59C98}" = AVG 2012
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix online plug-in (HDX)
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6E36639-10C8-4FAD-AF1F-E84D5B6653D1}" = FontLab Studio 5
"{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = Orange Livebox
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-uitbreiding voor de wizard Cd branden van Microsoft Windows XP
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"7-Zip" = 7-Zip 9.20
"Aangifte inkomstenbelasting 2007" = Aangifte inkomstenbelasting 2007
"Aangifte inkomstenbelasting 2008" = Aangifte inkomstenbelasting 2008
"Aangifte inkomstenbelasting 2009" = Aangifte inkomstenbelasting 2009
"Aangifte inkomstenbelasting 2010" = Aangifte inkomstenbelasting 2010
"ABC" = ABC (remove only)
"AC3ACM" = AC-3 ACM Codec
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2012
"BSW" = BrettspielWelt
"CCleaner" = CCleaner
"CDCheck" = CDCheck
"CD-Text Player" = CD-Text Player
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CoCSoft Stream Down 5.1" = CoCSoft Stream Down 5.1
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DC++" = DC++ 0.674
"doPDF 5 printer_is1" = doPDF 5.3 printer
"DVD Shrink_is1" = DVD Shrink 3.2
"DVD-lab PRO_is1" = DVD-lab PRO 1.53
"eMule" = eMule
"ESET Online Scanner" = ESET Online Scanner v3
"ExtractNow_is1" = ExtractNow
"ffdshow" = ffdshow (remove only)
"FTP Explorer" = FTP Explorer
"GoldWave v4.26" = GoldWave v4.26
"Hema Album Software Advanced_is1" = Hema Album Software Advanced
"HFX PRO for Studio" = HFX PRO for Studio
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"IrfanView" = IrfanView (remove only)
"Kinderopvangtoeslag 2010" = Kinderopvangtoeslag 2010
"Kinderopvangtoeslag 2011" = Kinderopvangtoeslag 2011
"Lexmark 3100 Series" = Lexmark 3100 Series
"LimeWire" = LimeWire 4.12.11
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.60.1.1000
"Maple 8" = Maple 8
"Media Markt" = Media Markt
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Mp3 Codec" = Mpeg Layer3 Codec FHG-Radium v1.263
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MultipleIEs_is1" = MultipleIEs
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Ogg Codecs" = Ogg Codecs 0.81.15562
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"RadLight Ogg Media DirectShow filter" = RadLight Ogg Media DirectShow filter (remove only)
"SopCast" = SopCast 3.0.0
"SpeedFan" = SpeedFan (remove only)
"Sqirlz Morph" = Sqirlz Morph
"TMPGEnc-2.59.47.155-Plus-EN" = TMPGEnc-2.59.47.155-Plus-EN
"VeryPDF PDF To Image Converter v2.1_is1" = VeryPDF PDF To Image Converter v2.1
"Verzoek of wijziging voorlopige aanslag 2010" = Verzoek of wijziging voorlopige aanslag 2010
"Verzoek of wijziging voorlopige aanslag 2011" = Verzoek of wijziging voorlopige aanslag 2011
"Verzoek voorlopige teruggaaf 2008" = Verzoek voorlopige teruggaaf 2008
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp (remove only)
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Sidebar" = Windows Sidebar
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Tantrix Match" = Tantrix Match

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25-2-2012 18:28:44 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25-2-2012 18:28:44 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3907

Error - 25-2-2012 18:28:44 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3907

Error - 25-2-2012 18:28:46 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25-2-2012 18:28:46 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5860

Error - 25-2-2012 18:28:46 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5860

Error - 25-2-2012 18:28:50 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 25-2-2012 18:28:50 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9579

Error - 25-2-2012 18:28:50 | Computer Name = PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9579

Error - 4-3-2012 9:38:43 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: sopcast.exe, versie: 3.0.3.501, vastgelopen
module: ntdll.dll, versie: 5.1.2600.6055, vastgelopen op: 0x00010cd0.

[ System Events ]
Error - 8-3-2012 14:46:24 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = De Sfusvc-service is gestopt met de volgende foutcode: %%126.

Error - 8-3-2012 14:46:24 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = De SWMX00-service is gestopt met de volgende foutcode: %%126.

Error - 8-3-2012 14:46:24 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = De {a7447300-8075-4b0d-83f1-3d75c8ebc623}-service is gestopt met de
volgende foutcode: %%126.

Error - 8-3-2012 14:46:24 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = De Pnarp-service is gestopt met de volgende foutcode: %%126.

Error - 8-3-2012 14:46:24 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = De Wpsdrvnt-service is gestopt met de volgende foutcode: %%126.

Error - 8-3-2012 14:46:24 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = De W700mgmt-service is gestopt met de volgende foutcode: %%126.

Error - 8-3-2012 14:46:24 | Computer Name = PC | Source = Service Control Manager | ID = 7023
Description = De Ispwdsvc-service is gestopt met de volgende foutcode: %%126.

Error - 8-3-2012 14:46:31 | Computer Name = PC | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: PCLEPCI

Error - 8-3-2012 14:46:35 | Computer Name = PC | Source = DCOM | ID = 10005
Description = DCOM kreeg foutmelding '%1055' bij het starten van de iPod Service-service
met de argumenten '' om de server {063D34A4-BF84-4B8D-B699-E8CA06504DDE} te starten

Error - 8-3-2012 15:01:55 | Computer Name = PC | Source = MRxSmb | ID = 8003
Description = De masterbrowser heeft een servermelding ontvangen van computer LAPTOP
die
meent de masterbrowser voor het domein te zijn op transport NetBT_Tcpip_{52503A0F-5C0B-42B1-B7.
De masterbrowser wordt gestopt of er wordt een verkiezing afgedwongen.

< End of report >

arnoldkooiker · Mar 8, 2012

Okay, that was all from OTL.

Broni · Mar 8, 2012

For x86 bit systems please download GrantPerms.zip and save it to your desktop.
For x64 bit systems please download GrantPerms64.zip and save it to your desktop.
Unzip the file and depending on the system run GrantPerms.exe or GrantPerms64.exe
Copy and paste the following in the edit box:

Code:

C:\WINDOWS\$NtUninstallKB22540$

Click Unlock. When it is done click "OK".
Click List Permissions and post the result of Perms.txt file that pops up.
A copy of Perms.txt will be saved in the same directory the tool is run.

Then....

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: enschede.nl ([ienoportal] https in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: enschede.nl ([portal] https in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: enschede.nl ([webmail] https in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Domains: localhost ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-3106237358-2718937594-2690874173-1006\..Trusted Ranges: Range2 ([http] in Trusted sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[2012-03-07 08:21:05 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012-01-09 20:43:37 | 000,013,234 | -HS- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\3283598863
[2012-01-09 20:43:37 | 000,013,234 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3283598863
[2012-01-09 20:41:47 | 000,013,348 | -HS- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\2520970206
[2012-01-09 20:41:45 | 000,013,352 | -HS- | C] () -- C:\Documents and Settings\user\Local Settings\Application Data\job0c0r2vnmw
[2012-01-09 20:41:45 | 000,013,348 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2520970206
[2012-01-09 20:26:42 | 000,013,352 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\job0c0r2vnmw
[2012-01-14 12:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Teqi
[2012-01-04 12:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uskyq
[2012-01-14 15:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Uzmigy
[2012-01-24 20:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Yrys

:Files
C:\WINDOWS\system32\drivers\serial.sys|C:\WINDOWS\system32\dllcache\serial.sys /replace

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

After restart....

Re-run OTL.

Use the following settings:

Click the NONE button
Under Custom Scans/Fixes paste:

Code:

/md5start
serial.sys
/md5stop

Finally hit Run Scan and wait for the log to open.
Please post the content of the log into your next reply.

arnoldkooiker · Mar 9, 2012

New logs

Hi Broni,

I ran all. Posted below the results of GrantPerms, OTL en OTL again.

============================================================

GrantPerms by Farbar
Ran by user (administrator) at 2012-03-09 20:20:47

===============================================
\\?\C:\WINDOWS\$NtUninstallKB22540$

Owner: INGEBOUWD\Administrators

DACL(P)(AI):
INGEBOUWD\Administrators FULL ALLOW (CI)(OI)
NT AUTHORITY\SYSTEM FULL ALLOW (CI)(OI)
INGEBOUWD\Gebruikers READ/EXECUTE ALLOW (CI)(OI)

============================================================

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\enschede.nl\ienoportal\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\enschede.nl\portal\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\enschede.nl\webmail\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3106237358-2718937594-2690874173-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range2\\http deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\WINDOWS\system32\dds_trash_log.cmd moved successfully.
C:\Documents and Settings\user\Local Settings\Application Data\3283598863 moved successfully.
C:\Documents and Settings\All Users\Application Data\3283598863 moved successfully.
C:\Documents and Settings\user\Local Settings\Application Data\2520970206 moved successfully.
C:\Documents and Settings\user\Local Settings\Application Data\job0c0r2vnmw moved successfully.
C:\Documents and Settings\All Users\Application Data\2520970206 moved successfully.
C:\Documents and Settings\All Users\Application Data\job0c0r2vnmw moved successfully.
C:\Documents and Settings\user\Application Data\Teqi folder moved successfully.
C:\Documents and Settings\user\Application Data\Uskyq folder moved successfully.
C:\Documents and Settings\user\Application Data\Uzmigy folder moved successfully.
C:\Documents and Settings\user\Application Data\Yrys folder moved successfully.
========== FILES ==========
File C:\WINDOWS\system32\drivers\serial.sys successfully replaced with C:\WINDOWS\system32\dllcache\serial.sys
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes

User: All Users

User: Default User
->Temp folder emptied: 3244032 bytes
->Temporary Internet Files folder emptied: 65670 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 8530665 bytes
->Java cache emptied: 109856 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 4637 bytes
->Flash cache emptied: 2281 bytes

User: user
->Temp folder emptied: 11165502 bytes
->Temporary Internet Files folder emptied: 31250756 bytes
->Java cache emptied: 29823827 bytes
->FireFox cache emptied: 84047369 bytes
->Google Chrome cache emptied: 205617767 bytes
->Flash cache emptied: 2409689 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 2845 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 102245 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 359,00 mb

[EMPTYJAVA]

User: Administrator

User: Administrator.PC

User: All Users

User: Default User

User: LocalService
->Java cache emptied: 0 bytes

User: NetworkService
->Java cache emptied: 0 bytes

User: user
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.PC

User: All Users

User: Default User

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.35.1 log created on 03092012_202344

Files\Folders moved on Reboot...
C:\Documents and Settings\user\Local Settings\Temp\MPC23.tmp moved successfully.
C:\Documents and Settings\user\Local Settings\Temp\MPC26.tmp moved successfully.
C:\Documents and Settings\user\Local Settings\Temp\MPC27.tmp moved successfully.
C:\Documents and Settings\user\Local Settings\Temp\MPC2B.tmp moved successfully.
C:\Documents and Settings\user\Local Settings\Temp\MPC35.tmp moved successfully.

Registry entries deleted on Reboot...

============================================================

OTL logfile created on: 9-3-2012 20:36:21 - Run 2
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\user\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,87 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 66,25% Memory free
3,72 Gb Paging File | 3,08 Gb Available in Paging File | 82,63% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 142,26 Gb Free Space | 30,54% Space Free | Partition Type: NTFS
Drive D: | 225,07 Gb Total Space | 31,05 Gb Free Space | 13,80% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========

< MD5 for: SERIAL.SYS >
[2004-08-04 13:00:00 | 018,788,859 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:serial.sys
[2008-04-14 21:46:08 | 020,107,370 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:serial.sys
[2004-08-04 13:00:00 | 018,788,859 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:serial.sys
[2008-04-14 21:46:08 | 020,107,370 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:serial.sys
[2008-04-14 21:06:26 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=92C21762653BB2CE51147EB8A9AA654F -- C:\WINDOWS\ServicePackFiles\i386\serial.sys
[2008-04-14 21:06:26 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=92C21762653BB2CE51147EB8A9AA654F -- C:\WINDOWS\system32\dllcache\serial.sys
[2008-04-14 21:06:26 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=92C21762653BB2CE51147EB8A9AA654F -- C:\WINDOWS\system32\drivers\serial.sys

< End of report >

Broni · Mar 9, 2012

Good.
How is computer doing?
Did AVG stop complaining?

Re-run OTL and just click on "Quick scan" button. No custom script needed.
Only one log will be produced.

arnoldkooiker · Mar 9, 2012

Everything looks good. AVG indeed does not complain at the moment. Also the serial.sys seems okay now (I scanned it again with AVG and nothing came up anymore). Below the log of the OTL rescan.

================================================

OTL logfile created on: 9-3-2012 22:09:30 - Run 3
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\user\Bureaublad
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,87 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 69,68% Memory free
3,72 Gb Paging File | 3,16 Gb Available in Paging File | 84,98% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 142,25 Gb Free Space | 30,54% Space Free | Partition Type: NTFS
Drive D: | 225,07 Gb Total Space | 31,05 Gb Free Space | 13,80% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-03-07 21:07:25 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Bureaublad\OTL.exe
PRC - [2012-03-07 20:36:39 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012-03-07 20:36:39 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2012-01-24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011-10-10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011-02-05 21:19:13 | 000,494,592 | --S- | M] (BitMicro Software Corporation) -- C:\Program Files\RapidBIT\cidaemon.exe
PRC - [2010-03-11 00:22:04 | 000,599,408 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010-03-11 00:21:16 | 000,300,400 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2008-04-14 21:33:00 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-02-02 14:40:20 | 000,100,504 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\FamItrfc.Exe
PRC - [2007-02-02 14:35:06 | 001,235,032 | ---- | M] (Famatech International Corp.) -- C:\WINDOWS\system32\rserver30\rserver3.exe
PRC - [2006-01-19 15:54:34 | 000,925,696 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
PRC - [2004-09-22 22:17:18 | 000,815,104 | ---- | M] (Grant Averett) -- C:\Program Files\Cerberus\Cerberus.exe
PRC - [2003-09-04 03:30:52 | 000,106,496 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
PRC - [2003-09-04 03:11:50 | 000,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
PRC - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

========== Modules (No Company Name) ==========

MOD - [2012-03-07 20:36:39 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012-03-07 20:36:39 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
MOD - [2012-02-15 09:05:18 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
MOD - [2012-02-15 09:05:03 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
MOD - [2012-02-15 09:04:12 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
MOD - [2012-02-15 09:03:59 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2012-02-15 09:01:53 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2012-02-15 09:01:49 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
MOD - [2012-02-15 09:01:37 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
MOD - [2012-02-15 09:01:22 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
MOD - [2012-02-15 08:59:31 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012-02-14 23:22:18 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012-02-14 23:22:14 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2012-02-14 23:22:12 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011-10-14 02:08:06 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2010-03-15 15:57:20 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010-02-17 19:57:19 | 000,022,016 | ---- | M] () -- C:\WINDOWS\system32\rserver30\R3GOD.DLL
MOD - [2008-04-14 21:32:32 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008-03-23 00:01:42 | 000,026,576 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vshell32.dll
MOD - [2008-03-23 00:01:40 | 000,040,400 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vuser32.dll
MOD - [2008-03-23 00:01:40 | 000,011,216 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vuxtheme.dll
MOD - [2008-03-23 00:01:36 | 000,082,384 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vntdll.dll
MOD - [2008-03-23 00:01:36 | 000,058,320 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vkernel32.dll
MOD - [2008-03-23 00:01:34 | 000,019,920 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vmsvcrt.dll
MOD - [2008-03-23 00:01:32 | 000,046,032 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vadvapi32.dll
MOD - [2008-03-23 00:01:30 | 000,047,056 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vgdiplus.dll
MOD - [2008-03-23 00:01:30 | 000,008,144 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vdwmapi.dll
MOD - [2008-03-23 00:00:36 | 000,096,208 | ---- | M] () -- C:\Program Files\Alky for Applications\Libraries\vcomctl32.dll
MOD - [2008-01-30 11:19:30 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2635.38726__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2635.38926__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,229,376 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2635.38683__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,184,320 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2635.38740__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2635.38956__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2635.38945__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2635.38717__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:30 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2635.38739__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2635.38702__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:30 | 000,015,872 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2635.38839__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:29 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2635.38985__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:29 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2635.38913__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2635.38991__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2635.38733__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2635.38918__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:29 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2635.38697__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:29 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2635.38911__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:29 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2635.38902__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:29 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2635.38732__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,913,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2635.38951__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,667,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2635.38850__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,651,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2635.38906__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,577,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2635.38754__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,475,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2635.38842__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2635.38704__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2635.38932__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008-01-30 11:19:28 | 000,319,488 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2635.38834__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2635.38747__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2635.38870__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008-01-30 11:19:28 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2635.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2635.38846__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2635.38846__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2635.38759__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2635.38869__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2635.38888__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008-01-30 11:19:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2613.19911__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2613.19938__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2613.19938__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2613.19946__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008-01-30 11:19:28 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008-01-30 11:19:27 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2613.19937__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2613.19903__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2613.19914__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2613.19936__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008-01-30 11:19:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2613.19946__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2613.19936__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2635.39013__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008-01-30 11:19:27 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2613.19902__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2613.19973__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008-01-30 11:19:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2613.19924__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2613.19906__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2613.19935__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2613.19923__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2613.19922__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2613.19937__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2613.19902__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2613.19937__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2613.19921__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2613.19911__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2613.19910__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2613.19931__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2613.19921__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2613.19938__90ba9c70f846762e\DEM.OS.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2613.19934__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2613.19932__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2613.19924__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008-01-30 11:19:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2613.19916__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008-01-30 11:19:26 | 000,466,944 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2635.38712__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008-01-30 11:19:26 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2635.38969__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008-01-30 11:19:26 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2635.38682__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008-01-30 11:19:26 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2635.38968__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008-01-30 11:19:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2613.19921__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008-01-30 11:19:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2613.19906__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008-01-30 11:19:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2613.19944__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008-01-30 11:19:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2613.19922__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008-01-30 11:19:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2613.19908__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008-01-30 11:19:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2613.19916__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008-01-30 11:19:25 | 001,404,928 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2635.38692__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008-01-30 11:19:25 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2635.38682__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008-01-30 11:19:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2635.38680__90ba9c70f846762e\AEM.Server.dll
MOD - [2008-01-30 11:19:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2613.19912__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008-01-30 11:19:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008-01-30 11:19:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2613.19938__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008-01-30 11:19:25 | 000,019,968 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2635.38969__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2006-01-18 13:09:40 | 000,045,056 | ---- | M] () -- C:\Program Files\SAGEM WiFi manager\ZDWlan.dll
MOD - [2006-01-18 13:09:36 | 000,212,992 | ---- | M] () -- C:\Program Files\SAGEM WiFi manager\dot1x_dll.dll
MOD - [2004-10-12 07:46:30 | 001,761,280 | ---- | M] () -- C:\Program Files\FFDshow\ffdshow.ax
MOD - [2004-05-25 15:06:58 | 000,417,792 | ---- | M] () -- C:\WINDOWS\system32\ac3filter.ax
MOD - [2003-09-04 03:11:58 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 3100 Series\mcrdchkr.dll
MOD - [2003-09-04 03:11:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Lexmark 3100 Series\regutil.dll
MOD - [2003-07-29 10:45:10 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBRPP5C.DLL
MOD - [2003-06-23 10:01:48 | 000,049,152 | ---- | M] () -- C:\Program Files\Lexmark 3100 Series\ConvDIB.dll
MOD - [2003-04-02 03:20:37 | 000,012,288 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe

arnoldkooiker · Mar 9, 2012

OTL rescan - part 2

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (ZTEusbmdm6k)
SRV - File not found [Auto | Stopped] -- -- (ZSMC211)
SRV - File not found [Auto | Stopped] -- -- (zpsc)
SRV - File not found [Auto | Stopped] -- -- (zntport)
SRV - File not found [Auto | Stopped] -- -- (zebrsce)
SRV - File not found [Auto | Stopped] -- -- (ypcservice)
SRV - File not found [Auto | Stopped] -- -- (yats32)
SRV - File not found [Auto | Stopped] -- -- (WNCPKT)
SRV - File not found [Auto | Stopped] -- -- (WmVirHid)
SRV - File not found [Auto | Stopped] -- -- (WmUsbHid)
SRV - File not found [Auto | Stopped] -- -- (WmiAcpi)
SRV - File not found [Auto | Stopped] -- -- (wmccds)
SRV - File not found [Auto | Stopped] -- -- (WLAN_USB)
SRV - File not found [Auto | Stopped] -- -- (winpower)
SRV - File not found [Auto | Stopped] -- -- (WINFLASH)
SRV - File not found [Auto | Stopped] -- -- (wg6n)
SRV - File not found [Auto | Stopped] -- -- (websenseusagemonitor)
SRV - File not found [Auto | Stopped] -- -- (websenseclientdeployservice)
SRV - File not found [Auto | Stopped] -- -- (webrootspysweeperservice)
SRV - File not found [Auto | Stopped] -- -- (webfilter)
SRV - File not found [Auto | Stopped] -- -- (Wdf01000)
SRV - File not found [Auto | Stopped] -- -- (WD_FireWire_HID)
SRV - File not found [Auto | Stopped] -- -- (WavxDMgr)
SRV - File not found [Auto | Stopped] -- -- (WaveEnrollmentService)
SRV - File not found [Auto | Stopped] -- -- (wacomvhid)
SRV - File not found [Auto | Stopped] -- -- (w810obex)
SRV - File not found [Auto | Stopped] -- -- (w550mdfl)
SRV - File not found [Auto | Stopped] -- -- (w550bus)
SRV - File not found [Auto | Stopped] -- -- (w300bus)
SRV - File not found [Auto | Stopped] -- -- (w200obex)
SRV - File not found [Auto | Stopped] -- -- (vwlogger)
SRV - File not found [Auto | Stopped] -- -- (vpcnets2)
SRV - File not found [Auto | Stopped] -- -- (vncmirror)
SRV - File not found [Auto | Stopped] -- -- (vmx86)
SRV - File not found [Auto | Stopped] -- -- (vmkbd2)
SRV - File not found [Auto | Stopped] -- -- (viamraid)
SRV - File not found [Auto | Stopped] -- -- (viagfx)
SRV - File not found [Auto | Stopped] -- -- (viaagp1)
SRV - File not found [Auto | Stopped] -- -- (vcsw)
SRV - File not found [Auto | Stopped] -- -- (vaiomediaplatform-photoserver-appserver)
SRV - File not found [Auto | Stopped] -- -- (v2imount)
SRV - File not found [Auto | Stopped] -- -- (usnsvc)
SRV - File not found [Auto | Stopped] -- -- (USBVCD)
SRV - File not found [Auto | Stopped] -- -- (USBMN1X1)
SRV - File not found [Auto | Stopped] -- -- (USBCamera)
SRV - File not found [Auto | Stopped] -- -- (usb20l)
SRV - File not found [Auto | Stopped] -- -- (us30sys)
SRV - File not found [Auto | Stopped] -- -- (upperdev)
SRV - File not found [Auto | Stopped] -- -- (uhcd)
SRV - File not found [Auto | Stopped] -- -- (UCTblHid)
SRV - File not found [Auto | Stopped] -- -- (U2SP)
SRV - File not found [Auto | Stopped] -- -- (tvichw32)
SRV - File not found [Auto | Stopped] -- -- (tsircsrv)
SRV - File not found [Auto | Stopped] -- -- (TryAndDecideService)
SRV - File not found [Auto | Stopped] -- -- (trufos)
SRV - File not found [Auto | Stopped] -- -- (traprcvr)
SRV - File not found [Auto | Stopped] -- -- (transbaseservice)
SRV - File not found [Auto | Stopped] -- -- (trackcam4)
SRV - File not found [Auto | Stopped] -- -- (tpsrv)
SRV - File not found [Auto | Stopped] -- -- (tphkdrv)
SRV - File not found [Auto | Stopped] -- -- (tphdexlgsvc)
SRV - File not found [Auto | Stopped] -- -- (tosrfnds)
SRV - File not found [Auto | Stopped] -- -- (tosrfbd)
SRV - File not found [Auto | Stopped] -- -- (tdimsys)
SRV - File not found [Auto | Stopped] -- -- (taphss)
SRV - File not found [Auto | Stopped] -- -- (tapeware)
SRV - File not found [Auto | Stopped] -- -- (symwsc)
SRV - File not found [Auto | Stopped] -- -- (SymIM)
SRV - File not found [Auto | Stopped] -- -- (symids)
SRV - File not found [Auto | Stopped] -- -- (symantecantibotwatcher)
SRV - File not found [Auto | Stopped] -- -- (superproserver)
SRV - File not found [Auto | Stopped] -- -- (SunkFilt39)
SRV - File not found [Auto | Stopped] -- -- (stunnel)
SRV - File not found [Auto | Stopped] -- -- (streamloadservice)
SRV - File not found [Auto | Stopped] -- -- (sthda)
SRV - File not found [Auto | Stopped] -- -- (starwindserviceae)
SRV - File not found [Auto | Stopped] -- -- (ssscsisv)
SRV - File not found [Auto | Stopped] -- -- (ssm_bus)
SRV - File not found [Auto | Stopped] -- -- (SSFS0BB9)
SRV - File not found [Auto | Stopped] -- -- (ssdiagn)
SRV - File not found [Auto | Stopped] -- -- (sqlagent$sony_mediamgr)
SRV - File not found [Auto | Stopped] -- -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - File not found [Auto | Stopped] -- -- (sonywbms)
SRV - File not found [Auto | Stopped] -- -- (sonicstagemonitoring)
SRV - File not found [Auto | Stopped] -- -- (snoopfree)
SRV - File not found [Auto | Stopped] -- -- (sndsrvc)
SRV - File not found [Auto | Stopped] -- -- (Slpsvdr)
SRV - File not found [Auto | Stopped] -- -- (Sk99202k)
SRV - File not found [Auto | Stopped] -- -- (SilverLink)
SRV - File not found [Auto | Stopped] -- -- (ShockMgr)
SRV - File not found [Auto | Stopped] -- -- (sfhlp01)
SRV - File not found [Auto | Stopped] -- -- (SfCtlCom)
SRV - File not found [Auto | Stopped] -- -- (SetupNT)
SRV - File not found [Auto | Stopped] -- -- (servicelayer)
SRV - File not found [Auto | Stopped] -- -- (sermouse)
SRV - File not found [Auto | Stopped] -- -- (se59unic)
SRV - File not found [Auto | Stopped] -- -- (se58nd5)
SRV - File not found [Auto | Stopped] -- -- (se58mdm)
SRV - File not found [Auto | Stopped] -- -- (se45obex)
SRV - File not found [Auto | Stopped] -- -- (SE2Dmgmt)
SRV - File not found [Auto | Stopped] -- -- (SE2Dbus)
SRV - File not found [Auto | Stopped] -- -- (SE2Cobex)
SRV - File not found [Auto | Stopped] -- -- (SE2Bmdm)
SRV - File not found [Auto | Stopped] -- -- (SE27mgmt)
SRV - File not found [Auto | Stopped] -- -- (SE27mdfl)
SRV - File not found [Auto | Stopped] -- -- (scanexplicit)
SRV - File not found [Auto | Stopped] -- -- (sbhooksvc)
SRV - File not found [Auto | Stopped] -- -- (SbcpHid)
SRV - File not found [Auto | Stopped] -- -- (SaiH040B)
SRV - File not found [Auto | Stopped] -- -- (SaiClass)
SRV - File not found [Auto | Stopped] -- -- (S7oppilx)
SRV - File not found [Auto | Stopped] -- -- (s616nd5)
SRV - File not found [Auto | Stopped] -- -- (s217unic)
SRV - File not found [Auto | Stopped] -- -- (s125obex)
SRV - File not found [Auto | Stopped] -- -- (s125bus)
SRV - File not found [Auto | Stopped] -- -- (s117unic)
SRV - File not found [Auto | Stopped] -- -- (s116unic)
SRV - File not found [Auto | Stopped] -- -- (s116obex)
SRV - File not found [Auto | Stopped] -- -- (RVIEG01)
SRV - File not found [Auto | Stopped] -- -- (rtl8029)
SRV - File not found [Auto | Stopped] -- -- (RTHDMIAzAudService)
SRV - File not found [Auto | Stopped] -- -- (rpskt)
SRV - File not found [Auto | Stopped] -- -- (rkhdrv31)
SRV - File not found [Auto | Stopped] -- -- (RivaTuner32)
SRV - File not found [Auto | Stopped] -- -- (rismxdp)
SRV - File not found [Auto | Stopped] -- -- (rimusb)
SRV - File not found [Auto | Stopped] -- -- (rimmptsk)
SRV - File not found [Auto | Stopped] -- -- (revudfservice)
SRV - File not found [Auto | Stopped] -- -- (REVOSENS)
SRV - File not found [Auto | Stopped] -- -- (regsrvc)
SRV - File not found [Auto | Stopped] -- -- (raysatxsi5_0server)
SRV - File not found [Auto | Stopped] -- -- (radclock)
SRV - File not found [Auto | Stopped] -- -- (QWAVE)
SRV - File not found [Auto | Stopped] -- -- (qmofiltr)
SRV - File not found [Auto | Stopped] -- -- (ql2100)
SRV - File not found [Auto | Stopped] -- -- (qconsvc)
SRV - File not found [Auto | Stopped] -- -- (qcmerced)
SRV - File not found [Auto | Stopped] -- -- (pwd_2K)
SRV - File not found [Auto | Stopped] -- -- (PTDCMdm)
SRV - File not found [Auto | Stopped] -- -- (psasrv)
SRV - File not found [Auto | Stopped] -- -- (psadd)
SRV - File not found [Auto | Stopped] -- -- (procexp90)
SRV - File not found [Auto | Stopped] -- -- (pptchpad)
SRV - File not found [Auto | Stopped] -- -- (pnmsrv)
SRV - File not found [Auto | Stopped] -- -- (pmshellsrv)
SRV - File not found [Auto | Stopped] -- -- (pinnaclemarvinusb)
SRV - File not found [Auto | Stopped] -- -- (pinetmgr)
SRV - File not found [Auto | Stopped] -- -- (PID_08A0)
SRV - File not found [Auto | Stopped] -- -- (pgsql-8.0)
SRV - File not found [Auto | Stopped] -- -- (PGPwded)
SRV - File not found [Auto | Stopped] -- -- (PGPdisk)
SRV - File not found [Auto | Stopped] -- -- (pelmouse)
SRV - File not found [Auto | Stopped] -- -- (pdlndsdl)
SRV - File not found [Auto | Stopped] -- -- (pdlncbas)
SRV - File not found [Auto | Stopped] -- -- (pdengine)
SRV - File not found [Auto | Stopped] -- -- (PCISys)
SRV - File not found [Auto | Stopped] -- -- (papycpu2)
SRV - File not found [Auto | Stopped] -- -- (PAC7302)
SRV - File not found [Auto | Stopped] -- -- (p3)
SRV - File not found [Auto | Stopped] -- -- (p17xfilt)
SRV - File not found [Auto | Stopped] -- -- (p1110vid)
SRV - File not found [Auto | Stopped] -- -- (ose)
SRV - File not found [Auto | Stopped] -- -- (oraclexeclragent)
SRV - File not found [Auto | Stopped] -- -- (oracleorahomemanagementserver)
SRV - File not found [Auto | Stopped] -- -- (oracle_load_balancer_60_client-forms6i)
SRV - File not found [Auto | Stopped] -- -- (ONSIO)
SRV - File not found [Auto | Stopped] -- -- (omsad)
SRV - File not found [Auto | Stopped] -- -- (omniserv)
SRV - File not found [Auto | Stopped] -- -- (omnidrv)
SRV - File not found [Auto | Stopped] -- -- (olregcap)
SRV - File not found [Auto | Stopped] -- -- (ofcpfwsvc)
SRV - File not found [Auto | Stopped] -- -- (NWSAP)
SRV - File not found [Auto | Stopped] -- -- (nvnetbus)
SRV - File not found [Auto | Stopped] -- -- (NvNdis)
SRV - File not found [Auto | Stopped] -- -- (nvax)
SRV - File not found [Auto | Stopped] -- -- (ntgrip)
SRV - File not found [Auto | Stopped] -- -- (nsausvc)
SRV - File not found [Auto | Stopped] -- -- (npkcsvc)
SRV - File not found [Auto | Stopped] -- -- (noipducservice)
SRV - File not found [Auto | Stopped] -- -- (nocashio)
SRV - File not found [Auto | Stopped] -- -- (nmservice)
SRV - File not found [Auto | Stopped] -- -- (nlsvc)
SRV - File not found [Auto | Stopped] -- -- (nimxdfk)
SRV - File not found [Auto | Stopped] -- -- (netwg311)
SRV - File not found [Auto | Stopped] -- -- (NETw5x32)
SRV - File not found [Auto | Stopped] -- -- (ndasbus)
SRV - File not found [Auto | Stopped] -- -- (NCPro)
SRV - File not found [Auto | Stopped] -- -- (naveng)
SRV - File not found [Auto | Stopped] -- -- (naimagent32)
SRV - File not found [Auto | Stopped] -- -- (mwsejcap)
SRV - File not found [Auto | Stopped] -- -- (mvserver)
SRV - File not found [Auto | Stopped] -- -- (MTDVC2_ENUM)
SRV - File not found [Auto | Stopped] -- -- (MSW_USB)
SRV - File not found [Auto | Stopped] -- -- (mssql$microsoftbcm)
SRV - File not found [Auto | Stopped] -- -- (msmframework)
SRV - File not found [Auto | Stopped] -- -- (mrvw245)
SRV - File not found [Auto | Stopped] -- -- (MRV6X32P)
SRV - File not found [Auto | Stopped] -- -- (mrpostman)
SRV - File not found [Auto | Stopped] -- -- (MRESP50)
SRV - File not found [Auto | Stopped] -- -- (MRENDIS5)
SRV - File not found [Auto | Stopped] -- -- (mpfirewl)
SRV - File not found [Auto | Stopped] -- -- (MobilePreInstallerService)
SRV - File not found [Auto | Stopped] -- -- (mmc_2K)
SRV - File not found [Auto | Stopped] -- -- (mlkkbdntdriver)
SRV - File not found [Auto | Stopped] -- -- (mksupdateint)
SRV - File not found [Auto | Stopped] -- -- (mi-raysat_3dsMax2008_32)
SRV - File not found [Auto | Stopped] -- -- (minilog)
SRV - File not found [Auto | Stopped] -- -- (mgisvr)
SRV - File not found [Auto | Stopped] -- -- (mfebopk)
SRV - File not found [Auto | Stopped] -- -- (merakpop3)
SRV - File not found [Auto | Stopped] -- -- (MegaSR)
SRV - File not found [Auto | Stopped] -- -- (mcupdmgr.exe)
SRV - File not found [Auto | Stopped] -- -- (mcsysmon)
SRV - File not found [Auto | Stopped] -- -- (mcnasvc)
SRV - File not found [Auto | Stopped] -- -- (mcdbus)
SRV - File not found [Auto | Stopped] -- -- (McciCMService)
SRV - File not found [Auto | Stopped] -- -- (mcafeeantispyware)
SRV - File not found [Auto | Stopped] -- -- (marvinbus)
SRV - File not found [Auto | Stopped] -- -- (Maplom)
SRV - File not found [Auto | Stopped] -- -- (MA_CMIDI)
SRV - File not found [Auto | Stopped] -- -- (lxdj_device)
SRV - File not found [Auto | Stopped] -- -- (lwwlicenseservice)
SRV - File not found [Auto | Stopped] -- -- (lvprcsrv)
SRV - File not found [Auto | Stopped] -- -- (logonsvcid)
SRV - File not found [Auto | Stopped] -- -- (LMIRfsDriver)
SRV - File not found [Auto | Stopped] -- -- (lktimesync)
SRV - File not found [Auto | Stopped] -- -- (konfig)
SRV - File not found [Auto | Stopped] -- -- (KMWDFilter)
SRV - File not found [Auto | Stopped] -- -- (k750mdm)
SRV - File not found [Auto | Stopped] -- -- (k750mdfl)
SRV - File not found [Auto | Stopped] -- -- (jtagserver)
SRV - File not found [Auto | Stopped] -- -- (ixiaendpoint)
SRV - File not found [Auto | Stopped] -- -- (IWCA)
SRV - File not found [Auto | Stopped] -- -- (iviregmgr)
SRV - File not found [Auto | Stopped] -- -- (ISODrive)
SRV - File not found [Auto | Stopped] -- -- (isdrv120)
SRV - File not found [Auto | Stopped] -- -- (irmon)
SRV - File not found [Auto | Stopped] -- -- (ireike)
SRV - File not found [Auto | Stopped] -- -- (IntuitUpdateService)
SRV - File not found [Auto | Stopped] -- -- (int15)
SRV - File not found [Auto | Stopped] -- -- (inspect)
SRV - File not found [Auto | Stopped] -- -- (imagesrv)
SRV - File not found [Auto | Stopped] -- -- (ilicensesvc)
SRV - File not found [Auto | Stopped] -- -- (igateway)
SRV - File not found [Auto | Stopped] -- -- (idebusdr)
SRV - File not found [Auto | Stopped] -- -- (iaimtv3)
SRV - File not found [Auto | Stopped] -- -- (iaimfp4)
SRV - File not found [Auto | Stopped] -- -- (iaantmon)
SRV - File not found [Auto | Stopped] -- -- (HWSCtrl)
SRV - File not found [Auto | Stopped] -- -- (hsxhwazl)
SRV - File not found [Auto | Stopped] -- -- (hsvcmod)
SRV - File not found [Auto | Stopped] -- -- (hsf_msft)
SRV - File not found [Auto | Stopped] -- -- (HPFXBULK)
SRV - File not found [Auto | Stopped] -- -- (Hotkey)
SRV - File not found [Auto | Stopped] -- -- (hidbatt)
SRV - File not found [Auto | Stopped] -- -- (helpsvc)
SRV - File not found [Auto | Stopped] -- -- (hcf_msft)
SRV - File not found [Auto | Stopped] -- -- (HBtnKey)
SRV - File not found [Auto | Stopped] -- -- (ha20x2k)
SRV - File not found [Auto | Stopped] -- -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- -- (gupdatem) Google Update-service (gupdatem)
SRV - File not found [Auto | Stopped] -- -- (gupdate) Google Updateservice (gupdate)
SRV - File not found [Auto | Stopped] -- -- (GTWModem)
SRV - File not found [Auto | Stopped] -- -- (govsrv)
SRV - File not found [Auto | Stopped] -- -- (GoBack2K)
SRV - File not found [Auto | Stopped] -- -- (FVNETusb)
SRV - File not found [Auto | Stopped] -- -- (fuj02b1)
SRV - File not found [Auto | Stopped] -- -- (ftpqueue)
SRV - File not found [Auto | Stopped] -- -- (forcewarewebinterface)
SRV - File not found [Auto | Stopped] -- -- (FontCache3.0.0.0.)
SRV - File not found [Auto | Stopped] -- -- (fingrd32)
SRV - File not found [Auto | Stopped] -- -- (FETNDIS)
SRV - File not found [Auto | Stopped] -- -- (fallback)
SRV - File not found [Auto | Stopped] -- -- (fa_scheduler)
SRV - File not found [Auto | Stopped] -- -- (F700iob)
SRV - File not found [Auto | Stopped] -- -- (EPSON_EB_RPCV4_01)
SRV - File not found [Auto | Stopped] -- -- (EpmPsd)
SRV - File not found [Auto | Stopped] -- -- (enethusb)
SRV - File not found [Auto | Stopped] -- -- (emupia)
SRV - File not found [Auto | Stopped] -- -- (emu10k1)
SRV - File not found [Auto | Stopped] -- -- (ELhid)
SRV - File not found [Auto | Stopped] -- -- (EL2000)
SRV - File not found [Auto | Stopped] -- -- (ec2007service)
SRV - File not found [Auto | Stopped] -- -- (eamon)
SRV - File not found [Auto | Stopped] -- -- (EACSys)
SRV - File not found [Auto | Stopped] -- -- (dvpapi)
SRV - File not found [Auto | Stopped] -- -- (DSI_SiUSBXp_3_1)
SRV - File not found [Auto | Stopped] -- -- (dot4print)
SRV - File not found [Auto | Stopped] -- -- (dlcf_device)
SRV - File not found [Auto | Stopped] -- -- (dladresn)
SRV - File not found [Auto | Stopped] -- -- (dlacdbhm)
SRV - File not found [Auto | Stopped] -- -- (digictrl)
SRV - File not found [Auto | Stopped] -- -- (DfwWebAgent)
SRV - File not found [Auto | Stopped] -- -- (defragfs)
SRV - File not found [Auto | Stopped] -- -- (Defrag32b)
SRV - File not found [Auto | Stopped] -- -- (dcsloader)
SRV - File not found [Auto | Stopped] -- -- (DCamUSBSQTECH)
SRV - File not found [Auto | Stopped] -- -- (DCamUSBGrandTek)
SRV - File not found [Auto | Stopped] -- -- (CYGF32X)
SRV - File not found [Auto | Stopped] -- -- (CXTUNE)
SRV - File not found [Auto | Stopped] -- -- (cwcspud)
SRV - File not found [Auto | Stopped] -- -- (cwafadmincontroller)
SRV - File not found [Auto | Stopped] -- -- (cvsnt)
SRV - File not found [Auto | Stopped] -- -- (CVirtA)
SRV - File not found [Auto | Stopped] -- -- (ctxcpuusync)
SRV - File not found [Auto | Stopped] -- -- (ctprxy2k)
SRV - File not found [Auto | Stopped] -- -- (CTHWIUT.DLL)
SRV - File not found [Auto | Stopped] -- -- (CTDevice_Srv)
SRV - File not found [Auto | Stopped] -- -- (CSRBC)
SRV - File not found [Auto | Stopped] -- -- (cpqnicmgmt)
SRV - File not found [Auto | Stopped] -- -- (cpqdfw)
SRV - File not found [Auto | Stopped] -- -- (cpntsrv)
SRV - File not found [Auto | Stopped] -- -- (CnxTrUsb)
SRV - File not found [Auto | Stopped] -- -- (cmudau)
SRV - File not found [Auto | Stopped] -- -- (clsched)
SRV - File not found [Auto | Stopped] -- -- (ClntMgmt.sys)
SRV - File not found [Auto | Stopped] -- -- (clnt_clientman)
SRV - File not found [Auto | Stopped] -- -- (cidaemon)
SRV - File not found [Auto | Stopped] -- -- (cfosspeed)
SRV - File not found [Auto | Stopped] -- -- (cercsr6)
SRV - File not found [Auto | Stopped] -- -- (cdrbsdrv)
SRV - File not found [Auto | Stopped] -- -- (ccpwdsvc)
SRV - File not found [Auto | Stopped] -- -- (carboniteservice)
SRV - File not found [Auto | Stopped] -- -- (ca-messagequeuing)
SRV - File not found [Auto | Stopped] -- -- (bwmservice)
SRV - File not found [Auto | Stopped] -- -- (bwcsrv)
SRV - File not found [Auto | Stopped] -- -- (btwdndis)
SRV - File not found [Auto | Stopped] -- -- (btwaudio)
SRV - File not found [Auto | Stopped] -- -- (btfirst)
SRV - File not found [Auto | Stopped] -- -- (BrUsbSer)
SRV - File not found [Auto | Stopped] -- -- (BrPar)
SRV - File not found [Auto | Stopped] -- -- (botcbs)
SRV - File not found [Auto | Stopped] -- -- (blueletscoaudio)
SRV - File not found [Auto | Stopped] -- -- (belgium_id_card_service)
SRV - File not found [Auto | Stopped] -- -- (bdselfpr)
SRV - File not found [Auto | Stopped] -- -- (bdpredir)
SRV - File not found [Auto | Stopped] -- -- (BcmSqlStartupSvc)
SRV - File not found [Auto | Stopped] -- -- (bcftdi)
SRV - File not found [Auto | Stopped] -- -- (bc_pat_f)
SRV - File not found [Auto | Stopped] -- -- (bc_ip_f)
SRV - File not found [Auto | Stopped] -- -- (basic2)
SRV - File not found [Auto | Stopped] -- -- (backupexecnamingservice)
SRV - File not found [Auto | Stopped] -- -- (backupexecdevicemediaservice)
SRV - File not found [Auto | Stopped] -- -- (backupexecalertserver)
SRV - File not found [Auto | Stopped] -- -- (b57w2k)
SRV - File not found [Auto | Stopped] -- -- (awhost32)
SRV - File not found [Auto | Stopped] -- -- (avupdsvc)
SRV - File not found [Auto | Stopped] -- -- (avidsdmservice)
SRV - File not found [Auto | Stopped] -- -- (avg7updsvc)
SRV - File not found [Auto | Stopped] -- -- (avg7rsw)
SRV - File not found [Auto | Stopped] -- -- (avg7core)
SRV - File not found [Auto | Stopped] -- -- (AVerBDA)
SRV - File not found [Auto | Stopped] -- -- (avcgbdr)
SRV - File not found [Auto | Stopped] -- -- (autocomplete)
SRV - File not found [Auto | Stopped] -- -- (ATMsg)
SRV - File not found [Auto | Stopped] -- -- (atitunep)
SRV - File not found [Auto | Stopped] -- -- (ati2mtaa)
SRV - File not found [Auto | Stopped] -- -- (AtcL002)
SRV - File not found [Auto | Stopped] -- -- (aswtdi)
SRV - File not found [Auto | Stopped] -- -- (aswlsvc)
SRV - File not found [Auto | Stopped] -- -- (AsusACPI)
SRV - File not found [Auto | Stopped] -- -- (asmagent)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (aolavupd)
SRV - File not found [Auto | Stopped] -- -- (anio)
SRV - File not found [Auto | Stopped] -- -- (amoagent)
SRV - File not found [Auto | Stopped] -- -- (amdk77)
SRV - File not found [Auto | Stopped] -- -- (alertservice)
SRV - File not found [Auto | Stopped] -- -- (alcaudsl)
SRV - File not found [Auto | Stopped] -- -- (AFGSp50)
SRV - File not found [Auto | Stopped] -- -- (aeaudio)
SRV - File not found [Auto | Stopped] -- -- (adpu320)
SRV - File not found [Auto | Stopped] -- -- (admjoy)
SRV - File not found [Auto | Stopped] -- -- (AdfuUd)
SRV - File not found [Auto | Stopped] -- -- (adaptecstoragemanageragent)
SRV - File not found [Auto | Stopped] -- -- (aamqdispatcher)
SRV - File not found [Auto | Stopped] -- -- (A88xTuner)
SRV - File not found [Auto | Stopped] -- -- ({85ccb53b-23d8-4e73-b1b7-9ddb71827d9b})
SRV - [2012-03-07 20:36:39 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010-07-16 16:23:30 | 006,638,080 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Samsung PC Share Manager\WiselinkPro.exe -- (AllShare)
SRV - [2009-05-17 05:16:24 | 000,041,984 | --S- | M] (BitMicro Software Corporation) [Auto | Stopped] -- C:\Program Files\RapidBIT\cisvc.exe -- (FlexService)
SRV - [2007-02-02 14:35:06 | 001,235,032 | ---- | M] (Famatech International Corp.) [Auto | Running] -- C:\WINDOWS\System32\rserver30\RServer3.exe -- (RServer3)
SRV - [2004-09-22 22:17:18 | 000,815,104 | ---- | M] (Grant Averett) [Auto | Running] -- C:\Program Files\Cerberus\Cerberus.exe -- (Cerberus FTP Server)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZDPNDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ZDCndis5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCLEPCI)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PCANDIS5)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (FXDrv32)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011-10-04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-07-11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2009-10-05 10:08:42 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2008-04-13 23:16:10 | 000,049,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mstape.sys -- (MSTAPE)
DRV - [2008-04-13 23:16:08 | 000,013,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2007-05-31 08:19:22 | 000,096,896 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-03-02 21:53:19 | 001,972,224 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007-03-01 10:27:26 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-02-02 14:54:26 | 000,041,176 | ---- | M] (Famatech International Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\rserver30\raddrvv3.sys -- (raddrvv3)
DRV - [2006-11-01 04:01:56 | 000,003,328 | ---- | M] (Famatech International Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rminiv3.sys -- (mirrorv3)
DRV - [2006-10-13 09:16:36 | 000,081,664 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006-01-18 13:09:40 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2005-12-22 13:45:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2004-10-08 15:58:00 | 000,751,104 | ---- | M] (Asus) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap713x.sys -- (Cap713x)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-stuurprogramma voor Realtek RTL8139(A/B/C)
DRV - [2004-03-10 15:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
IE - HKCU\..\SearchScopes,DefaultScope = {15457935-CDA2-498D-ABA2-BB3E0C6C9604}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{15457935-CDA2-498D-ABA2-BB3E0C6C9604}: "URL" = http://www.google.nl/search?hl=nl&rlz=1G1GGLQ_NLNL286&q={searchTerms}&meta=
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={99458DB6-A93D-4CD5-9080-E4B745F94197}&mid=2d27e4ca70d547d188f7d129f5d83e53-f1b8bc111bf0aabc6f2beb9a758fe9843f208faa&lang=nl&ds=AVG&pr=fr&d=2012-03-07 20:36:41&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.nl"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ [2012-03-07 20:35:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-03-07 20:36:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012-03-07 20:36:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-02 21:53:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-03 19:46:48 | 000,000,000 | ---D | M]

[2008-08-16 13:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Extensions
[2012-02-05 13:43:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\3jf689pd.default\extensions
[2009-09-12 11:20:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\3jf689pd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-02-07 11:42:51 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\3jf689pd.default\extensions\firefox@tvunetworks.com
[2012-02-05 13:43:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-31 22:05:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011-04-03 09:41:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-07-01 18:31:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-02-04 14:31:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012-03-07 20:35:39 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX
[2008-12-02 19:06:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-03-11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2010-03-11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2010-03-11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2010-03-11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2011-11-10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-03-11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2010-03-11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012-03-07 20:36:37 | 000,003,747 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011-02-05 10:17:10 | 000,001,890 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2011-02-05 10:17:10 | 000,004,558 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2011-02-05 10:17:10 | 000,001,111 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\vandale-nl.xml
[2011-02-05 10:17:10 | 000,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml
[2011-02-05 10:17:10 | 000,000,802 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-nl.xml

arnoldkooiker · Mar 9, 2012

OTL rescan - part 3

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\Application\17.0.963.78\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\WINDOWS\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\

O1 HOSTS File: ([2012-03-07 08:57:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Lexmark 3100 Series] C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [LXBRKsk] C:\Program Files\Lexmark 3100 Series\lxbrksk.exe ( )
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\Winampa.exe ()
O4 - HKCU..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/43.10/uploader2.cab (UploadListView Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1112288959018 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52503A0F-5C0B-42B1-B77D-EFE140159F74}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A80290E0-1513-4894-83AE-BAB9896987DB}: NameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\rserver30\r3god.dll) - C:\WINDOWS\system32\rserver30\R3GOD.DLL ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Application Data\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Application Data\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-03-31 17:08:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007-01-06 16:59:44 | 000,000,095 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-03-09 20:25:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-03-09 20:23:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-03-07 21:07:29 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Bureaublad\OTL.exe
[2012-03-07 20:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\AVG2012
[2012-03-07 20:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\AVG 2012
[2012-03-07 20:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Application Data\AVG Secure Search
[2012-03-07 20:36:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012-03-07 20:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012-03-07 20:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012-03-07 20:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012-03-07 20:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012-03-07 08:26:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012-03-07 08:24:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012-03-07 08:24:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012-03-07 08:24:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012-03-07 08:24:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012-03-07 08:24:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012-03-07 08:24:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-03-07 08:01:40 | 009,601,504 | ---- | C] (OPSWAT, Inc.) -- C:\Documents and Settings\user\Bureaublad\AppRemover.exe
[2012-03-07 07:49:52 | 004,428,059 | R--- | C] (Swearware) -- C:\Documents and Settings\user\Bureaublad\ComboFix.exe
[2012-03-05 19:54:13 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Documents and Settings\user\Bureaublad\boot_cleaner.exe
[2012-03-05 19:08:01 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Documents and Settings\user\Bureaublad\aswMBR.exe
[2012-03-05 11:24:50 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Bureaublad\TDSSKiller.exe
[2012-03-04 14:58:32 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\user\Bureaublad\dds.scr
[2012-03-04 14:35:53 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureaublad\Malwarebytes' Anti-Malware mbam--setup-1.60.1.1000.exe
[2012-03-01 22:26:03 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-03-01 22:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-02-29 22:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Anti virus, malware
[2012-02-29 22:30:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Menu Start\Programma's\Anti virus, malware
[2012-02-29 22:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-02-20 23:19:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8

========== Files - Modified Within 30 Days ==========

[2012-03-09 21:18:00 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006UA.job
[2012-03-09 20:30:02 | 000,000,023 | ---- | M] () -- C:\WINDOWS\FLASHKSK.INI
[2012-03-09 20:29:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-03-09 20:07:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-03-09 19:57:06 | 091,239,739 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012-03-09 19:53:18 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-03-07 21:07:25 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Bureaublad\OTL.exe
[2012-03-07 08:57:38 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-03-07 08:26:44 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012-03-07 08:02:05 | 009,601,504 | ---- | M] (OPSWAT, Inc.) -- C:\Documents and Settings\user\Bureaublad\AppRemover.exe
[2012-03-07 07:59:50 | 000,000,448 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2012-03-07 07:58:36 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2012-03-07 07:49:59 | 004,428,059 | R--- | M] (Swearware) -- C:\Documents and Settings\user\Bureaublad\ComboFix.exe
[2012-03-05 19:53:15 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\user\Bureaublad\bootkit_remover.zip
[2012-03-05 19:49:46 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\user\Bureaublad\MBR.dat
[2012-03-05 19:08:04 | 004,730,880 | ---- | M] (AVAST Software) -- C:\Documents and Settings\user\Bureaublad\aswMBR.exe
[2012-03-05 11:24:50 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\user\Bureaublad\TDSSKiller.exe
[2012-03-04 15:18:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3106237358-2718937594-2690874173-1006Core.job
[2012-03-04 14:58:15 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\user\Bureaublad\dds.scr
[2012-03-04 13:34:00 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\user\Bureaublad\GMER-gntotgos.exe
[2012-03-01 22:23:43 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\user\Bureaublad\Malwarebytes' Anti-Malware mbam--setup-1.60.1.1000.exe
[2012-02-29 19:19:58 | 000,145,086 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012-02-25 17:14:23 | 000,001,065 | ---- | M] () -- C:\WINDOWS\winamp.ini
[2012-02-21 19:51:49 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk
[2012-02-16 19:58:25 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Gemeente Enschede Citrix Portal - CSG4.url
[2012-02-15 21:15:30 | 000,001,888 | ---- | M] () -- C:\WINDOWS\goldwave.ini
[2012-02-15 21:14:44 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-02-15 11:12:39 | 000,204,288 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-15 08:57:31 | 000,650,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-14 23:22:44 | 000,509,338 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2012-02-14 23:22:44 | 000,441,552 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-02-14 23:22:44 | 000,091,014 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2012-02-14 23:22:44 | 000,071,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-02-12 20:51:53 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\user\Mijn documenten\PDVD_MediaDisc.PlayList
[2012-02-11 12:29:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012-02-09 19:53:56 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2012-03-09 20:19:22 | 000,456,948 | ---- | C] () -- C:\Documents and Settings\user\Bureaublad\GrantPerms.exe
[2012-03-07 08:26:44 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012-03-07 08:26:40 | 000,261,936 | RHS- | C] () -- C:\cmldr
[2012-03-07 08:24:17 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-03-07 08:24:17 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-03-07 08:24:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-03-07 08:24:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-03-07 08:24:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-03-05 19:53:17 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\user\Bureaublad\bootkit_remover.zip
[2012-03-05 19:49:46 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\user\Bureaublad\MBR.dat
[2012-03-04 13:33:59 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\user\Bureaublad\GMER-gntotgos.exe
[2012-02-14 19:50:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-02-14 19:50:25 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011-04-27 21:41:36 | 000,286,720 | ---- | C] () -- C:\Documents and Settings\user\Application Data\fontdb.mdb
[2011-02-23 02:53:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011-02-12 10:21:43 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2011-02-12 10:21:43 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2011-02-12 10:20:10 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2011-02-12 10:20:10 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2011-02-12 10:20:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2011-02-12 10:20:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nsprs.dll
[2011-01-12 20:30:13 | 000,160,361 | ---- | C] () -- C:\WINDOWS\Sqirlz Morph Uninstaller.exe
[2010-11-19 20:47:23 | 000,124,088 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010-04-12 10:50:20 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\PDF2IMG.dat
[2010-03-16 21:34:03 | 000,003,633 | ---- | C] () -- C:\WINDOWS\iexplore.ini

========== LOP Check ==========

[2012-03-07 20:36:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012-03-07 20:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2010-11-16 10:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012-02-03 19:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2012-01-14 17:44:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010-07-31 13:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Net
[2010-08-12 19:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hema Album Software Advanced
[2012-03-09 19:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008-08-20 22:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008-09-14 10:15:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WebDrive
[2010-04-17 12:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-05-15 21:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010-01-24 21:48:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2008-09-02 20:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\.ABC
[2012-03-07 20:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVG Secure Search
[2012-03-07 20:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\AVG2012
[2011-03-13 13:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Belastingdienst
[2011-04-27 21:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\BorWare
[2010-07-31 13:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\DAEMON Tools Net
[2012-01-14 18:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Ehg
[2012-01-23 20:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Heri
[2008-08-26 19:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\ICAClient
[2008-09-14 13:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\IrfanView
[2010-12-13 20:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\LimeWire
[2011-05-16 19:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Application Data\Octoshape

========== Purity Check ==========

< End of report >

Solved AVG keeps finding Trojan horse Crypt.AQLW infections and Win32/Sireref.ER Malware

Posts: 22 +0

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 22 +0

Posts: 22 +0

Posts: 22 +0

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 56,041 +516

Posts: 22 +0

Posts: 22 +0

Posts: 22 +0

Similar threads