Solved Since a week or so my PC starts freezing

Status
Not open for further replies.

Adilost

Posts: 28   +0
(I Hope this is the correct forum, since all HiJackThis logs go here as I have read in the specific topic about this. But I also saw the topic for freezing, so my apologize if not right)


Dear Members,

First let my introduce myself and a little bit of my system.
I go by the name Adilost, and I live in The Netherlands.

I have recently signed up after I have read every related topic to my problem in this forum. I have tried several things as mentioned in some topics. But after not having success with anything I have tried, I'm clueless. Unfortunately for me, I don't now how to work with HiJackThis or the Process to execute some things. So I was hoping that somebody guide me with it. Maybe you have might came across the same in the past. I would really appreciate any kind of help. Guess I'm a noob when it comes to this sort of things.

My PC Setup:
Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz, 2199 Mhz
Speed: 2.20GHz 1,99 GB

System :
Microsoft Windows XP Professional Version 2002
Service Pack 3


Here is the Deal:
It has caught my attention that my PC freezes since a week or so.
It also caught my attention that most of these “freeze” moments happen within 12 hours, or sometimes almost exactly 12 hours later. It sounds weird right?

When this happens, I have to reboot my system.. Every time. It is very annoying. Sometimes it happens while I'm working on my PC on something, the other times I leave for diner, sport, and when I come back, No reaction from my PC.. Frozen.

Things I have tried so far:
First I have scanned my PC with a tool called Ccleaner to scan & clean/remove/repair broken of missing register files.

I have updated and scanned my whole PC with AVG Anti-Virus 9. No results of any kind of Virus of so according to the Log file.

I have set back my System to 2 January of 2011 using System Recovery, did a Ccleaner & AVG scan again. In both cases the results where clean again. Still the PC keeps Freezing. Then I started to install every Program one after one again who where installed between the 2nd of January to a few days ago. This also resulted to nothing.

I have made & attached a HiJackThis log file as described in the “How to post your Hijackthis log-file as an ATTACHMENT” topic. Also if it might come in handy I have made a fast scan of my system using Malwarebytes Anti-Malware, you can find the log file also in the attachment.
Hope I have gave you guys enough info on the subject. If not, please tell what you need to know & I’ll post it for you.


Looking forward for any kind of help.

Much love from Holland!
 

Attachments

  • hijackthis.log
    7.2 KB · Views: 1
  • mbam-log-2011-01-25 (00-57-29).txt
    1 KB · Views: 1
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Thank you Broni for the quick reply. I really appreciate it.

I've checked the link you have posted in your reply & observed the rules attached to it. Since it is 04:18 in the morning here, it is gonna be the first thing I am gonna do when I'm back from work.

I'll keep you posted..

Cheers!
 
So finally I'm home & I have downloaded and followed the Instructions on how to use the programs on that page, and save the logs so that i can Copy & Paste them here..

Here are the logs:
================================================================

Malwarebytes Anti-Malware log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

25-1-2011 0:57:29
mbam-log-2011-01-25 (00-57-29).txt

Scantype: Snelle scan
Objecten gescand: 123321
Verstreken tijd: 9 minuut/minuten, 0 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)


GMER log

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-25 16:05:37
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 Maxtor_6Y120L0 rev.YAR41BW0
Running: mscnloxf.exe; Driver: C:\DOCUME~1\Mr.A\LOCALS~1\Temp\uwldrpod.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwEnumerateKey [0xB9EC3FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xB9EC4340]

Code BA7E3C9C ZwRequestPort
Code BA7E3D3C ZwRequestWaitReplyPort
Code BA7E3BFC ZwTraceEvent
Code BA7E3C9B NtRequestPort
Code BA7E3D3B NtRequestWaitReplyPort
Code BA7E3BFB NtTraceEvent

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi \Device\Ide\IdePort0 [B9E11B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [B9E11B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E11B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9E11B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [B9E11B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\aicajms7 \Device\Scsi\aicajms71Port4Path0Target0Lun0 89B905F8
Device \Driver\aicajms7 \Device\Scsi\aicajms71 89B905F8
Device \FileSystem\Ntfs \Ntfs 89E3B1E8
Device \FileSystem\Fastfat \Fat 89AFA1E8

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- EOF - GMER 1.0.15 ----


DDS logs: both DDS.txt and Attach.txt

DDS.txt

DDS (Ver_10-12-12.02) - NTFSx86
Run by Mr.A at 16:10:08,53 on di 25-01-2011
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2037.1321 [GMT 1:00]

AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PreSonus\1394AudioDriver_FireBox\FireBox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Mr.A\Bureaublad\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.nl/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [M-Audio Taskbar Icon] c:\windows\system32\M-AudioTaskBarIcon.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [TaskTray]
mRun: [RTHDCPL] RTHDCPL.EXE
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\firebo~1.lnk - c:\program files\presonus\1394audiodriver_firebox\FireBox.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: kuaiche.com\software
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1282520467703
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mr.a\applic~1\mozilla\firefox\profiles\dypji23t.default\
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}

============= SERVICES / DRIVERS ===============

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-8-22 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-8-22 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-8-22 29584]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-8-22 243024]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-8-23 308136]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-11-16 304464]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2008-11-21 3706880]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [2011-1-21 40576]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-16 20952]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-7-4 119016]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-1-23 1691480]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 MASONODFU;M-Audio Axiom Pro DFU Driver;c:\windows\system32\drivers\MAudioAxiomProDFU.sys [2010-8-24 23048]
S3 MAUSBMS;Service for M-Audio Axiom Pro;c:\windows\system32\drivers\mausbop.sys [2010-8-24 145544]
S3 wxpSvc;webcamXP Service;c:\program files\wlite\wService.exe [2010-5-2 5027328]

=============== Created Last 30 ================

2011-01-25 00:27:54 -------- d-----w- c:\docume~1\mr.a\locals~1\applic~1\Identities
2011-01-25 00:02:37 388096 ----a-r- c:\docume~1\mr.a\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-01-25 00:02:34 -------- d-----w- c:\program files\Trend Micro
2011-01-23 22:33:17 107864 ----a-w- c:\windows\system32\tsccvid.dll
2011-01-23 22:32:24 -------- d-----w- c:\program files\common files\TechSmith Shared
2011-01-23 22:30:18 -------- d-----w- c:\windows\system32\RTCOM
2011-01-21 13:22:53 40576 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2011-01-21 13:22:53 -------- d-----w- c:\program files\Virtual Audio Cable
2011-01-21 13:19:20 -------- d-----w- c:\program files\Driver-Soft
2011-01-21 13:02:45 -------- d--h--r- c:\documents and settings\mr.a\Onlangs geopend
2011-01-21 12:24:15 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-01-21 12:24:15 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-20 02:36:38 -------- d-----w- c:\docume~1\mr.a\locals~1\applic~1\TechSmith
2011-01-18 17:44:12 -------- d-----w- c:\docume~1\mr.a\applic~1\Toolbar4
2011-01-10 20:10:38 -------- d-----w- c:\program files\Beat Kangz
2010-12-31 00:58:35 -------- d-----w- c:\docume~1\alluse~1\applic~1\Waves Audio
2010-12-30 23:58:44 -------- d-----w- c:\program files\Focusrite

==================== Find3M ====================

2011-01-22 16:47:40 224 ----a-w- c:\windows\system32\msvcsv60.dll
2010-12-13 14:06:33 18819 ----a-w- c:\windows\system32\privatedata.dll
2010-11-29 18:18:34 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-11-23 02:07:04 69632 ----a-w- c:\windows\system32\FxShared.dll
2010-11-23 02:07:04 69632 ----a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2010-11-18 18:15:46 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:37 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-05 05:02:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-11-05 05:02:51 670208 ----a-w- c:\windows\system32\wininet.dll
2010-11-05 05:02:51 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-11-05 04:59:37 371712 ------w- c:\windows\system32\html.iec
2010-10-28 13:09:50 290048 ----a-w- c:\windows\system32\atmfd.dll

============= FINISH: 16:11:00,03 ===============


Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 22-8-2010 16:28:38
System Uptime: 25-1-2011 15:48:32 (1 hours ago)

Motherboard: Foxconn | | G31MX Series
Processor: Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz | Socket 775 | 2199/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 114 GiB total, 50,559 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 162,095 GiB free.
G: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Realtek High Definition Audio
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_105B0DF7&REV_1001\4&51EF24C&0&0201
Manufacturer: Realtek
Name: Realtek High Definition Audio
PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_105B0DF7&REV_1001\4&51EF24C&0&0201
Service: IntcAzAudAddService

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_0DF7105B&REV_01\4&2AD917F4&0&00E1
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek PCIe GBE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_0DF7105B&REV_01\4&2AD917F4&0&00E1
Service: RTLE8023xp

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394-netwerkkaart
Device ID: V1394\NIC1394\300176920000000
Manufacturer: Microsoft
Name: 1394-netwerkkaart
PNP Device ID: V1394\NIC1394\300176920000000
Service: NIC1394

==== System Restore Points ===================

RP143: 28-10-2010 10:27:45 - Controlepunt van systeem
RP144: 29-10-2010 11:22:20 - Controlepunt van systeem
RP145: 30-10-2010 12:22:19 - Controlepunt van systeem
RP146: 31-10-2010 12:22:23 - Controlepunt van systeem
RP147: 1-11-2010 16:01:18 - Controlepunt van systeem
RP148: 2-11-2010 19:26:02 - Controlepunt van systeem
RP149: 3-11-2010 19:30:27 - Controlepunt van systeem
RP150: 4-11-2010 20:23:39 - Controlepunt van systeem
RP151: 5-11-2010 21:12:40 - Controlepunt van systeem
RP152: 6-11-2010 22:12:42 - Controlepunt van systeem
RP153: 7-11-2010 23:04:59 - Controlepunt van systeem
RP154: 9-11-2010 2:51:32 - Controlepunt van systeem
RP155: 9-11-2010 23:34:19 - Software Distribution Service 3.0
RP156: 10-11-2010 8:53:52 - Avg Update
RP157: 10-11-2010 8:54:08 - Avg Update
RP158: 11-11-2010 9:24:11 - Controlepunt van systeem
RP159: 12-11-2010 10:24:12 - Controlepunt van systeem
RP160: 13-11-2010 11:24:09 - Controlepunt van systeem
RP161: 14-11-2010 12:25:08 - Controlepunt van systeem
RP162: 15-11-2010 14:55:46 - Controlepunt van systeem
RP163: 16-11-2010 18:59:47 - Controlepunt van systeem
RP164: 17-11-2010 19:47:58 - Controlepunt van systeem
RP165: 18-11-2010 20:12:33 - Controlepunt van systeem
RP166: 19-11-2010 20:24:55 - Controlepunt van systeem
RP167: 20-11-2010 20:25:57 - Controlepunt van systeem
RP168: 21-11-2010 21:24:52 - Controlepunt van systeem
RP169: 22-11-2010 22:24:53 - Controlepunt van systeem
RP170: 22-11-2010 23:14:00 - Installed MacDrive 8
RP171: 23-11-2010 2:45:48 - Removed MacDrive 8
RP172: 24-11-2010 2:48:18 - Controlepunt van systeem
RP173: 25-11-2010 4:19:51 - Controlepunt van systeem
RP174: 25-11-2010 9:24:01 - Avg Update
RP175: 25-11-2010 9:24:52 - Avg Update
RP176: 26-11-2010 9:52:49 - Controlepunt van systeem
RP177: 27-11-2010 10:52:42 - Controlepunt van systeem
RP178: 28-11-2010 11:52:42 - Controlepunt van systeem
RP179: 29-11-2010 12:22:40 - Controlepunt van systeem
RP180: 30-11-2010 18:43:46 - Controlepunt van systeem
RP181: 1-12-2010 19:21:00 - Controlepunt van systeem
RP182: 3-12-2010 18:16:10 - Controlepunt van systeem
RP183: 4-12-2010 18:53:57 - Controlepunt van systeem
RP184: 5-12-2010 19:27:24 - Controlepunt van systeem
RP185: 6-12-2010 20:18:18 - Controlepunt van systeem
RP186: 7-12-2010 20:43:04 - Controlepunt van systeem
RP187: 9-12-2010 2:44:48 - Controlepunt van systeem
RP188: 10-12-2010 3:07:47 - Controlepunt van systeem
RP189: 11-12-2010 4:37:33 - Controlepunt van systeem
RP190: 12-12-2010 6:17:54 - Controlepunt van systeem
RP191: 13-12-2010 6:43:02 - Controlepunt van systeem
RP192: 14-12-2010 6:48:36 - Controlepunt van systeem
RP193: 15-12-2010 7:48:34 - Controlepunt van systeem
RP194: 15-12-2010 14:01:30 - Software Distribution Service 3.0
RP195: 16-12-2010 21:02:18 - Controlepunt van systeem
RP196: 17-12-2010 21:17:28 - Controlepunt van systeem
RP197: 18-12-2010 22:16:21 - Controlepunt van systeem
RP198: 20-12-2010 2:45:03 - Controlepunt van systeem
RP199: 21-12-2010 5:21:05 - Controlepunt van systeem
RP200: 22-12-2010 6:15:56 - Controlepunt van systeem
RP201: 22-12-2010 23:34:35 - Installed Camtasia Studio 6
RP202: 24-12-2010 6:02:37 - Controlepunt van systeem
RP203: 25-12-2010 6:18:09 - Controlepunt van systeem
RP204: 25-12-2010 15:43:48 - Herstelbewerking
RP205: 26-12-2010 16:58:35 - Controlepunt van systeem
RP206: 27-12-2010 17:33:16 - Controlepunt van systeem
RP207: 28-12-2010 20:08:53 - Controlepunt van systeem
RP208: 29-12-2010 20:27:32 - Controlepunt van systeem
RP209: 30-12-2010 21:03:37 - Controlepunt van systeem
RP210: 31-12-2010 14:07:00 - Software Distribution Service 3.0
RP211: 1-1-2011 14:36:19 - Controlepunt van systeem
RP212: 2-1-2011 19:58:50 - Controlepunt van systeem
RP213: 4-1-2011 2:27:45 - Controlepunt van systeem
RP214: 5-1-2011 2:32:56 - Controlepunt van systeem
RP215: 5-1-2011 12:46:53 - Software Distribution Service 3.0
RP216: 6-1-2011 19:36:21 - Controlepunt van systeem
RP217: 7-1-2011 20:45:05 - Controlepunt van systeem
RP218: 8-1-2011 21:38:12 - Controlepunt van systeem
RP219: 9-1-2011 22:04:45 - Controlepunt van systeem
RP220: 11-1-2011 8:49:44 - Controlepunt van systeem
RP221: 12-1-2011 9:10:43 - Controlepunt van systeem
RP222: 12-1-2011 11:57:55 - Software Distribution Service 3.0
RP223: 13-1-2011 12:31:22 - Controlepunt van systeem
RP224: 14-1-2011 14:03:15 - Controlepunt van systeem
RP225: 15-1-2011 15:36:42 - Controlepunt van systeem
RP226: 16-1-2011 18:33:21 - Controlepunt van systeem
RP227: 17-1-2011 20:44:49 - Controlepunt van systeem
RP228: 18-1-2011 21:08:36 - Controlepunt van systeem
RP229: 19-1-2011 13:47:24 - 20 Jan 2K11
RP230: 19-1-2011 13:55:43 - Installed Driver Whiz.
RP231: 19-1-2011 14:25:31 - Removed Driver Whiz.
RP232: 19-1-2011 14:34:15 - Before installing new drivers - 19-1-2011 14:34:11
RP233: 19-1-2011 14:35:09 - Geïnstalleerd Realtek High Definition Audio Driver
RP234: 19-1-2011 14:57:15 - Installed Camtasia Studio 6
RP235: 20-1-2011 17:18:53 - Controlepunt van systeem
RP236: 21-1-2011 13:20:18 - Herstelbewerking
RP237: 21-1-2011 13:58:03 - Revo Uninstaller's restore point - Driver Genius Professional Edition
RP238: 21-1-2011 14:07:26 - Software Distribution Service 3.0
RP239: 21-1-2011 14:26:47 - Vrijdag Weekend Herstel Punt Index - Herstelt van 2 Januari 2011
RP240: 22-1-2011 14:48:44 - Controlepunt van systeem
RP241: 23-1-2011 19:27:10 - Controlepunt van systeem
RP242: 23-1-2011 23:29:44 - Geïnstalleerd Realtek High Definition Audio Driver
RP243: 23-1-2011 23:32:16 - Installed Camtasia Studio 6
RP244: 25-1-2011 1:02:30 - Installed HiJackThis

==== Installed Programs ======================

Addictive Drums 1.1
Addictive Drums ADpak Retro
Adobe AIR
Adobe Anchor Service CS4
Adobe Audition 3.0
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Recommended Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Extra Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.3.4 - Nederlands
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AmpegSVX
AmpliTube X-GEAR
Analog Factory HipHop 2.2.1
Antares Autotune VST v5.09
ANWIDA Soft Parametric Equalizer Pro 3.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ARC System
Arturia Prophet V VSTi RTAS v1.2.1
ASIO4ALL
µTorrent
AVG 9.0
AVOX Evo VST
Axiom Pro Cubase HyperControl
AxiomPro
BBE Sonic Sweet Bundle VST RTAS v1.0
Beveiligingsupdate voor Windows Media Player (KB2378111)
Beveiligingsupdate voor Windows Media Player (KB952069)
Beveiligingsupdate voor Windows Media Player (KB954155)
Beveiligingsupdate voor Windows Media Player (KB973540)
Beveiligingsupdate voor Windows Media Player (KB975558)
Beveiligingsupdate voor Windows Media Player (KB978695)
Beveiligingsupdate voor Windows Media Player (KB979402)
Beveiligingsupdate voor Windows XP (KB2079403)
Beveiligingsupdate voor Windows XP (KB2115168)
Beveiligingsupdate voor Windows XP (KB2121546)
Beveiligingsupdate voor Windows XP (KB2124261)
Beveiligingsupdate voor Windows XP (KB2160329)
Beveiligingsupdate voor Windows XP (KB2183461)
Beveiligingsupdate voor Windows XP (KB2229593)
Beveiligingsupdate voor Windows XP (KB2259922)
Beveiligingsupdate voor Windows XP (KB2279986)
Beveiligingsupdate voor Windows XP (KB2286198)
Beveiligingsupdate voor Windows XP (KB2290570)
Beveiligingsupdate voor Windows XP (KB2296011)
Beveiligingsupdate voor Windows XP (KB2296199)
Beveiligingsupdate voor Windows XP (KB2347290)
Beveiligingsupdate voor Windows XP (KB2360131)
Beveiligingsupdate voor Windows XP (KB2360937)
Beveiligingsupdate voor Windows XP (KB2387149)
Beveiligingsupdate voor Windows XP (KB2416400)
Beveiligingsupdate voor Windows XP (KB2419632)
Beveiligingsupdate voor Windows XP (KB2423089)
Beveiligingsupdate voor Windows XP (KB2436673)
Beveiligingsupdate voor Windows XP (KB2440591)
Beveiligingsupdate voor Windows XP (KB2443105)
Beveiligingsupdate voor Windows XP (KB923561)
Beveiligingsupdate voor Windows XP (KB923789)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB950760)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951748)
Beveiligingsupdate voor Windows XP (KB952004)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB953155)
Beveiligingsupdate voor Windows XP (KB955069)
Beveiligingsupdate voor Windows XP (KB956572)
Beveiligingsupdate voor Windows XP (KB956744)
Beveiligingsupdate voor Windows XP (KB956802)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956844)
Beveiligingsupdate voor Windows XP (KB958644)
Beveiligingsupdate voor Windows XP (KB958869)
Beveiligingsupdate voor Windows XP (KB959426)
Beveiligingsupdate voor Windows XP (KB960225)
Beveiligingsupdate voor Windows XP (KB960803)
Beveiligingsupdate voor Windows XP (KB960859)
Beveiligingsupdate voor Windows XP (KB961501)
Beveiligingsupdate voor Windows XP (KB969059)
Beveiligingsupdate voor Windows XP (KB970238)
Beveiligingsupdate voor Windows XP (KB970430)
Beveiligingsupdate voor Windows XP (KB970483)
Beveiligingsupdate voor Windows XP (KB971468)
Beveiligingsupdate voor Windows XP (KB971657)
Beveiligingsupdate voor Windows XP (KB971961)
Beveiligingsupdate voor Windows XP (KB972270)
Beveiligingsupdate voor Windows XP (KB973507)
Beveiligingsupdate voor Windows XP (KB973869)
Beveiligingsupdate voor Windows XP (KB973904)
Beveiligingsupdate voor Windows XP (KB974112)
Beveiligingsupdate voor Windows XP (KB974318)
Beveiligingsupdate voor Windows XP (KB974392)
Beveiligingsupdate voor Windows XP (KB974571)
Beveiligingsupdate voor Windows XP (KB975025)
Beveiligingsupdate voor Windows XP (KB975467)
Beveiligingsupdate voor Windows XP (KB975560)
Beveiligingsupdate voor Windows XP (KB975561)
Beveiligingsupdate voor Windows XP (KB975562)
Beveiligingsupdate voor Windows XP (KB975713)
Beveiligingsupdate voor Windows XP (KB976323)
Beveiligingsupdate voor Windows XP (KB977816)
Beveiligingsupdate voor Windows XP (KB977914)
Beveiligingsupdate voor Windows XP (KB978037)
Beveiligingsupdate voor Windows XP (KB978338)
Beveiligingsupdate voor Windows XP (KB978542)
Beveiligingsupdate voor Windows XP (KB978601)
Beveiligingsupdate voor Windows XP (KB978706)
Beveiligingsupdate voor Windows XP (KB979309)
Beveiligingsupdate voor Windows XP (KB979482)
Beveiligingsupdate voor Windows XP (KB979559)
Beveiligingsupdate voor Windows XP (KB979683)
Beveiligingsupdate voor Windows XP (KB979687)
Beveiligingsupdate voor Windows XP (KB980195)
Beveiligingsupdate voor Windows XP (KB980218)
Beveiligingsupdate voor Windows XP (KB980232)
Beveiligingsupdate voor Windows XP (KB980436)
Beveiligingsupdate voor Windows XP (KB981322)
Beveiligingsupdate voor Windows XP (KB981349)
Beveiligingsupdate voor Windows XP (KB981852)
Beveiligingsupdate voor Windows XP (KB981957)
Beveiligingsupdate voor Windows XP (KB981997)
Beveiligingsupdate voor Windows XP (KB982132)
Beveiligingsupdate voor Windows XP (KB982214)
Beveiligingsupdate voor Windows XP (KB982381)
Beveiligingsupdate voor Windows XP (KB982665)
Beveiligingsupdate voor Windows XP (KB982802)
Bonjour
Brainworx BX Control VST RTAS v2.0
Brainworx BX Digital VST RTAS v2.0.2
Brainworx BX DynEQ Bundle VST RTAS v1.1
Brainworx BX Hybrid VST RTAS v1.0.5
Brainworx BX XL Mastering Limiter VST RTAS v1.0
BS.Player PRO
BuzComp
BuzComp_KeyMaker
Cakewalk Rapture Expansion Pack 1
Cakewalk Rapture Expansion Pack 2
Camel Audio Cameleon 5000 v1.7 VSTi
Camtasia Studio 6
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP250 series MP Drivers
Canon Utilities My Printer
CCleaner (remove only)
Codec Pack - All In 1 6.0.3.0
Compadre Beatpuncher v1.1
Connect
Darbuka 1.0.0
db audioware Sidechain Compressor VST v1.1.0
Dimension Pro
discoDSP Discovery Pro VSTi RTAS v5.3
DivX Setup
Driver Genius Professional Edition
DriverGuide DriverScan
eLicenser Control
Elysia Alpha Compressor VST RTAS v1.0
Elysia mpressor VST RTAS v1.0.2
EVEREST Home Edition v2.20
FabFilter Pro-C VST RTAS v1.1.2
FabFilter Pro-Q VST RTAS v1.01
FabFilter Simplon 1.12
FabFilter TotalBundle VST RTAS v1.2
FabFilter Twin VSTi RTAS v2.00
FabFilter Volcano VST RTAS v2.03
FilterBank v3.2
FireBird+ v1.9
FL Studio 9
FLUX Spring Pack Bundle v1.0.4.14
Focusrite Scarlett Plug-in Suite 1.1
FOX LiveUpdate
Gebruikersregistratie voor Canon MP250 series
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Hotfix voor Windows XP (KB2158563)
Hotfix voor Windows XP (KB2443685)
Hotfix voor Windows XP (KB952287)
Hotfix voor Windows XP (KB961118)
Hotfix voor Windows XP (KB981793)
IL Download Manager
IL Juice Pack
IL Vocodex
ImTOO MPEG Encoder Platinum
inSSIDer
Intel(R) C++ Redistributables for Windows* on IA-32
Intel(R) Graphics Media Accelerator Driver
Interlok driver setup x32
ISOBuddy
iTunes
iWebcamera
iZotope Alloy
iZotope iDrum
iZotope iDrum Factory Content
iZotope Ozone 4
Java Auto Updater
Java(TM) 6 Update 21
KeyToSound - Essential Compressor 1.0 r4
KORG Legacy Collection - ANALOG EDITION 2007
KORG Legacy Collection - DIGITAL EDITION
kuler
Latigo 1.0.0
Live 8.2.1
Magic ISO Maker v5.4 (build 0239)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware
Maximus
Melodyne 3.2
Messenger Plus! Live
MessengerDiscovery 2.5.95
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2000 SR-1 Premium
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Minimal System Instruments Moogi Analogue Filter VST v2.50
Minimal System Instruments SSi Pro EQ VST v1.0
Minimal System Instruments SSi Pro Expander&Gate VST v1.0
Mo Phatt
Mozilla Firefox (3.6.13)
MSIstrip v2.00
MSVCRT
Native Instruments Abbey Road Modern Drums
Native Instruments Battery 3
Native Instruments Best of Reaktor Vol. 1
Native Instruments Deep Transformations
Native Instruments FM8
Native Instruments Hardware Controller Support
Native Instruments Kontakt 4
Native Instruments Kore 2
Native Instruments Kore v2.0.1.007 Updater - Patcher
Native Instruments Maschine
Native Instruments Maschine Driver
Native Instruments Massive
Native Instruments Massive Expansion Vol. 2
Native Instruments Pro-53
Native Instruments Service Center
Native Instruments Urban Arsenal
nebula3 CM
NomadFactory Analog Mastering Tools VST RTAS v1.0
NomadFactory Blue Tubes Analog TrackBox VST RTAS v1.3
NomadFactory Blue Tubes Dynamics Pack VST RTAS v3.2
NomadFactory Blue Tubes Effects Pack VST RTAS v3.2
NomadFactory Blue Tubes Equalizers Pack VST RTAS v3.2
NomadFactory Essential Studio Suite VST RTAS v1.5
NomadFactory Limiting Amplifier LM-662 VST RTAS v1.3
NomadFactory Liquid Bundle VST RTAS v2.4
NomadFactory Program Equalizer EQP-4 VST RTAS v1.3
NomadFactory Retrology M-Tone EQ VST RTAS v1.0
NomadFactory Studio Channel SC-226 VST RTAS v1.3
NVIDIA Drivers
PCM Native Reverb VST Plug-in
PDF Settings CS4
Photoshop Camera Raw
PoiZone
PowerISO
PreSonus FireBox driver v5.13.0.0
Proteus VX
PSP Audioware Neon HR VST RTAS v1.5.1
PSP Audioware Xenon v1.0
PSP EasyVerb 1.5.4
PSP MasterComp 1.5.4
PSP MasterQ 1.5.2
PSP MixPack2 2.0.3
PSP Nitro 1.1.2
PSP sQuad 1.1.1
PSP StereoPack 1.9.0
PSP VintageWarmer2 2.3.1 32bit
Punch VST v1.05
QuickTime
RAM Saver 9.12 Professional
Rapture 1.1
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Reason 4.0
reFX Nexus VSTi RTAS v2.2.0
RegCure
Revo Uninstaller 1.89
rgc:audio z3ta+ 1.5
SafeCast Shared Components
Sandboxie 3.46
Sawer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Segoe UI
Softube FET Compressor VST RTAS v1.0.3
Softube Passive-Active Pack VST RTAS v1.0.2
Softube Tonelux Tilt VST RTAS v1.0
Softube Tube-Tech CL 1B VST RTAS v1.0.3
Softube Tube-Tech PE 1C VST RTAS v1.0.1
Softube Valley People Dyna-mite VST RTAS v1.0.3
Sonnox Oxford Inflator Native VST v1.5.1
Sonnox Oxford Limiter Native VST v1.1.1
Sonnox Oxford R3 Dynamics Native VST v1.3.1
Sonnox Oxford R3 EQ Native VST v1.6.1
Sonnox Oxford Reverb Native VST v1.0
Sonnox Oxford TransMod Native VST v1.3.1
SPL Analog Code DrumXchanger VST RTAS v1.0
SPL Analog Code Vitalizer MK2-T VST RTAS v1.1
Steinberg Cubase 5
Steinberg Drum Loop Expansion 01
Steinberg Freefilter v1.2
Steinberg Groove Agent ONE Content
Steinberg Groove Agent VSTi DXi v2.0
Steinberg HALionOne
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg Hypersonic VSTi DXi v2.0
Steinberg LoopMash Content
Steinberg REVerence Content 01
Steinberg The Grand VSTi DXi v2.1.0
Steinberg Virtual Bassist VSTi DXi v1.0
Stillwell Audio Plugins Bundle VST v1.52
Suite Shared Configuration CS4
System Requirements Lab for Intel
Sytrus
T-RackS 3 Deluxe
Tone2 Gladiator VSTi v2.2
Toxic Biohazard
TT Dynamic Range Meter 1.0
UltraComp VST v1.05
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update voor Windows XP (KB2141007)
Update voor Windows XP (KB2345886)
Update voor Windows XP (KB2467659)
Update voor Windows XP (KB951978)
Update voor Windows XP (KB955759)
Update voor Windows XP (KB961503)
Update voor Windows XP (KB967715)
Update voor Windows XP (KB968389)
Update voor Windows XP (KB971737)
Update voor Windows XP (KB973687)
Update voor Windows XP (KB973815)
URS Plug-In Bundle Complete VST RTAS v1.0
VC80CRTRedist - 8.0.50727.4053
Virtual Audio Cable 4.9
Virtuoso
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.3
Waldorf Largo
Wave Arts Master Restoration
Wave Arts Power Suite
Wave Arts Tube Saturator
WaveLab 6
Waves Complete VST RTAS TDM v7.1.16
Wavpack4Wavelab6
Way out Ware TimewARP2600 VSTi RTAS v1.4.1
WebFldrs XP
Winamp
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows XP Service Pack 3
WinPcap 4.1.2
WinRAR archiver
XviD4PSP 5.0

==== End Of File ===========================


HijackThis Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:01, on 25-1-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PreSonus\1394AudioDriver_FireBox\FireBox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\Trend Micro\HiJackThis\Crusty.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: FireBox Control Panel.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1282520467703
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files\wLite\wService.exe

--
End of file - 7255 bytes
 
All looks clean, so far.

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

==================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Hi Broni, your instructions are amazing :) I would never figured it out all by myself.
Thanks for your effort so far..

So if i am correct i have to remove my AVG before i use the ComboFix app right?
Also, in your post above at ** Note 2 it says you recommend removing AVG by using a tool called AppRemover. I think i have a similar program installed already called Revo Uninstaller. Can i use this program to remove it? Or has it to be AppRemover specifically?

After your reply i will follow the new instructions like mentioned and post the new log files.
 
Oke here is what i did..

First I have downloaded the needed apps as you mentioned.
Than I closed all running applications in Windows (FF Browser, Programs, Msn, Etc)

From here I have disconnected my Internet. Then I started to Remove AVG 9 using Revo-Uninstaller. After the Uninstall process it required to reboot my System of course, once booted up again i ran MBRCheck.exe


The report file for this log includes:


MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000007d

Kernel Drivers (total 136):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E5000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9EBD000 sptd.sys
0xBA5AA000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xB9EA5000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xB9E76000 ACPI.sys
0xB9E65000 pci.sys
0xBA0A8000 ohci1394.sys
0xBA0B8000 \WINDOWS\System32\DRIVERS\1394BUS.SYS
0xBA0C8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xBA0D8000 MountMgr.sys
0xB9E46000 ftdisk.sys
0xBA5AC000 dmload.sys
0xB9E20000 dmio.sys
0xBA330000 PartMgr.sys
0xBA0E8000 VolSnap.sys
0xB9E08000 atapi.sys
0xBA0F8000 disk.sys
0xBA108000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xB9DE8000 fltmgr.sys
0xB9DD6000 sr.sys
0xBA118000 PxHelp20.sys
0xB9DB8000 TPkd.sys
0xB9DA1000 KSecDD.sys
0xB9D14000 Ntfs.sys
0xB9CE7000 NDIS.sys
0xB9CCD000 Mup.sys
0xBA2F8000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xB9472000 \SystemRoot\System32\DRIVERS\igxpmp32.sys
0xB945E000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xB9436000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xBA428000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xB9412000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xBA430000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xB93EF000 \SystemRoot\System32\Drivers\pae_1394.sys
0xBA438000 \SystemRoot\System32\DRIVERS\fdc.sys
0xBA308000 \SystemRoot\System32\DRIVERS\serial.sys
0xB9C81000 \SystemRoot\System32\DRIVERS\serenum.sys
0xBA440000 \SystemRoot\System32\DRIVERS\irsir.sys
0xB9C7D000 \SystemRoot\System32\DRIVERS\irenum.sys
0xB93DB000 \SystemRoot\System32\DRIVERS\parport.sys
0xBA318000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xBA448000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xBA450000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xBA148000 \SystemRoot\System32\DRIVERS\imapi.sys
0xBA158000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xBA168000 \SystemRoot\System32\DRIVERS\redbook.sys
0xB93B8000 \SystemRoot\System32\DRIVERS\ks.sys
0xBA458000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB9350000 \SystemRoot\System32\Drivers\apitkuv5.SYS
0xBA178000 \SystemRoot\system32\DRIVERS\vrtaucbl.sys
0xB932C000 \SystemRoot\system32\DRIVERS\portcls.sys
0xBA188000 \SystemRoot\system32\DRIVERS\drmk.sys
0xBA732000 \SystemRoot\System32\DRIVERS\audstub.sys
0xBA340000 \SystemRoot\System32\DRIVERS\rasirda.sys
0xBA368000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xBA198000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xB9621000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xB9315000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xBA1A8000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xBA1B8000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xB9264000 \SystemRoot\System32\DRIVERS\psched.sys
0xBA1C8000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xBA370000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xBA378000 \SystemRoot\System32\DRIVERS\raspti.sys
0xB9234000 \SystemRoot\System32\DRIVERS\rdpdr.sys
0xBA1D8000 \SystemRoot\System32\DRIVERS\termdd.sys
0xB9217000 \SystemRoot\system32\DRIVERS\mcdbus.sys
0xBA5D8000 \SystemRoot\System32\DRIVERS\swenum.sys
0xB91B9000 \SystemRoot\System32\DRIVERS\update.sys
0xBA588000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xBA208000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xBA228000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xBA5EE000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xBA388000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xBA5F8000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA799000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5FA000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA398000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xBA3A0000 \SystemRoot\System32\drivers\vga.sys
0xBA5FC000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5FE000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA3A8000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA3B0000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB9C69000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xA9036000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xA8FDD000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xA8FB5000 \SystemRoot\System32\DRIVERS\netbt.sys
0xBA248000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xA8F8F000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xA8F6D000 \SystemRoot\System32\drivers\afd.sys
0xBA258000 \SystemRoot\System32\DRIVERS\netbios.sys
0xBA278000 \SystemRoot\System32\Drivers\SCDEmu.SYS
0xA8EF2000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xA8E5A000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xBA288000 \SystemRoot\System32\Drivers\Fips.SYS
0xBA2B8000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBA3D0000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xBA2C8000 \SystemRoot\System32\Drivers\pae_avs.sys
0xA8DA2000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA634000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xA8EEA000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA408000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA764000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF059000 \SystemRoot\System32\igxpdv32.DLL
0xBF2E9000 \SystemRoot\System32\igxpdx32.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA8CB2000 \??\C:\WINDOWS\system32\drivers\mbam.sys
0xA8B2B000 \??\C:\Program Files\Sandboxie\SbieDrv.sys
0xA8B15000 \SystemRoot\System32\DRIVERS\irda.sys
0xA8C46000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xA8980000 \SystemRoot\System32\DRIVERS\mrxdav.sys
0xBA62A000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xA8947000 \SystemRoot\System32\Drivers\adfs.SYS
0xA8A81000 \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS
0xA87D7000 \SystemRoot\System32\DRIVERS\srv.sys
0xBA3D8000 \SystemRoot\system32\drivers\npf.sys
0xA84F2000 \SystemRoot\system32\drivers\wdmaud.sys
0xA8627000 \SystemRoot\system32\drivers\sysaudio.sys
0xBA5E4000 \SystemRoot\system32\drivers\splitter.sys
0xA84CF000 \SystemRoot\system32\drivers\aec.sys
0xA8617000 \SystemRoot\system32\drivers\swmidi.sys
0xA87A7000 \SystemRoot\system32\drivers\DMusic.sys
0xA8404000 \SystemRoot\system32\drivers\kmixer.sys
0xBA6F9000 \SystemRoot\system32\drivers\drmkaud.sys
0xA8073000 \SystemRoot\System32\Drivers\HTTP.sys
0xA8DCA000 \SystemRoot\System32\DRIVERS\ipfltdrv.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 41):
0 System Idle Process
4 System
576 C:\WINDOWS\system32\smss.exe
632 csrss.exe
656 C:\WINDOWS\system32\winlogon.exe
700 C:\WINDOWS\system32\services.exe
712 C:\WINDOWS\system32\lsass.exe
916 C:\WINDOWS\system32\svchost.exe
980 svchost.exe
1020 C:\Program Files\Sandboxie\SbieSvc.exe
1040 C:\WINDOWS\system32\svchost.exe
1156 svchost.exe
1216 svchost.exe
1380 C:\WINDOWS\system32\spoolsv.exe
1452 svchost.exe
1484 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1500 C:\Program Files\Bonjour\mDNSResponder.exe
1528 C:\WINDOWS\system32\drivers\CDAC11BA.EXE
1584 C:\WINDOWS\system32\inetsrv\inetinfo.exe
1600 C:\Program Files\Canon\IJPLM\ijplmsvc.exe
1612 C:\Program Files\Java\jre6\bin\jqs.exe
1636 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
1688 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
1760 C:\WINDOWS\system32\svchost.exe
216 C:\WINDOWS\system32\wuauclt.exe
1164 C:\WINDOWS\system32\wscntfy.exe
1728 C:\WINDOWS\explorer.exe
1912 alg.exe
2168 wmiprvse.exe
2304 C:\Program Files\Winamp\winampa.exe
2328 C:\WINDOWS\system32\hkcmd.exe
2336 C:\WINDOWS\system32\igfxpers.exe
2348 C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
2364 C:\WINDOWS\system32\igfxsrvc.exe
2396 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
2436 C:\Program Files\Sandboxie\SbieCtrl.exe
2488 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
2672 C:\Program Files\Messenger\msmsgs.exe
2776 C:\Program Files\PreSonus\1394AudioDriver_FireBox\FireBox.exe
908 C:\Program Files\iWebcamera\iWebcameraApp.exe
3584 C:\Documents and Settings\Mr.A\Bureaublad\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\F: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: Maxtor6Y120L0, Rev: YAR41BW0
PhysicalDrive1 Model Number: WD10EAVS External, Rev: 1.75

Size Device Name MBR Status
--------------------------------------------
114 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: F238F1FE114296B6DC7716517DC1DADB3FF3D5C6
931 GB \\.\PhysicalDrive1 RE: Windows 98 MBR code detected
SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E

Done!


=================================================================


After that I ran ComboFix. It installed Recovery Console & started scanning.

The Log for this file includes:


ComboFix 11-01-24.02 - Mr.A 25-01-2011 19:23:47.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2037.1537 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Mr.A\Bureaublad\ComboFix.exe
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\windows\system32\Cache
c:\windows\system32\msvcsv60.dll

.
(((((((((((((((((((( Bestanden Gemaakt van 2010-12-25 to 2011-01-25 ))))))))))))))))))))))))))))))
.

2011-01-25 00:27 . 2011-01-25 00:27 -------- d-----w- c:\documents and settings\Mr.A\Local Settings\Application Data\Identities
2011-01-25 00:02 . 2011-01-25 00:02 388096 ----a-r- c:\documents and settings\Mr.A\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-25 00:02 . 2011-01-25 00:02 -------- d-----w- c:\program files\Trend Micro
2011-01-23 22:33 . 2009-08-19 04:18 107864 ----a-w- c:\windows\system32\tsccvid.dll
2011-01-23 22:33 . 2011-01-23 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2011-01-23 22:32 . 2011-01-23 22:32 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2011-01-23 22:30 . 2011-01-23 22:30 -------- d-----w- c:\windows\system32\RTCOM
2011-01-21 13:22 . 2011-01-21 13:23 -------- d-----w- c:\program files\Virtual Audio Cable
2011-01-21 13:22 . 2011-01-21 13:22 40576 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2011-01-21 13:19 . 2011-01-21 13:19 -------- d-----w- c:\program files\Driver-Soft
2011-01-21 13:02 . 2011-01-25 18:24 -------- d--h--r- c:\documents and settings\Mr.A\Onlangs geopend
2011-01-21 12:24 . 2011-01-21 12:24 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-20 02:36 . 2011-01-20 02:36 -------- d-----w- c:\documents and settings\Mr.A\Local Settings\Application Data\TechSmith
2011-01-18 17:44 . 2011-01-18 17:44 -------- d-----w- c:\documents and settings\Mr.A\Application Data\Toolbar4
2011-01-10 20:10 . 2011-01-10 20:10 -------- d-----w- c:\program files\Beat Kangz
2010-12-31 00:58 . 2010-12-31 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Waves Audio
2010-12-30 23:58 . 2010-12-30 23:58 -------- d-----w- c:\program files\Focusrite

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 18:18 . 2010-11-29 18:18 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-11-23 02:07 . 2010-11-23 02:07 69632 ----a-w- c:\windows\system32\FxShared.dll
2010-11-23 02:07 . 2010-11-23 02:07 69632 ----a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2010-11-18 18:15 . 2010-08-22 14:25 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2003-04-08 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-05 05:02 . 2010-08-22 15:28 81920 ------w- c:\windows\system32\ieencode.dll
2010-11-05 05:02 . 2003-04-08 12:00 670208 ----a-w- c:\windows\system32\wininet.dll
2010-11-05 05:02 . 2003-04-08 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-11-05 04:59 . 2010-08-22 15:28 371712 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2003-04-08 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2003-04-08 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
.

------- Sigcheck -------

[-] 2010-08-24 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2010-08-24 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2010-07-04 398568]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-10-19 3872080]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-29 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-29 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-29 142360]
"M-Audio Taskbar Icon"="c:\windows\System32\M-AudioTaskBarIcon.exe" [2008-06-17 356864]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
FireBox Control Panel.lnk - c:\program files\PreSonus\1394AudioDriver_FireBox\FireBox.exe [2010-8-23 1084800]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mr.A^Menu Start^Programma's^Opstarten^MagicDisc.lnk]
path=c:\documents and settings\Mr.A\Menu Start\Programma's\Opstarten\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-03-23 17:00 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2007-09-06 13:08 136136 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 13:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-10-19 15:14 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QTTask]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAMSaverPro]
2009-10-12 06:27 199200 ----a-w- c:\program files\Godlike Developers\RAM Saver Professional\ramsaverpro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader_sl]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Steinberg\\Cubase 5\\Cubase5.exe"=
"c:\\Program Files\\Steinberg\\WaveLab 6\\WaveLab-app.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\iWebcamera\\iWebcameraApp.exe"=
"c:\\Program Files\\wLite\\wLite.exe"=
"c:\\Program Files\\wLite\\wService.exe"=
"c:\\Program Files\\FXpansion\\Guru\\Guru.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"60007:TCP"= 60007:TCP:UTorrent 60007
"60007:UDP"= 60007:UDP:UTorrent 60007

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24-8-2010 0:46 685816]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-11-2010 17:38 304464]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [21-11-2008 19:37 3706880]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25-6-2010 18:07 35088]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [21-1-2011 14:22 40576]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-11-2010 17:38 20952]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23-1-2011 23:29 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18-12-2009 9:58 11336]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 MASONODFU;M-Audio Axiom Pro DFU Driver;c:\windows\system32\drivers\MAudioAxiomProDFU.sys [24-8-2010 0:42 23048]
S3 MAUSBMS;Service for M-Audio Axiom Pro;c:\windows\system32\drivers\mausbop.sys [24-8-2010 0:42 145544]
S3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [2-5-2010 22:34 5027328]
.
Inhoud van de 'Gedeelde Taken' map

2011-01-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

2011-01-25 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-10-16 08:20]

2010-08-31 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-10-16 08:20]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://google.nl/
uInternet Settings,ProxyOverride = *.local
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\documents and settings\Mr.A\Application Data\Mozilla\Firefox\Profiles\dypji23t.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-25 19:27
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wxpSvc]
"ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
Voltooingstijd: 2011-01-25 19:28:48
ComboFix-quarantined-files.txt 2011-01-25 18:28

Pre-Run: 54.072.471.552 bytes beschikbaar
Post-Run: 54.059.257.856 bytes beschikbaar

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 9A126FFC3F46BA9E7BD9C26F993BE3B2


=================================================================


So after both Log's been generated I have installed AVG again & rebooted my PC.
As it started up, it caught my attention that there is a triangle with an "!" in it now inside the AVG icon in the task bar. When double click on it, it opens the main menu of AVG where it says that my updates are out of date while i already had updated right after the re-installation. And when i click on update now, it says something like "No specific updates where found at this time"

But that is not why i have started this topic so i don't want to go into that. Just thought I'll let you know.

Maybe I do not have the privilege to make a suggestion, but I'm just thinking along the process. Is it not possible that this Freezing has maybe something to do with my Cooler (system) or maybe Mother-Board or something in BIOS?

Generally my PC is on all the time.. Although I have had replaced the Cooler a several months ago with a much more powerful one.

Just a thought..
 
In this forum, we're just checking, if your computer is clean.
When we're done and the computer is still having issue, then I'll send you to another forum.

We're not done with Combofix yet, so you'll have to uninstall AVG again.
I suggest, you leave it out and you switch to one of these:
- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
- Avira free antivirus: http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html
I don't recommend AVG anymore.

========================================================================

Uninstall RegCure.

Registry cleaners/optimizers are not recommended for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


=========================================================================

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:
FCopy::
c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys | c:\windows\system32\drivers\tcpip.sys
c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys | c:\windows\system32\dllcache\tcpip.sys

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
Yes I'm very clear about that :)

Oke, you're the Experienced one here, so i will remove AVG again using Revo-Uninstaller and install one of the recommended ones :grinthumb

Also i will Uninstall RegCure as you recommended.
After that i will take the steps as you have mentioned in your new reply..

I'll keep you posted :)
 
Oke, so i have un-installed AVG 9 with Revo Un-installer from my system, after the process a reboot was necessary. Once started up again, i have un-installed RegCure.

After this was un-installed I disabled my Internet and Malwarebytes Anti-Malware.
Then i dragged the CFScript.txt with the content i had copied from the codebox before on ComboFix. It started doing his routine again. After it was done, the new log included the following:

================================================================
ComboFix 11-01-24.02 - Mr.A 26-01-2011 0:19.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2037.1540 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Mr.A\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Mr.A\Bureaublad\CFScript.txt
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys
c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys --> c:\windows\system32\dllcache\tcpip.sys
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-12-25 to 2011-01-25 ))))))))))))))))))))))))))))))
.

2011-01-25 00:27 . 2011-01-25 00:27 -------- d-----w- c:\documents and settings\Mr.A\Local Settings\Application Data\Identities
2011-01-25 00:02 . 2011-01-25 00:02 388096 ----a-r- c:\documents and settings\Mr.A\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-25 00:02 . 2011-01-25 00:02 -------- d-----w- c:\program files\Trend Micro
2011-01-23 22:33 . 2009-08-19 04:18 107864 ----a-w- c:\windows\system32\tsccvid.dll
2011-01-23 22:33 . 2011-01-23 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2011-01-23 22:32 . 2011-01-23 22:32 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2011-01-23 22:30 . 2011-01-23 22:30 -------- d-----w- c:\windows\system32\RTCOM
2011-01-21 13:22 . 2011-01-21 13:23 -------- d-----w- c:\program files\Virtual Audio Cable
2011-01-21 13:22 . 2011-01-21 13:22 40576 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2011-01-21 13:19 . 2011-01-21 13:19 -------- d-----w- c:\program files\Driver-Soft
2011-01-21 13:02 . 2011-01-25 21:50 -------- d--h--r- c:\documents and settings\Mr.A\Onlangs geopend
2011-01-21 12:24 . 2011-01-21 12:24 -------- d-----w- c:\windows\system32\wbem\Repository
2011-01-20 02:36 . 2011-01-20 02:36 -------- d-----w- c:\documents and settings\Mr.A\Local Settings\Application Data\TechSmith
2011-01-18 17:44 . 2011-01-18 17:44 -------- d-----w- c:\documents and settings\Mr.A\Application Data\Toolbar4
2011-01-10 20:10 . 2011-01-10 20:10 -------- d-----w- c:\program files\Beat Kangz
2010-12-31 00:58 . 2010-12-31 01:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Waves Audio
2010-12-30 23:58 . 2010-12-30 23:58 -------- d-----w- c:\program files\Focusrite

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 18:18 . 2010-11-29 18:18 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-11-23 02:07 . 2010-11-23 02:07 69632 ----a-w- c:\windows\system32\FxShared.dll
2010-11-23 02:07 . 2010-11-23 02:07 69632 ----a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2010-11-18 18:15 . 2010-08-22 14:25 86016 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2003-04-08 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-05 05:02 . 2010-08-22 15:28 81920 ------w- c:\windows\system32\ieencode.dll
2010-11-05 05:02 . 2003-04-08 12:00 670208 ----a-w- c:\windows\system32\wininet.dll
2010-11-05 05:02 . 2003-04-08 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-11-05 04:59 . 2010-08-22 15:28 371712 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2003-04-08 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2003-04-08 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((( SnapShot@2011-01-25_18.16.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-25 23:10 . 2011-01-25 23:10 16384 c:\windows\Temp\Perflib_Perfdata_7a0.dat
+ 2011-01-02 18:58 . 2011-01-25 23:11 224627 c:\windows\system32\inetsrv\MetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2010-07-04 398568]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-10-19 3872080]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-29 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-29 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-29 142360]
"M-Audio Taskbar Icon"="c:\windows\System32\M-AudioTaskBarIcon.exe" [2008-06-17 356864]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
FireBox Control Panel.lnk - c:\program files\PreSonus\1394AudioDriver_FireBox\FireBox.exe [2010-8-23 1084800]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mr.A^Menu Start^Programma's^Opstarten^MagicDisc.lnk]
path=c:\documents and settings\Mr.A\Menu Start\Programma's\Opstarten\MagicDisc.lnk
backup=c:\windows\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-03-23 17:00 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2007-09-06 13:08 136136 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 13:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-10-19 15:14 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QTTask]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAMSaverPro]
2009-10-12 06:27 199200 ----a-w- c:\program files\Godlike Developers\RAM Saver Professional\ramsaverpro.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader_sl]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Steinberg\\Cubase 5\\Cubase5.exe"=
"c:\\Program Files\\Steinberg\\WaveLab 6\\WaveLab-app.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\iWebcamera\\iWebcameraApp.exe"=
"c:\\Program Files\\FXpansion\\Guru\\Guru.exe"=
"c:\\Program Files\\wLite\\wLite.exe"=
"c:\\Program Files\\wLite\\wService.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"60007:TCP"= 60007:TCP:UTorrent 60007
"60007:UDP"= 60007:UDP:UTorrent 60007

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24-8-2010 0:46 685816]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16-11-2010 17:38 304464]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [21-11-2008 19:37 3706880]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25-6-2010 18:07 35088]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [21-1-2011 14:22 40576]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16-11-2010 17:38 20952]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [23-1-2011 23:29 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18-12-2009 9:58 11336]
S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
S3 MASONODFU;M-Audio Axiom Pro DFU Driver;c:\windows\system32\drivers\MAudioAxiomProDFU.sys [24-8-2010 0:42 23048]
S3 MAUSBMS;Service for M-Audio Axiom Pro;c:\windows\system32\drivers\mausbop.sys [24-8-2010 0:42 145544]
S3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [2-5-2010 22:34 5027328]
.
Inhoud van de 'Gedeelde Taken' map

2011-01-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://google.nl/
uInternet Settings,ProxyOverride = *.local
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\documents and settings\Mr.A\Application Data\Mozilla\Firefox\Profiles\dypji23t.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-26 00:29
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wxpSvc]
"ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(828)
c:\windows\system32\CLBCATQ.DLL
.
Voltooingstijd: 2011-01-26 00:31:03
ComboFix-quarantined-files.txt 2011-01-25 23:31
ComboFix2.txt 2011-01-25 18:28

Pre-Run: 54.161.870.848 bytes beschikbaar
Post-Run: 54.370.000.896 bytes beschikbaar

- - End Of File - - 87463E5D3ED2A41E8C82AD0063D45C04
================================================================


A reboot was not needed. So before connecting to the internet again i did install avast! because i do not dare to go online without any Anti-Virus program.

After the installation i rebooted the system and connected to the internet again so that i can post my post :)
 
Well done :)

Let's keep checking...

Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Executed the instructions as told.. Copied & pasted the code and Clicked on Quick Scan.

While scanning it poped up an error saying: Access violation at address 00401A13 in module 'OTL.exe'. Read of address 00216000

After clicking OK i saw the following tekst in the left corner. Creating restore point. DO NOT INTERRUPT...

This happends to be quite a long time now. It is still going on i did not exited it or anything, i can minimize it though.

I thought i first level with you on what to do before taking action..
 
I think that was my bad.. Forgot to Disable AntiMalware & Avast. So after still no reaction from OTL i closed it, disabled both programs, and did a scan with the copied code again.. This time it did make 2 log files:


OTL.txt


OTL logfile created on: 26-1-2011 14:43:13 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Mr.A\Bureaublad
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,48 Gb Total Space | 50,49 Gb Free Space | 44,10% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 162,67 Gb Free Space | 17,46% Space Free | Partition Type: NTFS

Computer Name: ADILOST | User Name: Mr.A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-01-26 13:22:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mr.A\Bureaublad\OTL.exe
PRC - [2011-01-13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-12-15 14:10:22 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-12-15 14:10:18 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-08-25 15:34:44 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2010-07-04 10:49:16 | 000,398,568 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2010-07-04 10:49:14 | 000,075,496 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-04-29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010-04-29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010-02-03 10:16:56 | 001,084,800 | ---- | M] (PreSonus Audio Electronics) -- C:\Program Files\PreSonus\1394AudioDriver_FireBox\FireBox.exe
PRC - [2009-02-25 22:27:30 | 001,433,952 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winamp.exe
PRC - [2009-02-25 22:26:00 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009-02-10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008-11-21 19:37:28 | 003,706,880 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2008-06-17 10:26:18 | 000,356,864 | ---- | M] (Avid Technology, Inc.) -- C:\WINDOWS\system32\M-AudioTaskBarIcon.exe
PRC - [2008-04-14 18:03:01 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008-04-14 18:02:58 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011-01-26 13:22:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mr.A\Bureaublad\OTL.exe
MOD - [2011-01-13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010-08-23 17:13:25 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011-01-13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-08-25 15:34:44 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2010-08-24 13:51:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010-07-04 10:49:14 | 000,075,496 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010-06-25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010-06-10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-05-02 22:34:28 | 005,027,328 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\wLite\wService.exe -- (wxpSvc)
SRV - [2010-04-29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009-02-10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008-11-21 19:37:28 | 003,706,880 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2008-04-14 18:03:01 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008-04-14 18:03:01 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) SMTP (Simple Mail Transfer Protocol)
SRV - [2008-04-14 18:03:01 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)


========== Driver Services (SafeList) ==========

DRV - [2011-01-21 14:22:53 | 000,040,576 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)
DRV - [2011-01-13 09:41:29 | 000,357,968 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-01-13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-01-13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-08-25 15:34:41 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS -- (CdaC15BA)
DRV - [2010-08-24 00:46:20 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-07-28 18:27:36 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010-07-06 10:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010-07-04 10:49:10 | 000,119,016 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2010-06-25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010-02-03 10:16:50 | 000,137,088 | ---- | M] (Archwave AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pae_1394.sys -- (pae_1394)
DRV - [2010-02-03 10:16:50 | 000,052,608 | ---- | M] (Archwave AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pae_avs.sys -- (pae_avs)
DRV - [2010-01-14 03:18:36 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009-12-18 09:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009-12-02 13:56:16 | 000,092,792 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009-07-27 03:43:18 | 000,058,908 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-02-24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008-08-27 04:32:36 | 000,023,048 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MAudioAxiomProDFU.sys -- (MASONODFU)
DRV - [2008-08-27 04:32:32 | 000,145,544 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mausbop.sys -- (MAUSBMS)
DRV - [2008-08-14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008-04-13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Stuurprogramma voor USB-audio (WDM)
DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006-02-24 23:27:02 | 000,343,904 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5523.sys -- (AR5523)
DRV - [2001-08-17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/
IE - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.7

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-15 14:10:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-15 14:10:25 | 000,000,000 | ---D | M]

[2010-08-23 00:25:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mr.A\Application Data\Mozilla\Extensions
[2011-01-25 16:02:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mr.A\Application Data\Mozilla\Firefox\Profiles\dypji23t.default\extensions
[2010-08-24 01:27:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mr.A\Application Data\Mozilla\Firefox\Profiles\dypji23t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-01-21 13:21:59 | 000,000,000 | ---D | M] (HyperCam Toolbar) -- C:\Documents and Settings\Mr.A\Application Data\Mozilla\Firefox\Profiles\dypji23t.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2010-10-10 22:32:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mr.A\Application Data\Mozilla\Firefox\Profiles\dypji23t.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010-10-29 15:23:21 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Documents and Settings\Mr.A\Application Data\Mozilla\Firefox\Profiles\dypji23t.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011-01-25 16:02:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-08-23 03:27:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-08-23 03:27:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010-08-23 03:27:45 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-10-29 15:22:23 | 000,001,892 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bolcom-nl.xml
[2010-10-29 15:22:23 | 000,004,558 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\marktplaats-nl.xml
[2010-10-29 15:22:23 | 000,001,111 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\vandale-nl.xml
[2010-10-29 15:22:23 | 000,001,049 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-nl.xml
[2010-10-29 15:22:23 | 000,001,106 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-nl.xml

O1 HOSTS File: ([2011-01-25 19:16:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\system32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-1645522239-1580436667-839522115-1003..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd.)
O4 - HKU\S-1-5-21-1645522239-1580436667-839522115-1003..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\FireBox Control Panel.lnk = C:\Program Files\PreSonus\1394AudioDriver_FireBox\FireBox.exe (PreSonus Audio Electronics)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1645522239-1580436667-839522115-1003\..Trusted Domains: kuaiche.com ([software] http in Vertrouwde websites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1282520467703 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mr.A\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mr.A\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-08-22 15:26:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54901231209938944)

========== Files/Folders - Created Within 30 Days ==========

[2011-01-26 13:22:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mr.A\Bureaublad\OTL.exe
[2011-01-26 00:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\avast! Free Antivirus
[2011-01-26 00:34:57 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011-01-26 00:34:56 | 000,294,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-01-26 00:34:55 | 000,357,968 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-01-26 00:34:55 | 000,023,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-01-26 00:34:54 | 000,047,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-01-26 00:34:53 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-01-26 00:34:53 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-01-26 00:34:53 | 000,029,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-01-26 00:34:34 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-01-26 00:34:33 | 000,188,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-01-26 00:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011-01-26 00:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011-01-26 00:32:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-01-26 00:18:03 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011-01-25 19:22:40 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011-01-25 19:05:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-01-25 19:05:24 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-01-25 19:05:24 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-01-25 19:05:24 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-01-25 19:05:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-01-25 19:04:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-01-25 01:27:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mr.A\Local Settings\Application Data\Identities
[2011-01-25 01:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011-01-25 01:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mr.A\Menu Start\Programma's\HiJackThis
[2011-01-24 15:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Groove Agent 2
[2011-01-23 23:33:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2011-01-23 23:33:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Camtasia Studio 6
[2011-01-23 23:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2011-01-23 23:30:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2011-01-23 23:29:56 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2011-01-23 23:29:54 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2011-01-23 23:29:44 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2011-01-23 23:29:44 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2011-01-23 23:29:44 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011-01-21 14:22:53 | 000,040,576 | ---- | C] (Eugene V. Muzychenko) -- C:\WINDOWS\System32\drivers\vrtaucbl.sys
[2011-01-21 14:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2011-01-21 14:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Virtual Audio Cable
[2011-01-21 14:19:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Driver Genius Professional Edition
[2011-01-21 14:19:20 | 000,000,000 | ---D | C] -- C:\Program Files\Driver-Soft
[2011-01-21 14:02:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mr.A\Onlangs geopend
[2011-01-20 03:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mr.A\Local Settings\Application Data\TechSmith
[2011-01-19 13:07:23 | 000,000,000 | ---D | C] -- F:\Mijn Documenten\DriverGenius
[2011-01-18 18:44:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mr.A\Application Data\Toolbar4
[2011-01-18 13:38:43 | 000,000,000 | ---D | C] -- F:\Mijn Documenten\Nieuwe map
[2011-01-17 02:30:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\WinSCP
[2011-01-15 19:46:03 | 000,000,000 | ---D | C] -- F:\Mijn Documenten\Midi Files
[2011-01-10 21:13:10 | 000,000,000 | ---D | C] -- F:\Mijn Documenten\Beat Kangz
[2011-01-10 21:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Beat Kangz
[2010-12-31 01:58:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Waves Audio
[2010-12-31 00:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Focusrite
[2010-12-31 00:57:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mr.A\Menu Start\Programma's\Focusrite

========== Files - Modified Within 30 Days ==========

[2011-01-26 13:22:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mr.A\Bureaublad\OTL.exe
[2011-01-26 12:48:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-01-26 12:48:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-01-26 00:43:12 | 000,002,632 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2011-01-26 00:34:54 | 000,002,894 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011-01-25 19:22:47 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011-01-25 19:16:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-01-25 17:36:19 | 004,160,093 | R--- | M] () -- C:\Documents and Settings\Mr.A\Bureaublad\ComboFix.exe
[2011-01-25 17:34:57 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Mr.A\Bureaublad\MBRCheck.exe
[2011-01-23 23:34:23 | 000,000,304 | ---- | M] () -- C:\Documents and Settings\Mr.A\Bureaublad\Sound Configuration.lnk
[2011-01-23 23:32:51 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011-01-23 23:18:01 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\Mr.A\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-22 17:47:40 | 000,000,224 | ---- | M] () -- C:\WINDOWS\System32\w3data.vss
[2011-01-22 17:47:40 | 000,000,224 | ---- | M] () -- C:\WINDOWS\msocreg32.dat
[2011-01-21 14:22:53 | 000,040,576 | ---- | M] (Eugene V. Muzychenko) -- C:\WINDOWS\System32\drivers\vrtaucbl.sys
[2011-01-19 20:08:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-01-19 16:39:54 | 151,023,436 | ---- | M] () -- F:\Mijn Documenten\clip0006.avi
[2011-01-19 14:40:31 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-01-19 14:40:30 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-01-17 02:34:18 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Mr.A\Application Data\winscp.rnd
[2011-01-16 15:59:32 | 000,555,650 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2011-01-16 15:59:32 | 000,483,908 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-01-16 15:59:32 | 000,108,064 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2011-01-16 15:59:32 | 000,086,658 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011-01-13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011-01-13 09:41:29 | 000,357,968 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011-01-13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011-01-13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011-01-13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011-01-13 09:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011-01-13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011-01-13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011-01-13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-12-30 14:14:27 | 004,074,273 | ---- | M] () -- C:\WINDOWS\System32\TmpA174434109

========== Files Created - No Company Name ==========

[2011-01-25 19:22:47 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011-01-25 19:22:45 | 000,261,936 | RHS- | C] () -- C:\cmldr
[2011-01-25 19:05:24 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-01-25 19:05:24 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-01-25 19:05:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-01-25 19:05:24 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-01-25 19:05:24 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-01-25 17:35:43 | 004,160,093 | R--- | C] () -- C:\Documents and Settings\Mr.A\Bureaublad\ComboFix.exe
[2011-01-25 17:35:00 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Mr.A\Bureaublad\MBRCheck.exe
[2011-01-23 23:34:23 | 000,000,304 | ---- | C] () -- C:\Documents and Settings\Mr.A\Bureaublad\Sound Configuration.lnk
[2011-01-19 16:39:23 | 151,023,436 | ---- | C] () -- F:\Mijn Documenten\clip0006.avi
[2011-01-19 14:40:30 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2011-01-19 14:40:27 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2011-01-17 02:30:59 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\winscp.rnd
[2010-12-30 14:14:26 | 004,074,273 | ---- | C] () -- C:\WINDOWS\System32\TmpA174434109
[2010-11-23 03:07:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\FxShared.dll
[2010-11-23 03:07:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\com.fxpansion.fxshared.dll
[2010-09-20 23:13:20 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjpj.ini
[2010-09-17 11:40:31 | 000,594,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010-09-03 15:36:54 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjol.ini
[2010-09-03 15:36:54 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjfl.ini
[2010-09-03 15:36:08 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjef.ini
[2010-09-03 15:35:56 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjda.ini
[2010-09-03 15:35:45 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjcc.ini
[2010-09-03 15:35:32 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjpc.ini
[2010-09-03 15:35:32 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjjd.ini
[2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjma.ini
[2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjke.ini
[2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjgb.ini
[2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjbe.ini
[2010-09-03 15:01:58 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjlk.ini
[2010-09-03 14:52:55 | 003,661,824 | ---- | C] () -- C:\WINDOWS\System32\mkl_wavearts.dll
[2010-08-26 05:41:05 | 004,431,872 | ---- | C] () -- C:\WINDOWS\System32\PSP Neon HR.dll
[2010-08-26 05:41:05 | 004,337,664 | ---- | C] () -- C:\WINDOWS\System32\PSP Neon.dll
[2010-08-26 05:38:19 | 006,500,352 | ---- | C] () -- C:\WINDOWS\System32\PSP VintageWarmer2.dll
[2010-08-26 05:38:19 | 006,496,256 | ---- | C] () -- C:\WINDOWS\System32\PSP VintageWarmer.dll
[2010-08-26 05:37:10 | 006,791,168 | ---- | C] () -- C:\WINDOWS\System32\PSP Xenon.dll
[2010-08-26 05:36:18 | 000,678,912 | ---- | C] () -- C:\WINDOWS\System32\PSP StereoController.dll
[2010-08-26 05:36:18 | 000,606,208 | ---- | C] () -- C:\WINDOWS\System32\PSP StereoAnalyser.dll
[2010-08-26 05:36:18 | 000,591,872 | ---- | C] () -- C:\WINDOWS\System32\PSP StereoEnhancer.dll
[2010-08-26 05:36:18 | 000,580,608 | ---- | C] () -- C:\WINDOWS\System32\PSP PseudoStereo.dll
[2010-08-26 05:33:48 | 003,191,296 | ---- | C] () -- C:\WINDOWS\System32\PSP Nitro.dll
[2010-08-26 05:32:04 | 004,332,032 | ---- | C] () -- C:\WINDOWS\System32\PSP MixBass2.dll
[2010-08-26 05:30:02 | 004,218,880 | ---- | C] () -- C:\WINDOWS\System32\PSP MasterComp.dll
[2010-08-26 05:26:58 | 002,874,368 | ---- | C] () -- C:\WINDOWS\System32\PSP EasyVerb.dll
[2010-08-25 13:54:38 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ArtFfct.dll
[2010-08-25 00:31:09 | 000,002,632 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010-08-24 22:18:01 | 000,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys
[2010-08-24 16:00:00 | 000,018,819 | ---- | C] () -- C:\WINDOWS\System32\privatedata.dll
[2010-08-24 00:46:20 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-08-23 23:04:22 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\Mr.A\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-23 22:57:18 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-08-23 19:28:15 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2010-08-23 15:33:53 | 000,024,294 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2010-08-23 15:33:53 | 000,001,072 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2010-08-23 15:33:34 | 000,060,360 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2010-08-23 15:33:33 | 000,014,997 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2010-08-23 15:33:31 | 000,017,921 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2010-08-23 05:37:31 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2010-08-23 01:05:09 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010-08-22 23:20:53 | 000,000,395 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-08-22 23:20:53 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2010-08-22 23:20:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2010-08-22 17:17:04 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010-08-22 16:11:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010-08-22 16:05:00 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4885.dll
[2010-08-08 19:18:19 | 000,000,162 | ---- | C] () -- C:\WINDOWS\msmmdx9.ini
[2010-06-25 18:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009-10-06 16:00:00 | 001,210,208 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandAutopanpresets.xml
[2009-10-06 16:00:00 | 000,919,437 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandVibratopresets.xml
[2009-10-06 16:00:00 | 000,886,643 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandRingModulatorpresets.xml
[2009-10-06 16:00:00 | 000,857,792 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandPhaserpresets.xml
[2009-10-06 16:00:00 | 000,614,095 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandTremolopresets.xml
[2009-10-06 16:00:00 | 000,461,724 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandDelaypresets.xml
[2009-10-06 16:00:00 | 000,335,546 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MReverbpresets.xml
[2009-10-06 16:00:00 | 000,244,500 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandWaveShaperpresets.xml
[2009-10-06 16:00:00 | 000,172,324 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MAnalyzerpresets.xml
[2009-10-06 16:00:00 | 000,140,966 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandDynamicspresets.xml
[2009-10-06 16:00:00 | 000,050,760 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MSpectralDynamicspresets.xml
[2009-10-06 16:00:00 | 000,026,438 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MDynamicspresets.xml
[2009-10-06 16:00:00 | 000,022,238 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MMultiBandLimiterpresets.xml
[2009-10-06 16:00:00 | 000,010,486 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MEqualizerLinearPhasepresets.xml
[2009-10-06 16:00:00 | 000,007,954 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MEqualizerpresets.xml
[2009-10-06 16:00:00 | 000,006,753 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MCompressorpresets.xml
[2009-10-06 16:00:00 | 000,005,160 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MWaveShaperpresets.xml
[2009-10-06 16:00:00 | 000,004,150 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MStereoProcessorpresets.xml
[2009-10-06 16:00:00 | 000,002,841 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MRingModulatorpresets.xml
[2009-10-06 16:00:00 | 000,002,615 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MPhaserpresets.xml
[2009-10-06 16:00:00 | 000,001,725 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MStereoExpanderpresets.xml
[2009-10-06 16:00:00 | 000,001,403 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MUltraMaximizerpresets.xml
[2009-10-06 16:00:00 | 000,001,107 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MVibratopresets.xml
[2009-10-06 16:00:00 | 000,000,990 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MTremolopresets.xml
[2009-10-06 16:00:00 | 000,000,683 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MAutopanpresets.xml
[2009-10-06 16:00:00 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Mr.A\Application Data\MLimiterpresets.xml
[2009-03-03 16:00:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\VTM4CoreA.dll
[2006-08-16 14:13:34 | 001,382,280 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll
[2006-07-03 23:21:32 | 001,397,548 | ---- | C] () -- C:\WINDOWS\System32\libfftw3-3.dll
[2005-10-14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005-10-14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005-10-14 10:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005-10-14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005-10-14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005-10-14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005-10-14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005-10-14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[1999-01-22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
========== LOP Check ==========

[2010-12-13 14:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ableton
[2011-01-26 00:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010-08-24 01:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arturia
[2010-08-26 23:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cakewalk
[2010-10-02 14:08:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010-10-02 14:12:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010-11-19 13:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010-08-28 15:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celemony Software GmbH
[2010-08-24 00:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010-08-24 22:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eLicenser
[2010-10-15 13:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KORG
[2010-08-24 00:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\M-Audio
[2010-11-09 17:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010-08-23 22:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MessengerDiscovery 2
[2010-08-24 23:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MTexturedStyles
[2010-08-24 17:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2010-11-24 23:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
[2010-08-24 15:15:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
[2010-08-25 17:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SideKickReg
[2010-08-24 01:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2010-08-24 22:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft
[2011-01-23 23:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010-08-27 14:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temporary
[2010-08-24 01:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VST3 Presets
[2010-12-31 02:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Waves Audio
[2010-10-21 16:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\webcamXP 5
[2010-08-24 17:43:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{09B301EE-C58B-408E-8D5D-E17495536D3E}
[2010-08-23 22:36:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010-08-24 17:42:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{442B6EC3-77A0-4817-825F-67F47D7A2E54}
[2010-12-16 23:17:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{4FF14FF4-C333-4311-BC51-88781D14A5AF}
[2010-08-24 16:37:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A518DCBE-06AD-461B-8F2E-C53AA3525C15}
[2010-08-27 16:10:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{A97DA822-7B29-4F18-A64A-BF94FFFE77FB}
[2010-08-24 16:34:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BF329843-149E-4A5A-82A1-0250286442D0}
[2010-08-24 16:32:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{E7D4E1BB-A8A8-4E3B-BEA6-38DD8E4522DF}
[2010-08-24 17:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EADDDB9C-2F20-4408-9D14-618D2AF3ADB4}
[2010-08-24 17:56:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{FD243B4D-4229-4F4A-8F06-0C6A82929EE8}
[2010-12-13 16:37:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Ableton
[2010-08-24 23:09:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Antares
[2010-08-24 01:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Audio Ease
[2010-10-21 02:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\BITS
[2010-08-25 15:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Blue Cat Audio
[2010-08-24 12:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\BSplayer PRO
[2010-12-20 23:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Celemony Software GmbH
[2010-08-24 00:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\DAEMON Tools Pro
[2010-12-30 14:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\FabFilter
[2010-08-23 22:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\FlashGet
[2010-08-23 22:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\FlashGetBHO
[2010-11-23 03:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\FXpansion
[2010-08-27 02:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\iZotope
[2010-10-15 14:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\KORG
[2010-08-27 16:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Lexicon PCM Native
[2010-11-25 03:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MeldaProduction MAnalyzer
[2010-09-24 00:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MeldaProduction MAutoEqualizer
[2010-09-04 02:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MeldaProduction MStereoExpander
[2010-09-23 22:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MeldaProduction MStereoProcessor
[2010-09-24 15:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MeldaProduction MUltraMaximizer
[2010-12-13 00:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MeldaProduction MWaveShaper
[2011-01-24 13:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MessengerDiscovery 2
[2010-08-25 01:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\MSPS
[2010-11-24 23:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\PACE Anti-Piracy
[2010-08-24 15:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Propellerhead Software
[2010-10-14 13:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Proteus VX
[2010-10-06 23:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\SPL Plug-Ins
[2010-08-27 14:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Steinberg
[2010-08-23 03:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\SystemRequirementsLab
[2011-01-18 18:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Toolbar4
[2010-08-24 14:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Uniblue
[2010-11-22 01:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\uTorrent
[2010-10-08 11:10:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Voxengo
[2011-01-19 22:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\VST3 Presets
[2010-08-26 17:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Waldorf
[2010-12-31 02:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mr.A\Application Data\Waves Audio

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010-08-22 15:26:58 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-09-02 22:34:10 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011-01-25 19:22:47 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2003-04-08 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:14 | 000,261,936 | RHS- | M] () -- C:\cmldr
[2010-08-22 15:26:58 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007-11-07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007-11-07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007-11-07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007-11-07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007-11-07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007-11-07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007-11-07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007-11-07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007-11-07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007-11-07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007-11-07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007-11-07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007-11-07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010-08-22 15:26:58 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-08-22 15:26:58 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-08-22 16:26:44 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010-08-23 02:00:39 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2011-01-26 12:48:11 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2010-08-23 13:51:30 | 000,005,748 | ---- | M] () -- C:\pltemp.ini
[2008-04-30 23:32:00 | 000,107,596 | ---- | M] () -- C:\toolkit_widget.gif
[2007-11-07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007-11-07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007-11-07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2006-04-18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-06-29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-06-29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2010-08-22 15:26:38 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009-03-17 04:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD9W.DLL
[2009-03-17 04:00:00 | 000,070,656 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP9W.DLL
[2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008-07-06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011-01-13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2010-08-22 17:14:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010-08-22 17:14:37 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010-08-22 17:14:37 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010-08-22 15:30:57 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Mr.A\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureaublad weergeven.scf
[2010-08-23 02:22:40 | 000,000,189 | -HS- | M] () -- C:\Documents and Settings\Mr.A\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011-01-26 14:36:32 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\Mr.A\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008-04-14 18:03:17 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2010-08-25 02:12:00 | 000,735,984 | ---- | M] (tzuk) -- C:\WINDOWS\Installer\SandboxieInstall32.exe
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008-04-14 18:02:23 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2003-04-08 13:00:00 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2002-08-20 11:32:18 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2002-04-11 11:00:02 | 000,000,898 | ---- | M] () -- C:\Program Files\Messenger\mailtmpl.txt
[2008-05-02 15:05:59 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008-04-13 18:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008-04-14 18:03:07 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002-08-20 14:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgsin.exe
[2003-04-08 13:00:00 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2003-04-08 13:00:00 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2003-04-08 13:00:00 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2002-08-20 11:32:20 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004-07-17 10:35:48 | 000,118,265 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Alternate Data Streams ==========

@Alternate Data Stream - 1257 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:cZAAyo3VetYfXrm5B3tw
@Alternate Data Stream - 1242 bytes -> C:\Documents and Settings\Mr.A\Cookies\4nIcFQGyou7m:cwQNeMVQDblPSunGe3X
@Alternate Data Stream - 1214 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:fXeY28poQMWPDaKRZ
@Alternate Data Stream - 1205 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:dgDiPp650oCYkoGTsnGhu42
@Alternate Data Stream - 1122 bytes -> C:\Documents and Settings\Mr.A\Cookies:RpvRPoYZRH6rjYzclCkaHhyU6R

< End of report >
 
Extras.txt

OTL Extras logfile created on: 26-1-2011 14:43:13 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Mr.A\Bureaublad
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,48 Gb Total Space | 50,49 Gb Free Space | 44,10% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 162,67 Gb Free Space | 17,46% Space Free | Partition Type: NTFS

Computer Name: ADILOST | User Name: Mr.A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"60007:TCP" = 60007:TCP:*:Enabled:UTorrent 60007
"60007:UDP" = 60007:UDP:*:Enabled:UTorrent 60007
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\Steinberg\Cubase 5\Cubase5.exe" = C:\Program Files\Steinberg\Cubase 5\Cubase5.exe:*:Enabled:Cubase -- (Steinberg Media Technologies)
"C:\Program Files\Steinberg\WaveLab 6\WaveLab-app.exe" = C:\Program Files\Steinberg\WaveLab 6\WaveLab-app.exe:*:Enabled:WaveLab -- (Steinberg Media Technologies)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iWebcamera\iWebcameraApp.exe" = C:\Program Files\iWebcamera\iWebcameraApp.exe:*:Enabled:iWebcameraApp -- (drahtwerk)
"C:\Program Files\FXpansion\Guru\Guru.exe" = C:\Program Files\FXpansion\Guru\Guru.exe:*:Enabled:Stand-Alone (stub loader) -- (FXpansion Audio UK Ltd.)
"C:\Program Files\wLite\wLite.exe" = C:\Program Files\wLite\wLite.exe:*:Disabled:webcamXP -- (Moonware Studios)
"C:\Program Files\wLite\wService.exe" = C:\Program Files\wLite\wService.exe:*:Disabled:webcamXP Service -- (Moonware Studios)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000413-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{04FCFB2F-FEC3-4D9A-81FB-A18858CF52DB}_is1" = RAM Saver 9.12 Professional
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Hardware Controller Support
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{1C53D51A-7F4F-435A-B292-A2395DFAF090}" = BuzComp_KeyMaker
"{1E958728-CFA3-454A-A2D6-42A9FF718480}" = Intel(R) C++ Redistributables for Windows* on IA-32
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Driver
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{28773E11-6E44-46DC-90BD-273A3FA2CAC1}" = Adobe Setup
"{2E337869-756A-4E46-A936-0E67FE043A5E}" = Melodyne 3.2
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{439A2DFC-DC12-4A8A-AAA3-D9CA68D778CD}" = Virtuoso
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5354D5F2-342D-43DD-A361-B65BF7AABE1D}" = nebula3 CM
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F9D5D04-C756-4B4A-9ADF-37F7D8EB1E87}" = ARC System
"{620FE3A6-F576-4ECC-9734-FA2DCFA4FF82}" = KORG Legacy Collection - ANALOG EDITION 2007
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65AA5B18-A330-4F35-BCDF-EA85EC888906}" = AVOX Evo VST
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69E5920C-C84E-4F77-A776-71C1FEFBDED4}" = Axiom Pro Cubase HyperControl
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7EC9E7A1-A576-43C8-9CBB-31BD5625EBCA}" = FOX LiveUpdate
"{8066D0CB-C217-4673-BAFA-ED420F483CE9}" = BuzComp
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AB5668B8-1428-460F-AE02-999A598D6883}" = Wavpack4Wavelab6
"{ABBC8011-1E42-4ADA-9794-574349612CEF}" = iWebcamera
"{AC76BA86-7AD7-1043-7B44-A93000000001}" = Adobe Reader 9.3.4 - Nederlands
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B08ACC56-7772-4C92-8052-774079E8927A}" = Mo Phatt
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4691C58-2A6A-4AFA-960E-AEB767639E44}" = PCM Native Reverb VST Plug-in
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C20C2630-B3A7-44BA-BDD0-31E256AE490E}" = Windows Live Call
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7DEE429-4C9B-4126-894F-50B4F54FF196}" = inSSIDer
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF1D7323-8A0A-49C7-83B0-088DB90721E2}" = AmpegSVX
"{D0E565B0-03A0-40D9-A514-000634AA58C6}" = KORG Legacy Collection - DIGITAL EDITION
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D69D39FC-DCC0-43F4-9524-043EE9F1C329}" = Native Instruments Abbey Road Modern Drums
"{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1" = Focusrite Scarlett Plug-in Suite 1.1
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{DC7544D8-F401-4E25-A242-209F9225330E}" = AxiomPro
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EC015649-3B3C-4611-9C66-453F8011E944}" = Native Instruments Kontakt 4
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Addictive Drums ADpak Retro_is1" = Addictive Drums ADpak Retro
"Addictive Drums Inno Setup_is1" = Addictive Drums 1.1
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_ccb135070a90ff24d6e7cc4bc5a59cb" = Adobe Fireworks CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Analog Factory HipHop_is1" = Analog Factory HipHop 2.2.1
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"ANWIDA Soft Parametric Equalizer Pro 3.0" = ANWIDA Soft Parametric Equalizer Pro 3.0
"Arturia Prophet V VSTi RTAS_is1" = Arturia Prophet V VSTi RTAS v1.2.1
"ASIO4ALL" = ASIO4ALL
"avast5" = avast! Pro Antivirus
"BBE Sonic Sweet Bundle VST RTAS_is1" = BBE Sonic Sweet Bundle VST RTAS v1.0
"Brainworx BX Control VST RTAS_is1" = Brainworx BX Control VST RTAS v2.0
"Brainworx BX Digital VST RTAS_is1" = Brainworx BX Digital VST RTAS v2.0.2
"Brainworx BX DynEQ Bundle VST RTAS_is1" = Brainworx BX DynEQ Bundle VST RTAS v1.1
"Brainworx BX Hybrid VST RTAS_is1" = Brainworx BX Hybrid VST RTAS v1.0.5
"Brainworx BX XL Mastering Limiter_is1" = Brainworx BX XL Mastering Limiter VST RTAS v1.0
"BSPlayerp" = BS.Player PRO
"Cakewalk Dimension Pro_is1" = Dimension Pro
"Cakewalk Rapture Expansion Pack 1" = Cakewalk Rapture Expansion Pack 1
"Cakewalk Rapture Expansion Pack 2" = Cakewalk Rapture Expansion Pack 2
"Cakewalk Rapture_is1" = Rapture 1.1
"Camel Audio Cameleon 5000 v1.7 VSTi" = Camel Audio Cameleon 5000 v1.7 VSTi
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner (remove only)
"CdaC13Ba" = SafeCast Shared Components
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Compadre Beatpuncher_is1" = Compadre Beatpuncher v1.1
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Darbuka_is1" = Darbuka 1.0.0
"db audioware Sidechain Compressor VST v1.1.0" = db audioware Sidechain Compressor VST v1.1.0
"discoDSP Discovery Pro_is1" = discoDSP Discovery Pro VSTi RTAS v5.3
"DivX Setup.divx.com" = DivX Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DriverGuide DriverScan" = DriverGuide DriverScan
"eLicenser Control" = eLicenser Control
"Elysia mpressor VST RTAS_is1" = Elysia mpressor VST RTAS v1.0.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FabFilter Pro-C VST RTAS_is1" = FabFilter Pro-C VST RTAS v1.1.2
"FabFilter Pro-Q VST RTAS_is1" = FabFilter Pro-Q VST RTAS v1.01
"FabFilter Simplon 1.12" = FabFilter Simplon 1.12
"FabFilter TotalBundle x86_is1" = FabFilter TotalBundle VST RTAS v1.2
"FabFilter Twin VSTi RTAS_is1" = FabFilter Twin VSTi RTAS v2.00
"FabFilter Volcano VST RTAS_is1" = FabFilter Volcano VST RTAS v2.03
"FL Studio 9" = FL Studio 9
"FLUX Spring Pack Bundle_is1" = FLUX Spring Pack Bundle v1.0.4.14
"Gebruikersregistratie voor Canon MP250 series" = Gebruikersregistratie voor Canon MP250 series
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IL Download Manager" = IL Download Manager
"IL Juice Pack" = IL Juice Pack
"IL Vocodex" = IL Vocodex
"ImTOO MPEG Encoder Platinum" = ImTOO MPEG Encoder Platinum
"ISOBuddy" = ISOBuddy
"iZotope Alloy_is1" = iZotope Alloy
"iZotope iDrum Factory Content_is1" = iZotope iDrum Factory Content
"iZotope iDrum_is1" = iZotope iDrum
"iZotope Ozone 4_is1" = iZotope Ozone 4
"KeyToSound - Essential Compressor_is1" = KeyToSound - Essential Compressor 1.0 r4
"Latigo_is1" = Latigo 1.0.0
"Live 8.2.1" = Live 8.2.1
"Magic ISO Maker v5.4 (build 0239)" = Magic ISO Maker v5.4 (build 0239)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maximus" = Maximus
"Messenger Plus! Live" = Messenger Plus! Live
"MessengerDiscovery_is1" = MessengerDiscovery 2.5.95
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Minimal System Instruments Moogi VST v2.50_is1" = Minimal System Instruments Moogi Analogue Filter VST v2.50
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSIstrip v2.00" = MSIstrip v2.00
"Native Instruments Abbey Road Modern Drums" = Native Instruments Abbey Road Modern Drums
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Best of Reaktor Vol. 1" = Native Instruments Best of Reaktor Vol. 1
"Native Instruments Deep Transformations" = Native Instruments Deep Transformations
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Hardware Controller Support" = Native Instruments Hardware Controller Support
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kore 2" = Native Instruments Kore 2
"Native Instruments Kore v2.0.1.007 Updater - Patcher" = Native Instruments Kore v2.0.1.007 Updater - Patcher
"Native Instruments Maschine" = Native Instruments Maschine
"Native Instruments Maschine Driver" = Native Instruments Maschine Driver
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Massive Expansion Vol. 2" = Native Instruments Massive Expansion Vol. 2
"Native Instruments Pro-53" = Native Instruments Pro-53
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Urban Arsenal" = Native Instruments Urban Arsenal
"NomadFactory Analog Mastering Tools VST RTAS_is1" = NomadFactory Analog Mastering Tools VST RTAS v1.0
"NomadFactory Blue Tubes Analog TrackBox VST RTAS_is1" = NomadFactory Blue Tubes Analog TrackBox VST RTAS v1.3
"NomadFactory Blue Tubes Dynamics Pack VST RTAS_is1" = NomadFactory Blue Tubes Dynamics Pack VST RTAS v3.2
"NomadFactory Blue Tubes Effects Pack VST RTAS_is1" = NomadFactory Blue Tubes Effects Pack VST RTAS v3.2
"NomadFactory Blue Tubes Equalizers Pack VST RTAS_is1" = NomadFactory Blue Tubes Equalizers Pack VST RTAS v3.2
"NomadFactory Essential Studio Suite VST RTAS_is1" = NomadFactory Essential Studio Suite VST RTAS v1.5
"NomadFactory Limiting Amplifier LM-662 VST RTAS_is1" = NomadFactory Limiting Amplifier LM-662 VST RTAS v1.3
"NomadFactory Liquid Bundle VST RTAS_is1" = NomadFactory Liquid Bundle VST RTAS v2.4
"NomadFactory Program Equalizer EQP-4 VST RTAS_is1" = NomadFactory Program Equalizer EQP-4 VST RTAS v1.3
"NomadFactory Retrology M-Tone EQ VST RTAS_is1" = NomadFactory Retrology M-Tone EQ VST RTAS v1.0
"NomadFactory Studio Channel SC-226 VST RTAS_is1" = NomadFactory Studio Channel SC-226 VST RTAS v1.3
"NVIDIA Drivers" = NVIDIA Drivers
"PCM Native Reverb VST Plug-in" = PCM Native Reverb VST Plug-in
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"PreSonus FireBox driver v5.13.0.0" = PreSonus FireBox driver v5.13.0.0
"Proteus VX" = Proteus VX
"PSP Audioware Neon HR VST RTAS_is1" = PSP Audioware Neon HR VST RTAS v1.5.1
"PSP Audioware Xenon_is1" = PSP Audioware Xenon v1.0
"PSP EasyVerb 1.5.4" = PSP EasyVerb 1.5.4
"PSP MasterComp 1.5.4" = PSP MasterComp 1.5.4
"PSP MasterQ 1.5.2" = PSP MasterQ 1.5.2
"PSP MixPack2 2.0.3" = PSP MixPack2 2.0.3
"PSP Nitro 1.1.2" = PSP Nitro 1.1.2
"PSP sQuad 1.1.1" = PSP sQuad 1.1.1
"PSP StereoPack 1.9.0" = PSP StereoPack 1.9.0
"PSP VintageWarmer2 2.3.1 32bit" = PSP VintageWarmer2 2.3.1 32bit
"Punch VST v1.05" = Punch VST v1.05
"Reason4_is1" = Reason 4.0
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Revo Uninstaller" = Revo Uninstaller 1.89
"Sandboxie" = Sandboxie 3.46
"Sawer" = Sawer
"Softube FET Compressor VST RTAS_is1" = Softube FET Compressor VST RTAS v1.0.3
"Softube Passive-Active Pack VST RTAS_is1" = Softube Passive-Active Pack VST RTAS v1.0.2
"Softube Tonelux Tilt_is1" = Softube Tonelux Tilt VST RTAS v1.0
"Softube Tube-Tech CL 1B VST RTAS_is1" = Softube Tube-Tech CL 1B VST RTAS v1.0.3
"Softube Tube-Tech PE 1C_is1" = Softube Tube-Tech PE 1C VST RTAS v1.0.1
"Softube Valley People Dyna-mite_is1" = Softube Valley People Dyna-mite VST RTAS v1.0.3
"Sonnox Oxford Inflator Native VST_is1" = Sonnox Oxford Inflator Native VST v1.5.1
"Sonnox Oxford Limiter Native VST_is1" = Sonnox Oxford Limiter Native VST v1.1.1
"Sonnox Oxford R3 Dynamics Native VST_is1" = Sonnox Oxford R3 Dynamics Native VST v1.3.1
"Sonnox Oxford R3 EQ Native VST_is1" = Sonnox Oxford R3 EQ Native VST v1.6.1
"Sonnox Oxford Reverb Native VST_is1" = Sonnox Oxford Reverb Native VST v1.0
"Sonnox Oxford TransMod Native VST_is1" = Sonnox Oxford TransMod Native VST v1.3.1
"SPL Analog Code DrumXchanger VST RTAS_is1" = SPL Analog Code DrumXchanger VST RTAS v1.0
"SPL Analog Code Vitalizer MK2-T VST RTAS_is1" = SPL Analog Code Vitalizer MK2-T VST RTAS v1.1
"SSi Pro EQ VST v1.0_is1" = Minimal System Instruments SSi Pro EQ VST v1.0
"SSi Pro Expander&Gate VST v1.0_is1" = Minimal System Instruments SSi Pro Expander&Gate VST v1.0
"Steinberg Freefilter v1.2" = Steinberg Freefilter v1.2
"Steinberg Groove Agent VSTi DXi_is1" = Steinberg Groove Agent VSTi DXi v2.0
"Steinberg Hypersonic VSTi DXi_is1" = Steinberg Hypersonic VSTi DXi v2.0
"Steinberg The Grand VSTi DXi_is1" = Steinberg The Grand VSTi DXi v2.1.0
"Steinberg Virtual Bassist VSTi DXi_is1" = Steinberg Virtual Bassist VSTi DXi v1.0
"Stillwell Audio Plugins Bundle VST v1.52" = Stillwell Audio Plugins Bundle VST v1.52
"Sytrus" = Sytrus
"Tone2 FilterBank3_is1" = FilterBank v3.2
"Tone2 FireBird+_is1" = FireBird+ v1.9
"Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2
"Toxic Biohazard" = Toxic Biohazard
"TT Dynamic Range Meter_is1" = TT Dynamic Range Meter 1.0
"UltraComp VST v1.05" = UltraComp VST v1.05
"URS Plug-In Bundle Complete VST RTAS_is1" = URS Plug-In Bundle Complete VST RTAS v1.0
"uTorrent" = µTorrent
"Virtual Audio Cable 4.9" = Virtual Audio Cable 4.9
"VLC media player" = VLC media player 1.1.3
"Waldorf Largo" = Waldorf Largo
"Wave Arts Master Restoration" = Wave Arts Master Restoration
"Wave Arts Power Suite" = Wave Arts Power Suite
"Wave Arts Tube Saturator" = Wave Arts Tube Saturator
"WaveLabPro" = WaveLab 6
"Waves Complete v7_is1" = Waves Complete VST RTAS TDM v7.1.16
"Way out Ware TimewARP2600 VSTi RTAS_is1" = Way out Ware TimewARP2600 VSTi RTAS v1.4.1
"Winamp" = Winamp
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"XviD4PSP5" = XviD4PSP 5.0
"z3ta+_x86_is1" = rgc:audio z3ta+ 1.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Elysia Alpha Compressor_is1" = Elysia Alpha Compressor VST RTAS v1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19-1-2011 10:18:32 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: camrecorder.exe, versie: 6.0.3.928, vastgelopen
module: ntdll.dll, versie: 5.1.2600.5755, vastgelopen op: 0x00011780.

Error - 19-1-2011 10:21:54 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: camrecorder.exe, versie: 6.0.3.928, vastgelopen
module: ntdll.dll, versie: 5.1.2600.5755, vastgelopen op: 0x00011780.

Error - 19-1-2011 22:58:05 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: divxupdate.exe, versie: 1.0.1.10, vastgelopen
module: msvcp80.dll, versie: 8.0.50727.4053, vastgelopen op: 0x000100b5.

Error - 20-1-2011 8:20:42 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 20-1-2011 10:40:09 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: winamp.exe, versie: 5.5.5.2405, vastgelopen
module: ntdll.dll, versie: 5.1.2600.5755, vastgelopen op: 0x00010f20.

Error - 21-1-2011 8:20:21 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 21-1-2011 8:29:11 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 21-1-2011 8:34:10 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 224: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 21-1-2011 9:27:50 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 26-1-2011 9:36:22 | Computer Name = ADILOST | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: AvastUI.exe, versie: 5.1.889.0, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

[ System Events ]
Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De SMTP (Simple Mail Transfer Protocol)-service is onverwacht beëindigd.
Dit is nu 1 keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De World Wide Web-publicatie-service is onverwacht beëindigd. Dit
is nu 1 keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De Java Quick Starter-service is onverwacht beëindigd. Dit is nu 1
keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De MBAMService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De NIHardwareService-service is onverwacht beëindigd. Dit is nu 1
keer gebeurd.

Error - 25-1-2011 11:09:30 | Computer Name = ADILOST | Source = MRxSmb | ID = 8003
Description = De masterbrowser heeft een servermelding ontvangen van computer SX551E61CAD
die
meent de masterbrowser voor het domein te zijn op transport NetBT_Tcpip_{71BFA0BC-9BBE-43.
De masterbrowser wordt gestopt of er wordt een verkiezing afgedwongen.

Error - 25-1-2011 14:07:02 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De C-DillaCdaC11BA-service is onverwacht beëindigd. Dit is nu 1 keer
gebeurd.

Error - 25-1-2011 19:18:01 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De C-DillaCdaC11BA-service is onverwacht beëindigd. Dit is nu 1 keer
gebeurd.

Error - 26-1-2011 7:30:24 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: COM-service voor IMAPI cd-branders.

Error - 26-1-2011 7:30:24 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7000
Description = De COM-service voor IMAPI cd-branders-service kan vanwege de volgende
fout niet worden gestart: %%1053


< End of report >


Extras.txt

OTL Extras logfile created on: 26-1-2011 14:43:13 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Mr.A\Bureaublad
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,48 Gb Total Space | 50,49 Gb Free Space | 44,10% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 162,67 Gb Free Space | 17,46% Space Free | Partition Type: NTFS

Computer Name: ADILOST | User Name: Mr.A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"60007:TCP" = 60007:TCP:*:Enabled:UTorrent 60007
"60007:UDP" = 60007:UDP:*:Enabled:UTorrent 60007
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22008
 
========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\Steinberg\Cubase 5\Cubase5.exe" = C:\Program Files\Steinberg\Cubase 5\Cubase5.exe:*:Enabled:Cubase -- (Steinberg Media Technologies)
"C:\Program Files\Steinberg\WaveLab 6\WaveLab-app.exe" = C:\Program Files\Steinberg\WaveLab 6\WaveLab-app.exe:*:Enabled:WaveLab -- (Steinberg Media Technologies)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\iWebcamera\iWebcameraApp.exe" = C:\Program Files\iWebcamera\iWebcameraApp.exe:*:Enabled:iWebcameraApp -- (drahtwerk)
"C:\Program Files\FXpansion\Guru\Guru.exe" = C:\Program Files\FXpansion\Guru\Guru.exe:*:Enabled:Stand-Alone (stub loader) -- (FXpansion Audio UK Ltd.)
"C:\Program Files\wLite\wLite.exe" = C:\Program Files\wLite\wLite.exe:*:Disabled:webcamXP -- (Moonware Studios)
"C:\Program Files\wLite\wService.exe" = C:\Program Files\wLite\wService.exe:*:Disabled:webcamXP Service -- (Moonware Studios)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000413-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{04FCFB2F-FEC3-4D9A-81FB-A18858CF52DB}_is1" = RAM Saver 9.12 Professional
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Hardware Controller Support
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{1C53D51A-7F4F-435A-B292-A2395DFAF090}" = BuzComp_KeyMaker
"{1E958728-CFA3-454A-A2D6-42A9FF718480}" = Intel(R) C++ Redistributables for Windows* on IA-32
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{21E77392-C30A-4AA2-8CA7-5728316939D6}" = AmpliTube X-GEAR
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}" = Native Instruments Maschine Driver
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{28773E11-6E44-46DC-90BD-273A3FA2CAC1}" = Adobe Setup
"{2E337869-756A-4E46-A936-0E67FE043A5E}" = Melodyne 3.2
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{423C4130-EBC3-410A-B3A0-37BBF9D607D5}" = T-RackS 3 Deluxe
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{439A2DFC-DC12-4A8A-AAA3-D9CA68D778CD}" = Virtuoso
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5354D5F2-342D-43DD-A361-B65BF7AABE1D}" = nebula3 CM
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F9D5D04-C756-4B4A-9ADF-37F7D8EB1E87}" = ARC System
"{620FE3A6-F576-4ECC-9734-FA2DCFA4FF82}" = KORG Legacy Collection - ANALOG EDITION 2007
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65AA5B18-A330-4F35-BCDF-EA85EC888906}" = AVOX Evo VST
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69E5920C-C84E-4F77-A776-71C1FEFBDED4}" = Axiom Pro Cubase HyperControl
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7EC9E7A1-A576-43C8-9CBB-31BD5625EBCA}" = FOX LiveUpdate
"{8066D0CB-C217-4673-BAFA-ED420F483CE9}" = BuzComp
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AB5668B8-1428-460F-AE02-999A598D6883}" = Wavpack4Wavelab6
"{ABBC8011-1E42-4ADA-9794-574349612CEF}" = iWebcamera
"{AC76BA86-7AD7-1043-7B44-A93000000001}" = Adobe Reader 9.3.4 - Nederlands
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B08ACC56-7772-4C92-8052-774079E8927A}" = Mo Phatt
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4691C58-2A6A-4AFA-960E-AEB767639E44}" = PCM Native Reverb VST Plug-in
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C20C2630-B3A7-44BA-BDD0-31E256AE490E}" = Windows Live Call
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7DEE429-4C9B-4126-894F-50B4F54FF196}" = inSSIDer
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF1D7323-8A0A-49C7-83B0-088DB90721E2}" = AmpegSVX
"{D0E565B0-03A0-40D9-A514-000634AA58C6}" = KORG Legacy Collection - DIGITAL EDITION
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D69D39FC-DCC0-43F4-9524-043EE9F1C329}" = Native Instruments Abbey Road Modern Drums
"{D7F912D4-C237-4079-966A-5044A5025CBF}}_is1" = Focusrite Scarlett Plug-in Suite 1.1
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{DC7544D8-F401-4E25-A242-209F9225330E}" = AxiomPro
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EC015649-3B3C-4611-9C66-453F8011E944}" = Native Instruments Kontakt 4
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}" = Native Instruments Maschine
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Addictive Drums ADpak Retro_is1" = Addictive Drums ADpak Retro
"Addictive Drums Inno Setup_is1" = Addictive Drums 1.1
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_ccb135070a90ff24d6e7cc4bc5a59cb" = Adobe Fireworks CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Analog Factory HipHop_is1" = Analog Factory HipHop 2.2.1
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"ANWIDA Soft Parametric Equalizer Pro 3.0" = ANWIDA Soft Parametric Equalizer Pro 3.0
"Arturia Prophet V VSTi RTAS_is1" = Arturia Prophet V VSTi RTAS v1.2.1
"ASIO4ALL" = ASIO4ALL
"avast5" = avast! Pro Antivirus
"BBE Sonic Sweet Bundle VST RTAS_is1" = BBE Sonic Sweet Bundle VST RTAS v1.0
"Brainworx BX Control VST RTAS_is1" = Brainworx BX Control VST RTAS v2.0
"Brainworx BX Digital VST RTAS_is1" = Brainworx BX Digital VST RTAS v2.0.2
"Brainworx BX DynEQ Bundle VST RTAS_is1" = Brainworx BX DynEQ Bundle VST RTAS v1.1
"Brainworx BX Hybrid VST RTAS_is1" = Brainworx BX Hybrid VST RTAS v1.0.5
"Brainworx BX XL Mastering Limiter_is1" = Brainworx BX XL Mastering Limiter VST RTAS v1.0
"BSPlayerp" = BS.Player PRO
"Cakewalk Dimension Pro_is1" = Dimension Pro
"Cakewalk Rapture Expansion Pack 1" = Cakewalk Rapture Expansion Pack 1
"Cakewalk Rapture Expansion Pack 2" = Cakewalk Rapture Expansion Pack 2
"Cakewalk Rapture_is1" = Rapture 1.1
"Camel Audio Cameleon 5000 v1.7 VSTi" = Camel Audio Cameleon 5000 v1.7 VSTi
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner (remove only)
"CdaC13Ba" = SafeCast Shared Components
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Compadre Beatpuncher_is1" = Compadre Beatpuncher v1.1
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Darbuka_is1" = Darbuka 1.0.0
"db audioware Sidechain Compressor VST v1.1.0" = db audioware Sidechain Compressor VST v1.1.0
"discoDSP Discovery Pro_is1" = discoDSP Discovery Pro VSTi RTAS v5.3
"DivX Setup.divx.com" = DivX Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DriverGuide DriverScan" = DriverGuide DriverScan
"eLicenser Control" = eLicenser Control
"Elysia mpressor VST RTAS_is1" = Elysia mpressor VST RTAS v1.0.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FabFilter Pro-C VST RTAS_is1" = FabFilter Pro-C VST RTAS v1.1.2
"FabFilter Pro-Q VST RTAS_is1" = FabFilter Pro-Q VST RTAS v1.01
"FabFilter Simplon 1.12" = FabFilter Simplon 1.12
"FabFilter TotalBundle x86_is1" = FabFilter TotalBundle VST RTAS v1.2
"FabFilter Twin VSTi RTAS_is1" = FabFilter Twin VSTi RTAS v2.00
"FabFilter Volcano VST RTAS_is1" = FabFilter Volcano VST RTAS v2.03
"FL Studio 9" = FL Studio 9
"FLUX Spring Pack Bundle_is1" = FLUX Spring Pack Bundle v1.0.4.14
"Gebruikersregistratie voor Canon MP250 series" = Gebruikersregistratie voor Canon MP250 series
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IL Download Manager" = IL Download Manager
"IL Juice Pack" = IL Juice Pack
"IL Vocodex" = IL Vocodex
"ImTOO MPEG Encoder Platinum" = ImTOO MPEG Encoder Platinum
"ISOBuddy" = ISOBuddy
"iZotope Alloy_is1" = iZotope Alloy
"iZotope iDrum Factory Content_is1" = iZotope iDrum Factory Content
"iZotope iDrum_is1" = iZotope iDrum
"iZotope Ozone 4_is1" = iZotope Ozone 4
"KeyToSound - Essential Compressor_is1" = KeyToSound - Essential Compressor 1.0 r4
"Latigo_is1" = Latigo 1.0.0
"Live 8.2.1" = Live 8.2.1
"Magic ISO Maker v5.4 (build 0239)" = Magic ISO Maker v5.4 (build 0239)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maximus" = Maximus
"Messenger Plus! Live" = Messenger Plus! Live
"MessengerDiscovery_is1" = MessengerDiscovery 2.5.95
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Minimal System Instruments Moogi VST v2.50_is1" = Minimal System Instruments Moogi Analogue Filter VST v2.50
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSIstrip v2.00" = MSIstrip v2.00
"Native Instruments Abbey Road Modern Drums" = Native Instruments Abbey Road Modern Drums
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Best of Reaktor Vol. 1" = Native Instruments Best of Reaktor Vol. 1
"Native Instruments Deep Transformations" = Native Instruments Deep Transformations
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Hardware Controller Support" = Native Instruments Hardware Controller Support
"Native Instruments Kontakt 4" = Native Instruments Kontakt 4
"Native Instruments Kore 2" = Native Instruments Kore 2
"Native Instruments Kore v2.0.1.007 Updater - Patcher" = Native Instruments Kore v2.0.1.007 Updater - Patcher
"Native Instruments Maschine" = Native Instruments Maschine
"Native Instruments Maschine Driver" = Native Instruments Maschine Driver
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Massive Expansion Vol. 2" = Native Instruments Massive Expansion Vol. 2
"Native Instruments Pro-53" = Native Instruments Pro-53
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Urban Arsenal" = Native Instruments Urban Arsenal
"NomadFactory Analog Mastering Tools VST RTAS_is1" = NomadFactory Analog Mastering Tools VST RTAS v1.0
"NomadFactory Blue Tubes Analog TrackBox VST RTAS_is1" = NomadFactory Blue Tubes Analog TrackBox VST RTAS v1.3
"NomadFactory Blue Tubes Dynamics Pack VST RTAS_is1" = NomadFactory Blue Tubes Dynamics Pack VST RTAS v3.2
"NomadFactory Blue Tubes Effects Pack VST RTAS_is1" = NomadFactory Blue Tubes Effects Pack VST RTAS v3.2
"NomadFactory Blue Tubes Equalizers Pack VST RTAS_is1" = NomadFactory Blue Tubes Equalizers Pack VST RTAS v3.2
"NomadFactory Essential Studio Suite VST RTAS_is1" = NomadFactory Essential Studio Suite VST RTAS v1.5
"NomadFactory Limiting Amplifier LM-662 VST RTAS_is1" = NomadFactory Limiting Amplifier LM-662 VST RTAS v1.3
"NomadFactory Liquid Bundle VST RTAS_is1" = NomadFactory Liquid Bundle VST RTAS v2.4
"NomadFactory Program Equalizer EQP-4 VST RTAS_is1" = NomadFactory Program Equalizer EQP-4 VST RTAS v1.3
"NomadFactory Retrology M-Tone EQ VST RTAS_is1" = NomadFactory Retrology M-Tone EQ VST RTAS v1.0
"NomadFactory Studio Channel SC-226 VST RTAS_is1" = NomadFactory Studio Channel SC-226 VST RTAS v1.3
"NVIDIA Drivers" = NVIDIA Drivers
"PCM Native Reverb VST Plug-in" = PCM Native Reverb VST Plug-in
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"PreSonus FireBox driver v5.13.0.0" = PreSonus FireBox driver v5.13.0.0
"Proteus VX" = Proteus VX
"PSP Audioware Neon HR VST RTAS_is1" = PSP Audioware Neon HR VST RTAS v1.5.1
"PSP Audioware Xenon_is1" = PSP Audioware Xenon v1.0
"PSP EasyVerb 1.5.4" = PSP EasyVerb 1.5.4
"PSP MasterComp 1.5.4" = PSP MasterComp 1.5.4
"PSP MasterQ 1.5.2" = PSP MasterQ 1.5.2
"PSP MixPack2 2.0.3" = PSP MixPack2 2.0.3
"PSP Nitro 1.1.2" = PSP Nitro 1.1.2
"PSP sQuad 1.1.1" = PSP sQuad 1.1.1
"PSP StereoPack 1.9.0" = PSP StereoPack 1.9.0
"PSP VintageWarmer2 2.3.1 32bit" = PSP VintageWarmer2 2.3.1 32bit
"Punch VST v1.05" = Punch VST v1.05
"Reason4_is1" = Reason 4.0
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Revo Uninstaller" = Revo Uninstaller 1.89
"Sandboxie" = Sandboxie 3.46
"Sawer" = Sawer
"Softube FET Compressor VST RTAS_is1" = Softube FET Compressor VST RTAS v1.0.3
"Softube Passive-Active Pack VST RTAS_is1" = Softube Passive-Active Pack VST RTAS v1.0.2
"Softube Tonelux Tilt_is1" = Softube Tonelux Tilt VST RTAS v1.0
"Softube Tube-Tech CL 1B VST RTAS_is1" = Softube Tube-Tech CL 1B VST RTAS v1.0.3
"Softube Tube-Tech PE 1C_is1" = Softube Tube-Tech PE 1C VST RTAS v1.0.1
"Softube Valley People Dyna-mite_is1" = Softube Valley People Dyna-mite VST RTAS v1.0.3
"Sonnox Oxford Inflator Native VST_is1" = Sonnox Oxford Inflator Native VST v1.5.1
"Sonnox Oxford Limiter Native VST_is1" = Sonnox Oxford Limiter Native VST v1.1.1
"Sonnox Oxford R3 Dynamics Native VST_is1" = Sonnox Oxford R3 Dynamics Native VST v1.3.1
"Sonnox Oxford R3 EQ Native VST_is1" = Sonnox Oxford R3 EQ Native VST v1.6.1
"Sonnox Oxford Reverb Native VST_is1" = Sonnox Oxford Reverb Native VST v1.0
"Sonnox Oxford TransMod Native VST_is1" = Sonnox Oxford TransMod Native VST v1.3.1
"SPL Analog Code DrumXchanger VST RTAS_is1" = SPL Analog Code DrumXchanger VST RTAS v1.0
"SPL Analog Code Vitalizer MK2-T VST RTAS_is1" = SPL Analog Code Vitalizer MK2-T VST RTAS v1.1
"SSi Pro EQ VST v1.0_is1" = Minimal System Instruments SSi Pro EQ VST v1.0
"SSi Pro Expander&Gate VST v1.0_is1" = Minimal System Instruments SSi Pro Expander&Gate VST v1.0
"Steinberg Freefilter v1.2" = Steinberg Freefilter v1.2
"Steinberg Groove Agent VSTi DXi_is1" = Steinberg Groove Agent VSTi DXi v2.0
"Steinberg Hypersonic VSTi DXi_is1" = Steinberg Hypersonic VSTi DXi v2.0
"Steinberg The Grand VSTi DXi_is1" = Steinberg The Grand VSTi DXi v2.1.0
"Steinberg Virtual Bassist VSTi DXi_is1" = Steinberg Virtual Bassist VSTi DXi v1.0
"Stillwell Audio Plugins Bundle VST v1.52" = Stillwell Audio Plugins Bundle VST v1.52
"Sytrus" = Sytrus
"Tone2 FilterBank3_is1" = FilterBank v3.2
"Tone2 FireBird+_is1" = FireBird+ v1.9
"Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2
"Toxic Biohazard" = Toxic Biohazard
"TT Dynamic Range Meter_is1" = TT Dynamic Range Meter 1.0
"UltraComp VST v1.05" = UltraComp VST v1.05
"URS Plug-In Bundle Complete VST RTAS_is1" = URS Plug-In Bundle Complete VST RTAS v1.0
"uTorrent" = µTorrent
"Virtual Audio Cable 4.9" = Virtual Audio Cable 4.9
"VLC media player" = VLC media player 1.1.3
"Waldorf Largo" = Waldorf Largo
"Wave Arts Master Restoration" = Wave Arts Master Restoration
"Wave Arts Power Suite" = Wave Arts Power Suite
"Wave Arts Tube Saturator" = Wave Arts Tube Saturator
"WaveLabPro" = WaveLab 6
"Waves Complete v7_is1" = Waves Complete VST RTAS TDM v7.1.16
"Way out Ware TimewARP2600 VSTi RTAS_is1" = Way out Ware TimewARP2600 VSTi RTAS v1.4.1
"Winamp" = Winamp
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"XviD4PSP5" = XviD4PSP 5.0
"z3ta+_x86_is1" = rgc:audio z3ta+ 1.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1645522239-1580436667-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Elysia Alpha Compressor_is1" = Elysia Alpha Compressor VST RTAS v1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19-1-2011 10:18:32 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: camrecorder.exe, versie: 6.0.3.928, vastgelopen
module: ntdll.dll, versie: 5.1.2600.5755, vastgelopen op: 0x00011780.

Error - 19-1-2011 10:21:54 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: camrecorder.exe, versie: 6.0.3.928, vastgelopen
module: ntdll.dll, versie: 5.1.2600.5755, vastgelopen op: 0x00011780.

Error - 19-1-2011 22:58:05 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: divxupdate.exe, versie: 1.0.1.10, vastgelopen
module: msvcp80.dll, versie: 8.0.50727.4053, vastgelopen op: 0x000100b5.

Error - 20-1-2011 8:20:42 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 20-1-2011 10:40:09 | Computer Name = ADILOST | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: winamp.exe, versie: 5.5.5.2405, vastgelopen
module: ntdll.dll, versie: 5.1.2600.5755, vastgelopen op: 0x00010f20.

Error - 21-1-2011 8:20:21 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 21-1-2011 8:29:11 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 244: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 21-1-2011 8:34:10 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 224: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 21-1-2011 9:27:50 | Computer Name = ADILOST | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (De externe host heeft een verbinding
verbroken.)

Error - 26-1-2011 9:36:22 | Computer Name = ADILOST | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: AvastUI.exe, versie: 5.1.889.0, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

[ System Events ]
Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De SMTP (Simple Mail Transfer Protocol)-service is onverwacht beëindigd.
Dit is nu 1 keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De World Wide Web-publicatie-service is onverwacht beëindigd. Dit
is nu 1 keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De Java Quick Starter-service is onverwacht beëindigd. Dit is nu 1
keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De MBAMService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error - 25-1-2011 10:44:51 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De NIHardwareService-service is onverwacht beëindigd. Dit is nu 1
keer gebeurd.

Error - 25-1-2011 11:09:30 | Computer Name = ADILOST | Source = MRxSmb | ID = 8003
Description = De masterbrowser heeft een servermelding ontvangen van computer SX551E61CAD
die
meent de masterbrowser voor het domein te zijn op transport NetBT_Tcpip_{71BFA0BC-9BBE-43.
De masterbrowser wordt gestopt of er wordt een verkiezing afgedwongen.

Error - 25-1-2011 14:07:02 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De C-DillaCdaC11BA-service is onverwacht beëindigd. Dit is nu 1 keer
gebeurd.

Error - 25-1-2011 19:18:01 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7034
Description = De C-DillaCdaC11BA-service is onverwacht beëindigd. Dit is nu 1 keer
gebeurd.

Error - 26-1-2011 7:30:24 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: COM-service voor IMAPI cd-branders.

Error - 26-1-2011 7:30:24 | Computer Name = ADILOST | Source = Service Control Manager | ID = 7000
Description = De COM-service voor IMAPI cd-branders-service kan vanwege de volgende
fout niet worden gestart: %%1053


< End of report >
 
Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

======================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    [2010-09-20 23:13:20 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjpj.ini
    [2010-09-03 15:36:54 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjol.ini
    [2010-09-03 15:36:54 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjfl.ini
    [2010-09-03 15:36:08 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjef.ini
    [2010-09-03 15:35:56 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjda.ini
    [2010-09-03 15:35:45 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjcc.ini
    [2010-09-03 15:35:32 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjpc.ini
    [2010-09-03 15:35:32 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjjd.ini
    [2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjma.ini
    [2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjke.ini
    [2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjgb.ini
    [2010-09-03 15:02:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjbe.ini
    [2010-09-03 15:01:58 | 000,000,005 | ---- | C] () -- C:\WINDOWS\dnlehjlk.ini
    @Alternate Data Stream - 1257 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:cZAAyo3VetYfXrm5B3tw
    @Alternate Data Stream - 1242 bytes -> C:\Documents and Settings\Mr.A\Cookies\4nIcFQGyou7m:cwQNeMVQDblPSunGe3X
    @Alternate Data Stream - 1214 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:fXeY28poQMWPDaKRZ
    @Alternate Data Stream - 1205 bytes -> C:\Documents and Settings\All Users\Application Data\Microsoft:dgDiPp650oCYkoGTsnGhu42
    @Alternate Data Stream - 1122 bytes -> C:\Documents and Settings\Mr.A\Cookies:RpvRPoYZRH6rjYzclCkaHhyU6R
    
    
    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

======================================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Oke i have followed all steps, the eset online scanner is still scanning though. It already has found a few things so far.

But before i posted all the log files needed i wanted to ask something quick. Do i have to remove the found items by the online scanner after it is finished?
 
Okido got it :) Thanks for the quick reply..

Yeah I had already unchecked them, but i was not realy clear about to remove them manually after the scan or not. But i got it now.
I will post them as soon as the scan is ready.
 
Oke now the scan is ready, here are the steps I have taking in order..

First I have updated my Java as suggested. After installation I have rebooted my PC.
Then I used JavaRa as described. It made a log, don’t know if the log is suppose to be posted, but here is it anyway:

==================================================

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Jan 26 23:18:13 2011

Found and removed: C:\Documents and Settings\Mr.A\Application Data\Sun\Java\jre1.6.0_21

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: JavaPlugin.FamilyVersionSupport

Found and removed: Installer\Products\4EA42A62D9304AC4784BF238120612FF\SourceList

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: JavaScript

Found and removed: JavaScript Author

Found and removed: JavaScript1.1

Found and removed: JavaScript1.1 Author

Found and removed: JavaScript1.2

Found and removed: JavaScript1.2 Author

Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

Found and removed: Software\JavaSoft\Java Update

Found and removed: SOFTWARE\Classes\JavaPlugin

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B03

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062F01

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B03

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062F01

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.5

------------------------------------

Finished reporting.

==================================================


After that I have copied the content of the codebox and pasted in the specific box in OTL, and clicked the Run Fix button. After it was done, I rebooted my system & the log was produced including the following content:

==================================================

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
C:\WINDOWS\dnlehjpj.ini moved successfully.
C:\WINDOWS\dnlehjol.ini moved successfully.
C:\WINDOWS\dnlehjfl.ini moved successfully.
C:\WINDOWS\dnlehjef.ini moved successfully.
C:\WINDOWS\dnlehjda.ini moved successfully.
C:\WINDOWS\dnlehjcc.ini moved successfully.
C:\WINDOWS\dnlehjpc.ini moved successfully.
C:\WINDOWS\dnlehjjd.ini moved successfully.
C:\WINDOWS\dnlehjma.ini moved successfully.
C:\WINDOWS\dnlehjke.ini moved successfully.
C:\WINDOWS\dnlehjgb.ini moved successfully.
C:\WINDOWS\dnlehjbe.ini moved successfully.
C:\WINDOWS\dnlehjlk.ini moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:cZAAyo3VetYfXrm5B3tw deleted successfully.
ADS C:\Documents and Settings\Mr.A\Cookies\4nIcFQGyou7m:cwQNeMVQDblPSunGe3X deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:fXeY28poQMWPDaKRZ deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\Microsoft:dgDiPp650oCYkoGTsnGhu42 deleted successfully.
ADS C:\Documents and Settings\Mr.A\Cookies:RpvRPoYZRH6rjYzclCkaHhyU6R deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Mr.A
->Temp folder emptied: 12157556 bytes
->Temporary Internet Files folder emptied: 325003 bytes
->Java cache emptied: 2027 bytes
->FireFox cache emptied: 50564157 bytes
->Flash cache emptied: 1140 bytes

User: Mr~A

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 640184 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49635 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 188924 bytes

Total Files Cleaned = 61,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: Mr.A
->Flash cache emptied: 0 bytes

User: Mr~A

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 01262011_233607

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_f24.dat not found!

Registry entries deleted on Reboot...

==================================================


Then I ran SecurityCheck.exe The log for the Checkup.txt file includes the following content:

==================================================

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

avast! Pro Antivirus
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner (remove only)
Java(TM) 6 Update 23
Out of date Java installed!
Adobe Flash Player 10.1.85.3
Adobe Reader 9.3.4 - Nederlands
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.13)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 avastUI.exe
``````````End of Log````````````

==================================================


After that was done I ran TFC as mentioned. After cleaning I had to reboot my PC.
One started up I disabled my anti-virus (avast) and ran a scan using the ESET Online scanner. After the scan was done I saw that it has detected 91 treats. As mentioned I have saved the log file. It Includes the following content:

==================================================

F:\Downloads\StreamingStar.HiDownload.Platinum.v7.7.5.320.WinAll.Incl.Keygen-CRD.rar a variant of Win32/Keygen.AL application
F:\Downloads\StreamingStar.HiDownload.Platinum.v7.7.5.320.WinAll.Incl.Keygen-CRD\StreamingStar.HiDownload.Platinum.v7.7.5.320.WinAll.Incl.Keygen-CRD\cux0010a.zip a variant of Win32/Keygen.AL application
F:\Downloads\StreamingStar.HiDownload.Platinum.v7.7.5.320.WinAll.Incl.Keygen-CRD\StreamingStar.HiDownload.Platinum.v7.7.5.320.WinAll.Incl.Keygen-CRD\cux0010a\cux0010a.rar a variant of Win32/Keygen.AL application
F:\Mijn Documenten\BitComet Downloads\BS.Player.Pro.v2.35.985.Multilingual.Incl.Keymaker-CORE.rar a variant of Win32/Keygen.AG application
F:\Mijn Documenten\BitComet Downloads\Digidesign Synchronic RTAS v1.0.rar probably a variant of Win32/Agent.GJPKHVD trojan
F:\Mijn Documenten\BitComet Downloads\Malwarebytes v1.37 (by daniel2034).rar probably a variant of Win32/Agent.DDCOQWM trojan
F:\Mijn Documenten\BitComet Downloads\relife141.zip probably a variant of Win32/SdBot.MUQSRIE trojan
F:\Mijn Documenten\BitComet Downloads\2010\Adobe After Effects CS4 (Final) [RH]\AAE_CS4_[RH]\Adobe After Effects CS4\ACS4MC- Keygen\Extra keygen\ACS4MC-Keygen.EXE probably a variant of Win32/Spy.Agent.FFETUNH trojan
F:\Mijn Documenten\BitComet Downloads\2010\Celemony.Melodyne.Plugin.VST.RTAS.v1.0.3.3.Incl.Keygen-AiR\a-1033wa.zip probably a variant of Win32/Agent.CZYNKI trojan
F:\Mijn Documenten\BitComet Downloads\2010\Celemony.Melodyne.Plugin.VST.RTAS.v1.0.4.2.Incl.Keygen-AiR NEW\a-mp142a.zip probably a variant of Win32/Agent.CZYNKI trojan
F:\Mijn Documenten\BitComet Downloads\2010\Celemony.Melodyne.Plugin.VST.RTAS.v1.0.4.2.Incl.Keygen-AiR NEW\a-mp142a\a-mp142.rar probably a variant of Win32/Agent.CZYNKI trojan
F:\Mijn Documenten\BitComet Downloads\2010\Celemony.Melodyne.Studio.Edition.v3.2.2.2.Incl.Keygen-AiR\a-3222wa.zip probably a variant of Win32/Agent.KZPCPEY trojan
F:\Mijn Documenten\BitComet Downloads\2010\Celemony.Melodyne.Studio.Edition.v3.2.2.2.Incl.Keygen-AiR\a-3222wa\a-3222w.rar probably a variant of Win32/Agent.KZPCPEY trojan
F:\Mijn Documenten\BitComet Downloads\2010\Celemony.Melodyne.Studio.Edition.v3.2.2.2.Incl.Keygen-AiR NEW\a-3222wa.zip probably a variant of Win32/Agent.KZPCPEY trojan
F:\Mijn Documenten\BitComet Downloads\2010\Celemony.Melodyne.Studio.Edition.v3.2.2.2.Incl.Keygen-AiR NEW\a-3222wa\a-3222w.rar probably a variant of Win32/Agent.KZPCPEY trojan
F:\Mijn Documenten\BitComet Downloads\2010\Korg.Legacy.Collection.Analog.Edition.VSTi.RTAS.v1.23.Incl.Keygen-AiR\a-klcaea.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Korg.Legacy.Collection.Analog.Edition.VSTi.RTAS.v1.23.Incl.Keygen-AiR\a-klcaea\a-klcae.rar a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Korg.Legacy.Collection.Analog.Edition.VSTi.RTAS.v1.23.Incl.Keygen-AiR\a-klcaea\a-klcae\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Korg.Legacy.Collection.Digital.Edition.VSTi.RTAS.v1.32.Incl.Keygen-AiR\a-klcdea.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Korg.Legacy.Collection.Digital.Edition.VSTi.RTAS.v1.32.Incl.Keygen-AiR\a-klcdea\a-klcde.rar a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Korg.Legacy.Collection.Digital.Edition.VSTi.RTAS.v1.32.Incl.Keygen-AiR\a-klcdea\a-klcde\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\LennarDigital.Sylenth1.VSTi.v2.202.Incl.Keygen-AiR\a-s2202a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Silverspike.TapeIt.VST.v2.3.Incl.Keygen-AiR\a-ssti23.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Silverspike.TapeIt.VST.v2.3.Incl.Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Tone2.Filterbank2.VST.v2.5.Incl.Keygen-AiR\a-t2fb25.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR\a-fb121a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR\a-fb121b\a-fb121.rar a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR\a-fb121b\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\2010\WaveArts.Master.Restoration.VST.DX.RTAS.v5.46.Incl.Keygen-AiR\a-mr546a.zip probably a variant of Win32/Agent.WAFUGL trojan
F:\Mijn Documenten\BitComet Downloads\2010\WaveArts.TubeSaturator.VST.DX.RTAS.v1.00.Incl.Keygen-AiR\a-wts10a.zip probably a variant of Win32/Agent.GUYUUZJ trojan
F:\Mijn Documenten\BitComet Downloads\2010\WaveArts.TubeSaturator.VST.DX.RTAS.v1.00.Incl.Keygen-AiR\a-wts10a\a-wts10.rar probably a variant of Win32/Agent.GUYUUZJ trojan
F:\Mijn Documenten\BitComet Downloads\ConvertXtoDVD 3.3.4.106e And Keygen [1337x]\Keygen.exe a variant of Win32/Keygen.AS application
F:\Mijn Documenten\BitComet Downloads\Digidesign D-Fi TDM RTAS AS v2.0.1\Digidesign D-Fi TDM RTAS AS v2.0.1.rar probably a variant of Win32/Agent.GJPKHVD trojan
F:\Mijn Documenten\BitComet Downloads\Digidesign Smack HD TDM RTAS AS v1.0.1\Digidesign Smack HD TDM RTAS AS v1.0.1.rar probably a variant of Win32/Agent.GJPKHVD trojan
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Rob.Papen.ConcreteFX.Blue.VSTi.v1.7.incl.KeyGen-BEAT.rar probably a variant of Win32/Agent.HEPGPJJ trojan
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Camel Audio CamelPhat VST v3.42 incl Keygen-AiR\a-cph342.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Camel Audio CamelPhat VST v3.42 incl Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Camel Audio CamelSpace VST v1.42 incl Keygen-AiR\a-csp142.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Camel Audio CamelSpace VST v1.42 incl Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.03.Incl.Keygen-AiR\a-oz403.rar a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.03.Incl.Keygen-AiR\a-oz403a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.03.Incl.Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Native Instruments Kontakt v1.5.3.010\Native Instruments Kontakt v1.5.3.010.rar a variant of Win32/Keygen.AA application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Native.Instruments.Pro53.VSTi.DXi.RTAS.v3.04-AiR\Setup.exe probably a variant of Win32/Agent.DUBEDBP trojan
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Novation.V-Station.VSTi.v1.5.1.incl.Keygen-AiR\a-nvs151.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Novation.V-Station.VSTi.v1.5.1.incl.Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP Audioware EasyVerb VST RTAS v1.5.4 Incl Keygen-AiR\a-ev154.rar a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP Audioware EasyVerb VST RTAS v1.5.4 Incl Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP Audioware MasterComp VST RTAS v1.5.4 Incl Keygen-AiR\a-mc154a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP Audioware MasterComp VST RTAS v1.5.4 Incl Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP Audioware MasterQ VST RTAS v1.5.2 Incl Keygen-AiR\a-mq152a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP Audioware MasterQ VST RTAS v1.5.2 Incl Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP.Audioware.Nitro.VST.RTAS.v1.1.2.Incl.Keygen-AiR\a-pn112a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP.Audioware.Nitro.VST.RTAS.v1.1.2.Incl.Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP.Audioware.StereoPack.VST.RTAS.v1.9.0.Incl.Keygen-AiR\a-stp19a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\PSP.Audioware.StereoPack.VST.RTAS.v1.9.0.Incl.Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Rob Papen Predator VSTi v1.1 Incl Keygen-AiR\a-rpp11a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Rob Papen Predator VSTi v1.1 Incl Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Rob.Papen.ConcreteFX.Blue.VSTi.v1.7.incl.KeyGen-BEAT\B-Blue17.part1.rar probably a variant of Win32/Agent.HEPGPJJ trojan
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Rob.Papen.ConcreteFX.Blue.VSTi.v1.7.incl.KeyGen-BEAT\b-lue17a.zip probably a variant of Win32/Agent.HEPGPJJ trojan
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Rob.Papen.ConcreteFX.Blue.VSTi.v1.7.incl.KeyGen-BEAT\KeyGen.exe probably a variant of Win32/Agent.HEPGPJJ trojan
F:\Mijn Documenten\BitComet Downloads\FL STUDIO PLUGINS\Rob.Papen.Predator.VSTi.v1.1b.incl.Keygen-AiR\a-rp11ba.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\IZotope.Mastering.Effects.Bundle.DX.v1.0.Incl.Keygen-AiR\a-imb10a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.03.Incl.Keygen-AiR\a-oz403a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\Nero 7.10.1.0\Nero-7.10.1.0_eng_full.exe Win32/Toolbar.AskSBar application
F:\Mijn Documenten\BitComet Downloads\PSP Audioware MasterComp VST RTAS v1.5.4 Incl Keygen-AiR\a-mc154a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\PSP Audioware MasterQ VST RTAS v1.5.2 Incl Keygen-AiR\a-mq152a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\PSP.Audioware.Neon.VST.RTAS.v1.5.1.x32.x64.Incl.Keygen-AiR\a-pn151a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\PSP.Audioware.Nitro.VST.RTAS.v1.1.2.Incl.Keygen-AiR\a-pn112a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\PSP.Audioware.StereoPack.VST.RTAS.v1.9.0.Incl.Keygen-AiR\a-stp19a.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\BitComet Downloads\relife141\ReLife 1.41\ReLife_Mono.dll probably a variant of Win32/SdBot.MUQSRIE trojan
F:\Mijn Documenten\BitComet Downloads\Sony Sound Forge 9.0e Build 441\Keygen.exe a variant of Win32/Keygen.AR application
F:\Mijn Documenten\BitComet Downloads\Sony Sound Forge Pro v10 (SoundForge 2009) + Keygen (CLEAN) [h33t] - CaZoR\Sony Sound Forge Pro v10 (SoundForge 2009) + Keygen (CLEAN).rar a variant of Win32/Keygen.AR application
F:\Mijn Documenten\BitComet Downloads\Sony Sound Forge Pro v10 (SoundForge 2009) + Keygen (CLEAN) [h33t] - CaZoR\Sony Sound Forge Pro v10 (SoundForge 2009) + Keygen (CLEAN)\Keygen.exe a variant of Win32/Keygen.AR application
F:\Mijn Documenten\BitComet Downloads\WiZOO DARKUBA LATIGO VSTi. AU.RTAS.PC.MAC\Wizoo Darbuka + Latigo Trial Patch.zip\Wizoo Darbuka + Latigo Trial Patch.zip probably a variant of Win32/Agent.MYJCEUM trojan
F:\Mijn Documenten\BitComet Downloads\WiZOO DARKUBA LATIGO VSTi. AU.RTAS.PC.MAC\WiZOO. DARKUBA.LATIGO.VSTi. AU.RTAS.PC.MAC\Cracked DLL's of WIZOO DARBUKA & LATIGO.rar probably a variant of Win32/Agent.MYJCEUM trojan
F:\Mijn Documenten\FL Studio Stuff\vst plugins\D16.Nepheton.VSTi.v1.0.5.Incl.Keygen-AiR.zip a variant of Win32/Keygen.AD application
F:\Mijn Documenten\Software\2010\VSO ConvertX To DVD 4.0.9.322a.rar a variant of Win32/Keygen.AS application
F:\Mijn Documenten\Software\2oo9\cbsoftwarepatchregistrybooster.exe a variant of Win32/RegistryBooster application
F:\Mijn Documenten\Software\2oo9\Driver Genius Pro.7z probably a variant of Win32/TrojanDownloader.Adload.KXYLVMS trojan
F:\Mijn Documenten\Software\2oo9\Driver Genius Pro\Driver Genius Pro\Driver_Genius_Professional_Edition_9.0.0.180_incl_crack.rar Win32/PSW.Fignotok.C trojan
F:\Mijn Documenten\Software\2oo9\Driver Genius Pro\Driver Genius Pro\drvgenpro.exe probably a variant of Win32/TrojanDownloader.Adload.KXYLVMS trojan
F:\Mijn Documenten\Windows Live Messenger Stuff\messengercontentbackup03b.exe probably a variant of Win32/Agent.BYAAUSR trojan
F:\Mijn Documenten\Windows Live Messenger Stuff\MsgPlusLive-470.exe a variant of Win32/MessengerPlus application
F:\Mijn Documenten\Windows Live Messenger Stuff\MsgPlusLive-481.exe a variant of Win32/Adware.CiDHelp application
F:\Private Stuff\proggies voor laptop\ConvertXtoDVD 3.3.4.106e And Keygen [1337x]\Keygen.exe a variant of Win32/Keygen.AS application
F:\VstPlugins\Camel Audio\Phat\keygen.exe a variant of Win32/Keygen.AD application
F:\VstPlugins\Camel Audio\Space\keygen.exe a variant of Win32/Keygen.AD application
F:\VstPlugins\Korg Legacy\Analog Edition\keygen.exe a variant of Win32/Keygen.AD application
F:\VstPlugins\Korg Legacy\Digital Edition\keygen.exe a variant of Win32/Keygen.AD application
F:\VstPlugins\PSP AudioWare\keygen.exe a variant of Win32/Keygen.AD application

==================================================


Not sure, but since AVG nor MalwareBytes Anti-Malware would never not read these files as viruses, I myself think the most of these founded files are KeyGen files of certain programs. Some one once told me that some Anti-Virus programs read these files as backdoor viruses because they were programmed in the same characteristic way or something. Don’t know if that is true or not.. But maybe that’s the case I thought to my self. Because I found it weird why these programs would not recognize these files as possible Worm or Viruses, while a online scanner does..
 
Status
Not open for further replies.
Back