This is the log, run from Safe Mode:
OTL logfile created on: 3-2-2013 1:33:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\aheu529\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
3,88 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 74,34% Memory free
7,77 Gb Paging File | 7,06 Gb Available in Paging File | 90,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 120,00 Gb Total Space | 29,02 Gb Free Space | 24,19% Space Free | Partition Type: NTFS
Drive D: | 112,88 Gb Total Space | 36,32 Gb Free Space | 32,18% Space Free | Partition Type: NTFS
Computer Name: NB8800043 | User Name: aheu529 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013-02-03 01:32:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\aheu529\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:
64bit: - [2011-09-07 13:08:04 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Stopped] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV:
64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-01-18 22:06:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-01-09 09:24:00 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-19 17:11:38 | 000,177,440 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PsCtrlS.exe -- (Panda Software Controller)
SRV - [2012-11-16 12:52:52 | 000,173,344 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\TPSrvWow.exe -- (TPSrv)
SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-09-21 07:25:02 | 000,202,016 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2012-08-21 15:06:00 | 000,132,712 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2011-09-26 11:17:16 | 009,665,536 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe -- (wampmysqld)
SRV - [2011-04-13 11:44:10 | 000,313,664 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\pavsrvx86.exe -- (PAVSRV)
SRV - [2011-03-04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010-11-05 22:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010-08-16 13:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\psksvc.exe -- (PskSvcRetail)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-28 21:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- c:\wamp\bin\apache\Apache2.2.14\bin\httpd.exe -- (wampapache)
SRV - [2009-09-18 03:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009-09-18 03:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\CCM\TSManager.exe -- (smstsmgr)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-06-19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\PsImSvc.exe -- (PSIMSVC)
SRV - [2008-02-04 16:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe -- (PavPrSrv)
========== Driver Services (SafeList) ==========
DRV:
64bit: - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012-03-26 17:57:36 | 000,071,432 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:
64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011-10-29 11:04:06 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:
64bit: - [2011-09-07 13:25:19 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:
64bit: - [2011-09-07 13:08:05 | 000,083,560 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys -- (O2SDJRDR)
DRV:
64bit: - [2011-09-07 13:08:05 | 000,074,984 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys -- (O2MDRRDR)
DRV:
64bit: - [2011-09-07 13:08:05 | 000,072,808 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys -- (O2MDFRDR)
DRV:
64bit: - [2011-09-07 13:07:49 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:
64bit: - [2011-09-07 13:07:48 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:
64bit: - [2011-09-07 13:07:36 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2011-09-07 13:07:33 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:
64bit: - [2011-09-07 13:07:32 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:
64bit: - [2011-09-07 13:07:31 | 000,315,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:
64bit: - [2011-09-07 13:07:30 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:
64bit: - [2011-09-07 13:07:30 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:
64bit: - [2011-09-07 13:07:30 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:
64bit: - [2011-09-07 13:07:30 | 000,038,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV:
64bit: - [2011-08-10 23:20:26 | 000,091,864 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:
64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011-03-04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:
64bit: - [2010-11-20 14:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:
64bit: - [2010-11-20 14:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:
64bit: - [2010-11-20 12:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:
64bit: - [2010-11-20 12:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:
64bit: - [2010-11-20 04:33:58 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:
64bit: - [2010-11-20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010-11-20 02:07:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:
64bit: - [2010-11-20 02:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010-11-20 02:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2010-11-20 02:03:44 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:
64bit: - [2010-11-20 02:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2010-11-20 00:57:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:
64bit: - [2010-11-05 22:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010-08-20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:
64bit: - [2010-06-22 17:20:18 | 000,030,792 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:
64bit: - [2010-02-08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:
64bit: - [2009-10-27 11:07:42 | 000,048,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)
DRV:
64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009-07-14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:
64bit: - [2009-07-14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:
64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2008-11-16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009-09-18 03:00:00 | 000,026,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
www.hogent.be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{ACB28D5E-5887-499E-9D51-488AD98C86DC}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "
http://www.google.com/ncr"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\
google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
belgiumeid@eid.belgium.be: C:\Program Files\Mozilla Firefox\extensions\
belgiumeid@eid.belgium.be
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-05-18 22:44:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2012-12-12 21:22:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-18 22:06:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-18 22:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-06-11 16:57:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2011-09-12 09:43:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aheu529\AppData\Roaming\mozilla\Extensions
[2012-12-19 17:36:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aheu529\AppData\Roaming\mozilla\Firefox\Profiles\xxhyjy7t.default\extensions
[2012-05-18 22:44:54 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\aheu529\AppData\Roaming\mozilla\firefox\profiles\xxhyjy7t.default\extensions\
DivXWebPlayer@divx.com.xpi
[2012-12-13 22:03:42 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\aheu529\AppData\Roaming\mozilla\firefox\profiles\xxhyjy7t.default\extensions\
firebug@software.joehewitt.com.xpi
[2013-01-18 22:06:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013-01-18 22:06:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013-01-18 22:06:39 | 000,000,000 | ---D | M] (eID België) -- C:\Program Files (x86)\Mozilla Firefox\extensions\
belgiumeid@eid.belgium.be
[2012-05-18 22:44:28 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>
-- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013-01-18 22:06:52 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-08-11 12:18:12 | 000,128,960 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2011-08-10 23:16:34 | 000,096,192 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2011-08-11 12:18:30 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2011-08-11 12:18:08 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2012-02-09 11:00:28 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011-08-11 12:19:38 | 000,436,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2011-08-10 23:16:34 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012-08-25 03:37:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-12-05 18:49:08 | 000,002,616 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012-12-05 18:49:08 | 000,004,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012-12-05 18:49:08 | 000,001,262 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml
O1 HOSTS File: ([2013-02-02 21:59:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:
64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [beid] C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe (Belgian Government)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2013\Inicio.exe (Panda Security, S.L.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\aheu529\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\aheu529\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\aheu529\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 1
O8:
64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:
64bit: - Extra context menu item: Free YouTube Download - C:\Users\aheu529\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:
64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\aheu529\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\aheu529\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\aheu529\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:
64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.5 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = edu.ads.hogent.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89966CBF-AAB8-47F1-AD6E-352A24F31BD3}: DhcpNameServer = 195.130.130.5 192.168.0.1
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:
64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:
64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:
64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\avldr: DllName - (avldr64.dll) - C:\Windows\SysNative\avldr64.dll (On-Access Anti-Malware Scanner Sync)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013-02-03 01:32:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\aheu529\Desktop\OTL.exe
[2013-02-02 23:52:47 | 000,000,000 | ---D | C] -- C:\Users\aheu529\Desktop\RK_Quarantine
[2013-02-02 22:02:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-02-02 21:50:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-02-02 21:50:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-02-02 21:50:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-02-02 21:45:40 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-02-02 21:45:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013-02-02 21:41:53 | 005,029,149 | R--- | C] (Swearware) -- C:\Users\aheu529\Desktop\ComboFix.exe
[2013-01-28 22:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013-01-28 22:20:05 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013-01-28 22:18:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013-01-28 22:17:29 | 000,000,000 | ---D | C] -- C:\Users\aheu529\AppData\Local\Panda Security
[2013-01-28 22:12:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2013-01-28 22:12:36 | 000,030,792 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2013-01-28 22:12:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Antivirus Pro 2013
[2013-01-28 22:12:20 | 000,046,640 | ---- | C] (Panda Software) -- C:\Windows\SysNative\pavcpl64.cpl
[2013-01-28 22:12:02 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\HHActiveX.dll
[2013-01-28 22:11:58 | 000,323,392 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\TpUtil64.dll
[2013-01-28 22:11:58 | 000,202,048 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\TpUtilWow.dll
[2013-01-28 22:11:58 | 000,117,024 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavLspHook64.dll
[2013-01-28 22:11:58 | 000,090,944 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavIpc64.dll
[2013-01-28 22:11:58 | 000,087,328 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavLspHookWow.dll
[2013-01-28 22:11:58 | 000,066,880 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavIpcWow.dll
[2013-01-28 22:11:58 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\sysHelper32.dll
[2013-01-28 22:11:58 | 000,024,064 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\sysHelper64.dll
[2013-01-28 22:11:57 | 000,837,920 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavSHook64.dll
[2013-01-28 22:11:57 | 000,545,056 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavSHookWow.dll
[2013-01-28 22:11:53 | 000,071,432 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\amm6460.sys
[2013-01-28 22:11:53 | 000,064,768 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- C:\Windows\SysNative\avldr64.dll
[2013-01-28 22:11:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\PAV
[2013-01-28 22:11:52 | 000,000,000 | ---D | C] -- C:\Users\aheu529\AppData\Roaming\Panda Security
[2013-01-28 22:11:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2013-01-28 22:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2013-01-28 22:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013-01-28 22:11:28 | 000,048,136 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\ShldFlt.sys
[2013-01-28 22:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panda Security
[2013-01-18 22:06:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013-02-03 01:32:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\aheu529\Desktop\OTL.exe
[2013-02-02 23:52:08 | 000,771,072 | ---- | M] () -- C:\Users\aheu529\Desktop\RogueKiller.exe
[2013-02-02 21:59:56 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013-02-02 21:42:14 | 005,029,149 | R--- | M] (Swearware) -- C:\Users\aheu529\Desktop\ComboFix.exe
[2013-02-02 20:35:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-02-02 20:35:16 | 3127,586,816 | -HS- | M] () -- C:\hiberfil.sys
[2013-02-02 18:52:54 | 000,001,273 | ---- | M] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2013-02-02 17:58:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-02-01 09:45:30 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2013-01-30 19:19:59 | 000,034,361 | ---- | M] () -- C:\Users\aheu529\Documents\580793_10151275059282995_2011087146_n.jpg
[2013-01-29 11:30:01 | 000,012,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-01-29 11:30:01 | 000,012,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-01-28 22:58:03 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013-01-28 22:12:45 | 000,002,115 | ---- | M] () -- C:\Users\aheu529\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2013.lnk
[2013-01-28 22:12:45 | 000,000,262 | ---- | M] () -- C:\Windows\SysNative\PavCPL64.dat
[2013-01-28 22:12:37 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Panda Antivirus Pro 2013.lnk
[2013-01-23 18:22:57 | 000,032,049 | ---- | M] () -- C:\Users\aheu529\Desktop\DIABOLO-TOESLAG_NAAR_BRU-NAT-L_ADRIAAN_VANHEULE_1.pdf
[2013-01-07 08:28:03 | 000,005,470 | R-S- | M] () -- C:\ProgramData\ntuser.pol
========== Files Created - No Company Name ==========
[2013-02-02 23:52:09 | 000,771,072 | ---- | C] () -- C:\Users\aheu529\Desktop\RogueKiller.exe
[2013-02-02 21:50:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-02-02 21:50:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-02-02 21:50:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-02-02 21:50:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-02-02 21:50:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-02-02 18:52:54 | 000,001,273 | ---- | C] () -- C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
[2013-01-30 19:17:40 | 000,034,361 | ---- | C] () -- C:\Users\aheu529\Documents\580793_10151275059282995_2011087146_n.jpg
[2013-01-28 22:58:03 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013-01-28 22:40:35 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2013-01-28 22:12:45 | 000,002,115 | ---- | C] () -- C:\Users\aheu529\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2013.lnk
[2013-01-28 22:12:45 | 000,000,262 | ---- | C] () -- C:\Windows\SysNative\PavCPL64.dat
[2013-01-28 22:12:37 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Panda Antivirus Pro 2013.lnk
[2013-01-23 18:22:57 | 000,032,049 | ---- | C] () -- C:\Users\aheu529\Desktop\DIABOLO-TOESLAG_NAAR_BRU-NAT-L_ADRIAAN_VANHEULE_1.pdf
[2012-12-02 15:23:54 | 000,003,584 | ---- | C] () -- C:\Users\aheu529\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-08-07 21:28:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011-12-26 18:05:49 | 000,018,944 | ---- | C] () -- C:\Windows\eraser.exe
[2011-09-12 08:22:13 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2011-09-12 08:22:13 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2011-09-12 08:03:58 | 000,001,410 | R-S- | C] () -- C:\Users\aheu529\ntuser.pol
[2011-09-07 13:21:40 | 000,004,764 | ---- | C] () -- C:\Windows\SysWow64\CcmFramework.ini
[2011-09-07 13:07:37 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-09-07 13:07:36 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-09-07 13:07:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-07-05 08:58:00 | 000,005,470 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2011-07-05 08:57:11 | 001,687,606 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-07-05 08:55:58 | 000,000,392 | ---- | C] () -- C:\Windows\SMSCFG.INI
========== ZeroAccess Check ==========
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012-12-28 19:17:44 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\Audacity
[2012-07-01 18:25:50 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\com.prezi.PreziDesktop
[2011-10-29 11:04:46 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\DAEMON Tools Lite
[2013-01-02 23:28:42 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\Dropbox
[2012-12-12 21:38:13 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\DVDVideoSoft
[2012-12-12 21:22:19 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\DVDVideoSoftIEHelpers
[2012-01-30 15:16:36 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\ICAClient
[2013-01-28 22:11:52 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\Panda Security
[2013-02-02 18:03:14 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\Spotify
[2012-06-11 16:57:53 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\Thunderbird
[2013-01-29 21:42:54 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\uTorrent
[2011-09-14 18:32:48 | 000,000,000 | ---D | M] -- C:\Users\aheu529\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6CC69D3C
< End of report >