Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

.dll instaleren...???

None
51 antwoorden
  • Laptop van een bekende, elke keer bij opstarten komt er een melding dat er een poging wordt gedaan een .dll te installeren.
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:25:43, on 11-3-2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\PixArt\Pac207\Monitor.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Logitech\Vid HD\Vid.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7I12O31\HijackThis.exe
    C:\Windows\system32\SearchProtocolHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - (no file)
    R3 - URLSearchHook: (no name) - {46735dee-f862-49d1-876d-6382794dc625} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
    O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Startup: SCANKD~1.DLL
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com
    esource/download/scanner/nl-nl/wlscctrl2.cab
    O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1026/Navigram.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe
    O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
    O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe


    End of file - 10412 bytes
  • Malwarebytes Anti-Malware 1.60.1.1000
    www.malwarebytes.org

    Databaseversie: v2012.03.11.07

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    beheerder :: BEHEERDER1 [administrator]

    11-3-2012 9:36:37
    mbam-log-2012-03-11 (09-36-37).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 191390
    Verstreken tijd: 4 minuut/minuten, 56 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
  • Hallo Anjo, twee opdrachten.

    [b:c3c431f8f7]Stap •1•[/b:c3c431f8f7][/color:c3c431f8f7]
    Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:c3c431f8f7]Fix checked[/b:c3c431f8f7] klikt!

    Start nu HijackThis middels rechtsklik met Administratorrechten (lukt dat niet ga dan naar de installatielokatie van HijackThis en start "hijackthis.exe" vervolgens met administratorrechten.)en klik op de knop [b:c3c431f8f7]Do a Scan only,

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    R3 - URLSearchHook: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - (no file)
    R3 - URLSearchHook: (no name) - {46735dee-f862-49d1-876d-6382794dc625} - (no file)
    O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
    O4 - Startup: SCANKD~1.DLL
    [/b:c3c431f8f7]
    [list:c3c431f8f7][*:c3c431f8f7] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:c3c431f8f7] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:c3c431f8f7]Fix checked[/b:c3c431f8f7]
    [*:c3c431f8f7] Klik hierna HijackThis op uit.[/list:u:c3c431f8f7]
    [b:c3c431f8f7] Start de computer na de fix opnieuw op[/b:c3c431f8f7]

    [b:c3c431f8f7]Stap •2•[/b:c3c431f8f7][/color:c3c431f8f7]
    Download [b:c3c431f8f7]OTL[/color:c3c431f8f7][/b:c3c431f8f7] naar je Bureaublad

    [b:c3c431f8f7]OTL.com gebruiken[/b:c3c431f8f7]:[list:c3c431f8f7][*:c3c431f8f7][b:c3c431f8f7]Notabene: [/b:c3c431f8f7][/color:c3c431f8f7][b:c3c431f8f7]Sluit nu eerst alle andere nog openstaande programmavensters![/color:c3c431f8f7][/b:c3c431f8f7]
    [*:c3c431f8f7]Het programma opstarten middels dubbelklikken op [b:c3c431f8f7]OTL.com[/b:c3c431f8f7].
    [*:c3c431f8f7] Start verder geen andere programma's op en laat het programma ongestoord zijn werk doen.[*:c3c431f8f7]Zet een vinkje bij [b:c3c431f8f7]Scan All Users[/b:c3c431f8f7].[*:c3c431f8f7]Klik op de knop [b:c3c431f8f7]Quick Scan[/b:c3c431f8f7].[*:c3c431f8f7]Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef.[*:c3c431f8f7]De scan zal niet heel erg lang duren.[list:c3c431f8f7][*:c3c431f8f7]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is.[*:c3c431f8f7][b:c3c431f8f7]OTL.Txt[/b:c3c431f8f7] en [b:c3c431f8f7]Extras.Txt[/b:c3c431f8f7]. Deze twee tekstbestanden zijn opgeslagen in dezelfde locatie als OTL.
    [*:c3c431f8f7]Kopieer en plak de inhoud van het [b:c3c431f8f7]OTL.Txt[/b:c3c431f8f7] als eerste in je aansluitende bericht.
    [*:c3c431f8f7]Kopieer en plak tevens de inhoud van [b:c3c431f8f7]Extras.Txt[/b:c3c431f8f7] vervolgens er bij.[/list:u:c3c431f8f7]
    [*:c3c431f8f7]OTL produceert behoorlijk grote logs, dus kan het gebeuren, dat je het log in twee of meerdere keren moet posten.[/list:u:c3c431f8f7]
  • OTL logfile created on: 11-3-2012 10:20:28 - Run 1
    OTL by OldTimer - Version 3.2.36.3 Folder = C:\Users\beheerder\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    2,93 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 57,77% Memory free
    6,07 Gb Paging File | 4,13 Gb Available in Paging File | 68,12% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 142,09 Gb Total Space | 68,09 Gb Free Space | 47,92% Space Free | Partition Type: NTFS
    Drive D: | 143,00 Gb Total Space | 43,57 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

    Computer Name: BEHEERDER1 | User Name: beheerder | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:9b3f8dc1e2]

    PRC - [2012-03-11 10:17:08 | 000,594,944 | —- | M] (OldTimer Tools) – C:\Users\beheerder\Desktop\OTL.com
    PRC - [2012-01-24 17:24:26 | 002,416,480 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgtray.exe
    PRC - [2012-01-23 05:43:08 | 000,247,728 | —- | M] (TomTom) – C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2012-01-23 05:43:08 | 000,092,592 | —- | M] (TomTom) – C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2012-01-18 07:44:52 | 000,450,848 | —- | M] (Logitech Inc.) – C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
    PRC - [2012-01-15 14:54:07 | 000,909,152 | —- | M] () – C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
    PRC - [2012-01-15 14:54:06 | 000,939,872 | —- | M] () – C:\Program Files\AVG Secure Search\vprot.exe
    PRC - [2012-01-03 14:10:42 | 000,063,928 | —- | M] (Adobe Systems Incorporated) – C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011-11-28 01:19:04 | 001,229,664 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgnsx.exe
    PRC - [2011-11-11 14:08:06 | 000,205,336 | —- | M] (Logitech Inc.) – C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    PRC - [2011-11-11 14:07:54 | 000,265,240 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    PRC - [2011-11-01 15:40:04 | 001,053,056 | —- | M] (Nokia) – C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
    PRC - [2011-10-27 10:34:30 | 000,718,384 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    PRC - [2011-10-27 10:33:58 | 000,173,104 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    PRC - [2011-10-27 10:33:40 | 000,126,512 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    PRC - [2011-10-27 10:33:32 | 000,148,016 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    PRC - [2011-10-27 10:33:14 | 000,151,088 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
    PRC - [2011-10-12 06:25:22 | 004,433,248 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    PRC - [2011-09-08 20:53:26 | 000,743,264 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgrsx.exe
    PRC - [2011-08-15 06:21:40 | 000,337,760 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    PRC - [2011-08-12 12:19:40 | 000,680,984 | —- | M] () – C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    PRC - [2011-08-02 06:09:08 | 000,192,776 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    PRC - [2011-06-14 16:42:26 | 001,540,096 | —- | M] (Nokia) – C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
    PRC - [2010-10-29 21:06:08 | 005,915,480 | —- | M] (Logitech Inc.) – C:\Program Files\Logitech\Vid HD\Vid.exe
    PRC - [2010-04-20 13:26:44 | 000,300,912 | —- | M] () – C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
    PRC - [2009-11-03 10:11:48 | 000,114,688 | —- | M] () – C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
    PRC - [2009-10-24 02:18:54 | 000,360,224 | —- | M] (Sony Corporation) – C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    PRC - [2009-08-27 17:09:10 | 001,253,376 | —- | M] (MAGIX AG) – C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
    PRC - [2009-05-28 07:06:56 | 000,548,864 | —- | M] (Samsung Electronics Co., Ltd.) – C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
    PRC - [2009-05-15 07:47:58 | 000,692,224 | —- | M] (Samsung Electronics Co., Ltd.) – C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    PRC - [2009-04-11 07:27:36 | 002,926,592 | —- | M] (Microsoft Corporation) – C:\Windows\explorer.exe
    PRC - [2009-01-13 13:36:02 | 000,837,120 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
    PRC - [2009-01-13 13:36:00 | 000,279,552 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
    PRC - [2009-01-07 18:53:22 | 000,098,407 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
    PRC - [2008-12-10 08:07:52 | 000,352,256 | —- | M] (SAMSUNG Electronics co., LTD.) – C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
    PRC - [2008-08-26 01:59:54 | 000,045,056 | —- | M] (Samsung Electronics Co., Ltd.) – C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
    PRC - [2008-01-16 09:16:44 | 000,030,312 | —- | M] (Microsoft Corporation) – C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    PRC - [2004-10-01 15:12:18 | 000,565,309 | —- | M] (Broadcom Corporation) – C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
    PRC - [2004-10-01 15:06:34 | 000,163,840 | —- | M] (Broadcom Corporation) – C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe


    ========== Modules (No Company Name) ==========[/color:9b3f8dc1e2]

    MOD - [2012-01-15 14:54:06 | 000,939,872 | —- | M] () – C:\Program Files\AVG Secure Search\vprot.exe
    MOD - [2011-11-11 14:09:20 | 000,336,408 | —- | M] () – C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
    MOD - [2011-11-11 14:07:54 | 000,265,240 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    MOD - [2011-11-01 23:26:32 | 000,087,912 | —- | M] () – C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011-11-01 23:26:12 | 001,242,472 | —- | M] () – C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011-11-01 15:42:14 | 000,392,064 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
    MOD - [2011-11-01 15:42:12 | 000,058,240 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\securestorage.dll
    MOD - [2011-11-01 15:42:08 | 000,095,104 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\qjson.dll
    MOD - [2011-11-01 15:42:06 | 000,272,768 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\phonon4.dll
    MOD - [2011-11-01 15:41:38 | 000,165,248 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll
    MOD - [2011-11-01 15:41:36 | 000,384,896 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QxtCore.dll
    MOD - [2011-11-01 15:41:34 | 002,557,312 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
    MOD - [2011-11-01 15:41:32 | 000,346,496 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
    MOD - [2011-11-01 15:41:30 | 010,843,520 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
    MOD - [2011-11-01 15:41:24 | 000,196,480 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
    MOD - [2011-11-01 15:41:22 | 001,294,208 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
    MOD - [2011-11-01 15:41:20 | 000,682,880 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
    MOD - [2011-11-01 15:41:18 | 000,919,936 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
    MOD - [2011-11-01 15:41:16 | 000,517,504 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
    MOD - [2011-11-01 15:41:14 | 008,172,928 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
    MOD - [2011-11-01 15:41:12 | 002,252,672 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
    MOD - [2011-11-01 15:41:10 | 002,288,512 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
    MOD - [2011-11-01 15:41:06 | 000,422,272 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
    MOD - [2011-11-01 15:40:56 | 000,202,624 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
    MOD - [2011-11-01 15:40:54 | 000,034,688 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
    MOD - [2011-11-01 15:40:52 | 000,032,640 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
    MOD - [2011-11-01 15:40:08 | 000,388,480 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll
    MOD - [2011-11-01 15:40:00 | 000,438,144 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\NService.dll
    MOD - [2011-11-01 15:39:36 | 001,041,792 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll
    MOD - [2011-11-01 15:39:06 | 000,740,736 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
    MOD - [2011-11-01 14:57:42 | 000,112,640 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
    MOD - [2011-08-12 12:19:40 | 000,680,984 | —- | M] () – C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    MOD - [2011-08-12 12:18:56 | 000,342,552 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
    MOD - [2011-08-12 12:18:56 | 000,128,536 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
    MOD - [2011-08-12 12:18:56 | 000,029,208 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
    MOD - [2011-08-12 12:18:54 | 007,956,504 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
    MOD - [2011-08-12 12:18:54 | 002,145,304 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
    MOD - [2010-10-29 21:02:38 | 000,751,616 | —- | M] () – C:\Program Files\Logitech\Vid HD\vpxmd.dll
    MOD - [2010-10-29 21:01:30 | 000,027,472 | —- | M] () – C:\Program Files\Logitech\Vid HD\SDL.dll
    MOD - [2010-04-20 13:26:44 | 000,300,912 | —- | M] () – C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
    MOD - [2010-04-16 13:11:02 | 000,155,648 | —- | M] () – C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
    MOD - [2009-04-22 22:53:56 | 000,969,040 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
    MOD - [2009-04-10 00:04:56 | 002,141,008 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtCore4.dll
    MOD - [2009-03-03 23:18:08 | 000,138,064 | —- | M] () – C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
    MOD - [2009-03-03 23:18:06 | 000,035,152 | —- | M] () – C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
    MOD - [2009-03-03 23:18:06 | 000,029,008 | —- | M] () – C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
    MOD - [2009-03-03 23:17:46 | 011,311,952 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
    MOD - [2009-03-03 23:17:46 | 000,363,856 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtXml4.dll
    MOD - [2009-03-03 23:17:44 | 000,200,016 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtSql4.dll
    MOD - [2009-03-03 23:17:40 | 000,475,472 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
    MOD - [2009-03-03 23:17:38 | 007,704,400 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtGui4.dll
    MOD - [2009-03-03 23:17:32 | 000,291,664 | —- | M] () – C:\Program Files\Logitech\Vid HD\phonon4.dll
    MOD - [2009-01-13 13:36:00 | 000,279,552 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
    MOD - [2009-01-13 10:33:12 | 000,106,595 | —- | M] () – C:\Windows\System32\Bs2Res.dll
    MOD - [2009-01-07 18:55:00 | 000,622,693 | —- | M] () – C:\Windows\System32\BSShell.dll
    MOD - [2009-01-07 18:52:16 | 000,122,976 | —- | M] () – C:\Windows\System32\BsMobileSDK.dll
    MOD - [2008-03-07 12:54:22 | 017,907,824 | —- | M] () – C:\Windows\System32\BsLangInDepRes.dll
    MOD - [2006-08-12 04:48:40 | 000,049,152 | —- | M] () – C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
    MOD - [2006-08-12 04:48:40 | 000,049,152 | —- | M] () – C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll
    MOD - [2006-08-12 04:48:40 | 000,049,152 | —- | M] () – C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
    MOD - [2004-10-01 15:13:12 | 000,053,248 | —- | M] () – C:\Program Files\Sitecom\Bluetooth Software\BTKeyInd.dll


    ========== Win32 Services (SafeList) ==========[/color:9b3f8dc1e2]

    SRV - [2012-01-23 05:43:08 | 000,092,592 | —- | M] (TomTom) [Auto | Running] – C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe – (TomTomHOMEService)
    SRV - [2012-01-18 07:44:52 | 000,450,848 | —- | M] (Logitech Inc.) [Auto | Running] – C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe – (UMVPFSrv)
    SRV - [2012-01-15 14:54:07 | 000,909,152 | —- | M] () [Auto | Running] – C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe – (vToolbarUpdater)
    SRV - [2012-01-03 14:10:42 | 000,063,928 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
    SRV - [2011-10-27 10:34:30 | 000,718,384 | —- | M] (Nokia) [On_Demand | Running] – C:\Program Files\PC Connectivity Solution\ServiceLayer.exe – (ServiceLayer)
    SRV - [2011-10-12 06:25:22 | 004,433,248 | —- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] – C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe – (AVGIDSAgent)
    SRV - [2011-08-02 06:09:08 | 000,192,776 | —- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] – C:\Program Files\AVG\AVG2012\avgwdsvc.exe – (avgwd)
    SRV - [2009-11-03 10:11:48 | 000,114,688 | —- | M] () [Auto | Running] – C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe – (MSR Service)
    SRV - [2009-10-24 02:18:54 | 000,360,224 | —- | M] (Sony Corporation) [Auto | Running] – C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe – (PMBDeviceInfoProvider)
    SRV - [2009-08-27 17:09:10 | 001,253,376 | —- | M] (MAGIX AG) [Auto | Running] – C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe – (Fabs)
    SRV - [2009-01-13 13:36:02 | 000,837,120 | —- | M] () [Auto | Running] – C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe – (BlueSoleilCS)
    SRV - [2009-01-07 18:53:22 | 000,098,407 | —- | M] () [On_Demand | Running] – C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe – (BsHelpCS)
    SRV - [2008-08-07 11:10:02 | 003,276,800 | —- | M] (MAGIX®) [On_Demand | Stopped] – C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe – (FirebirdServerMAGIXInstance)
    SRV - [2008-01-16 09:16:44 | 000,030,312 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe – (BcmSqlStartupSvc)
    SRV - [2004-10-01 15:06:34 | 000,163,840 | —- | M] (Broadcom Corporation) [Auto | Running] – C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe – (btwdins)


    ========== Driver Services (SafeList) ==========[/color:9b3f8dc1e2]

    DRV - File not found [Kernel | On_Demand | Stopped] – – (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (catchme)
    DRV - [2012-01-18 07:44:52 | 004,332,960 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lvuvc.sys – (LVUVC) Logitech Webcam C210(UVC)
    DRV - [2012-01-18 07:44:28 | 000,312,096 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lvrs.sys – (LVRS)
    DRV - [2011-10-07 06:23:48 | 000,230,608 | —- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] – C:\Windows\System32\drivers\avgldx86.sys – (Avgldx86)
    DRV - [2011-10-04 06:21:16 | 000,016,720 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\AVGIDSShim.sys – (AVGIDSShim)
    DRV - [2011-09-13 06:30:10 | 000,032,592 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] – C:\Windows\system32\DRIVERS\avgrkx86.sys – (Avgrkx86)
    DRV - [2011-08-17 12:56:32 | 000,008,192 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbser_lowerfltj.sys – (UsbserFilt)
    DRV - [2011-08-17 12:56:30 | 000,008,192 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbser_lowerflt.sys – (upperdev)
    DRV - [2011-08-17 12:56:26 | 000,023,168 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ccdcmbo.sys – (nmwcdc)
    DRV - [2011-08-17 12:56:22 | 000,018,176 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ccdcmb.sys – (nmwcd)
    DRV - [2011-08-08 06:08:58 | 000,040,016 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] – C:\Windows\System32\drivers\avgmfx86.sys – (Avgmfx86)
    DRV - [2011-07-11 01:14:38 | 000,295,248 | —- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] – C:\Windows\System32\drivers\avgtdix.sys – (Avgtdix)
    DRV - [2011-07-11 01:14:02 | 000,024,272 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\AVGIDSFilter.sys – (AVGIDSFilter)
    DRV - [2011-07-11 01:14:00 | 000,023,120 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] – C:\Windows\system32\DRIVERS\AVGIDSEH.Sys – (AVGIDSEH)
    DRV - [2011-07-11 01:13:58 | 000,134,736 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\AVGIDSDriver.sys – (AVGIDSDriver)
    DRV - [2009-12-17 16:02:20 | 001,203,712 | —- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\athr.sys – (athr)
    DRV - [2009-06-22 19:38:24 | 000,102,912 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ewusbmdm.sys – (hwdatacard)
    DRV - [2009-06-22 19:26:06 | 000,100,736 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ewusbdev.sys – (hwusbdev)
    DRV - [2009-05-04 15:35:00 | 000,163,328 | —- | M] (Realtek ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\Rtlh86.sys – (RTL8169)
    DRV - [2009-01-08 01:20:04 | 000,031,880 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\VCommMgr.sys – (VcommMgr)
    DRV - [2009-01-07 22:39:36 | 000,020,744 | —- | M] (IVT Corporation.) [Kernel | Boot | Running] – C:\Windows\System32\Drivers\BtHidBus.sys – (BtHidBus)
    DRV - [2009-01-03 15:40:12 | 000,039,304 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btcusb.sys – (Btcsrusb)
    DRV - [2008-12-07 11:44:54 | 000,030,088 | —- | M] () [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\btnetBus.sys – (btnetBUs)
    DRV - [2008-12-07 11:44:50 | 000,017,928 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\btnetdrv.sys – (BT)
    DRV - [2008-08-26 10:26:12 | 000,018,816 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\pccsmcfd.sys – (pccsmcfd)
    DRV - [2008-07-02 13:58:48 | 000,026,248 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\IvtBtBus.sys – (IvtBtBUs)
    DRV - [2008-03-20 03:35:56 | 000,023,040 | —- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\aabed2.sys – (e.dentifier2)
    DRV - [2008-01-21 18:27:50 | 000,014,856 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\VComm.sys – (VComm)
    DRV - [2008-01-21 03:32:45 | 002,225,664 | —- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\NETw3v32.sys – (NETw3v32) Intel(R)
    DRV - [2006-12-05 10:34:42 | 000,507,136 | —- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\PFC027.SYS – (PAC207)
    DRV - [2006-11-14 01:11:54 | 000,013,312 | —- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] – C:\Windows\System32\drivers\KMDFMEMIO.sys – (KMDFMEMIO)
    DRV - [2006-11-02 08:41:50 | 000,983,552 | —- | M] (Agere Systems) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\AGRSM.sys – (AgereSoftModem)
    DRV - [2006-11-02 08:30:53 | 000,045,056 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\bcm4sbxp.sys – (bcm4sbxp)
    DRV - [2005-01-31 10:20:04 | 000,211,712 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\LV561AV.SYS – (PID_0928) Logitech QuickCam Express(PID_0928)
    DRV - [2005-01-31 10:12:46 | 000,022,016 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\LVUSBSta.sys – (LVUSBSta)
    DRV - [2004-10-01 14:50:26 | 000,023,271 | —- | M] (Broadcom Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\btserial.sys – (BTSERIAL)
    DRV - [2004-10-01 14:50:20 | 000,222,876 | —- | M] (Broadcom Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\btslbcsp.sys – (BTSLBCSP)
    DRV - [2004-10-01 14:48:30 | 001,241,482 | —- | M] (Broadcom Corporation) [Kernel | Boot | Running] – C:\Windows\system32\drivers\btkrnl.sys – (BTKRNL)
    DRV - [2004-10-01 14:43:44 | 000,054,488 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btwusb.sys – (BTWUSB)


    ========== Standard Registry (SafeList) ==========[/color:9b3f8dc1e2]


    ========== Internet Explorer ==========[/color:9b3f8dc1e2]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{882F15F8-2E2C-4390-97BA-CE3075702076}: "URL" = http://downloads.phpnuke.org/nl/index.php?rvs=google
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2102399


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_nl
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9D36EC7C-0D34-4F6C-8EE1-36E91E6E8418}&mid=7ccbdc14738147d69f4dd159265498df-a5ffb712878c353380133c18cf3775fed8c8d307&lang=nl&ds=AVG&pr=fr&d=2011-11-29 20:14:12&v=10.0.0.7&sap=dsp&q={searchTerms}
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========[/color:9b3f8dc1e2]

    FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
    FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

    FF - HKLM\Software\MozillaPlugins\@ABNAMRO/BECON,version=1.00: C:\Program Files\ABN AMRO e.dentifier2\Mozilla
    pBECON.dll (ABN AMRO)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director
    p32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins
    pitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\innoplus\3D-Viewer-innoPlus
    pIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin
    ew_plugin
    pjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins
    ppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins
    prpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-01 10:42:36 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011-11-26 13:35:58 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012-01-15 14:54:11 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011-11-26 13:36:01 | 000,000,000 | —D | M]

    [2010-11-27 13:40:36 | 000,000,000 | —D | M] (No name found) – C:\Users\beheerder\AppData\Roaming\mozilla\Extensions
    [2010-11-27 13:40:36 | 000,000,000 | —D | M] (No name found) – C:\Users\beheerder\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
    [2012-03-02 16:30:50 | 000,000,000 | —D | M] (Map status indicator) – C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

    O1 HOSTS File: ([2011-01-21 15:29:39 | 000,000,027 | —- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
    O3 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
    O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
    O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
    O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [] File not found
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
    O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm ()
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com
    esource/download/scanner/nl-nl/wlscctrl2.cab (Windows Live OneCare safety scanner control)
    O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} http://www.navigram.com/engine/v1026/Navigram.cab (Navigram Control)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7806D9FB-419E-49D2-8ABF-CD06414F48A2}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BF0D505-87A7-4FD5-A19C-66813A50DA05}: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\skype4com.dll (Skype Technologies)
    O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
    O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\System32\BTXPPanel.dll (Broadcom Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | —- | M] () - C:\autoexec.bat – [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync
    estart)
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O35 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..exefile [open] – "%1" %*
    O37 - HKLM\…com [@ = ComFile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*
    O37 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\…exe [@ = exefile] – "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========[/color:9b3f8dc1e2]

    [2012-03-11 10:17:55 | 000,594,944 | —- | C] (OldTimer Tools) – C:\Users\beheerder\Desktop\OTL.com
    [2012-03-11 10:10:27 | 000,000,000 | —D | C] – C:\Program Files\backups
    [2012-03-11 09:35:55 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012-03-11 09:35:53 | 000,020,464 | —- | C] (Malwarebytes Corporation) – C:\Windows\System32\drivers\mbam.sys
    [2012-03-11 09:35:53 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes' Anti-Malware
    [2012-03-11 09:18:50 | 000,388,608 | —- | C] (Trend Micro Inc.) – C:\Program Files\HijackThis.exe
    [2012-03-10 18:11:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{25272832-F3A5-42D9-8759-084D68EC7683}
    [2012-03-10 18:11:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0F7BD1B8-F436-4B97-9F01-31914D1B7A48}
    [2012-03-10 14:14:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C495001E-460E-4E02-9AF3-ED549646C91A}
    [2012-03-10 14:14:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{949A580D-25D5-46EA-B026-C02114F1D5CD}
    [2012-03-10 13:22:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{616F7C79-C3EA-4A6F-A0AC-BB97F2434D09}
    [2012-03-10 12:20:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F1103772-79C7-4F53-A4E4-421272CD8892}
    [2012-03-10 12:20:26 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{067BD554-2DFE-4CA2-AF9B-D77B69372256}
    [2012-03-10 12:17:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7A9B51B7-25D9-4EF4-8321-2965EAA9F601}
    [2012-03-10 12:17:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A77891E2-9A09-445A-9816-7A8ADD8FD9A0}
    [2012-03-09 22:17:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FCF2A1DD-9F46-4122-A6F5-8D8C5677FC35}
    [2012-03-09 22:17:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{674EA8A9-B7D8-42E1-8D24-FB426F3CC1E5}
    [2012-03-09 20:55:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AFA1E704-4100-4AC1-AC9D-D5BC53EA0A39}
    [2012-03-09 20:55:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E9C6F9EE-9EEA-463A-92EC-A76EE14064BA}
    [2012-03-09 19:19:31 | 000,213,640 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfehidk.sys
    [2012-03-09 19:19:31 | 000,130,424 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\Mpfp.sys
    [2012-03-09 19:19:31 | 000,079,304 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfeavfk.sys
    [2012-03-09 19:19:31 | 000,040,552 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfesmfk.sys
    [2012-03-09 19:19:31 | 000,035,272 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfebopk.sys
    [2012-03-09 19:19:31 | 000,034,216 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mferkdk.sys
    [2012-03-09 13:53:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CDD0A1D2-B55C-48AD-A04A-0936696B177F}
    [2012-03-09 13:52:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{835C2E95-0138-4D13-8264-F9AF574272CC}
    [2012-03-09 13:47:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8DCBEB48-B2F8-45DB-A4BA-D08528B1AC37}
    [2012-03-09 13:46:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5B9E8D5C-5FD6-40E6-AC66-048DAA32D1A8}
    [2012-03-09 12:58:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{67E3A528-B2FB-410A-92C1-A2946007D725}
    [2012-03-09 12:57:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{92D885BC-6DF0-450A-A48D-80140A650CAC}
    [2012-03-09 12:48:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7D777AA5-0B90-4594-BF60-A2E0AAFA200B}
    [2012-03-09 12:48:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE2651D1-735C-4E49-AAF9-CB87BCD55636}
    [2012-03-09 11:28:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D362E7E7-C601-44A5-AF50-2E3ACE6814A8}
    [2012-03-09 11:28:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E91EB1A5-BDEF-4C81-8BE2-84B3B770952E}
    [2012-03-09 10:38:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9CB9825A-CCD1-4A10-9FBB-1B1B7DA6FAEA}
    [2012-03-09 10:37:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0CC54677-8C63-4AE8-B4C1-EF050C2CABCC}
    [2012-03-08 23:29:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F1DAE921-F81F-4CE1-B581-44A196598A31}
    [2012-03-08 23:29:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59401D54-7C13-4420-9A31-334E5BF7E01A}
    [2012-03-08 20:30:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{927E6BAE-371C-4F76-BE34-3A5DEE65F46F}
    [2012-03-08 20:30:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{305B497A-F720-440A-8B35-9BDDD0F9C66B}
    [2012-03-08 19:51:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1E5B4A3C-8E38-4369-90DD-AB0F3FE3A569}
    [2012-03-08 19:51:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B42CFFE7-81B4-4177-A488-D6F8747D84D1}
    [2012-03-08 19:21:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F6BE485D-5DF5-47BD-AE4D-4613C7075516}
    [2012-03-08 19:21:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{88A6E4AD-EA87-49C4-95DE-A7AEB8D04F0E}
    [2012-03-08 18:41:26 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{BD202943-6487-4A1D-BEC7-4F7284650E29}
    [2012-03-08 18:40:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2F81ED96-A8A2-42EE-A3EB-A62584768A94}
    [2012-03-08 13:55:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0DA0A806-7C08-442A-81CF-0EA765B0AE7F}
    [2012-03-08 13:55:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE964D24-201D-4911-BDA2-03C80A8EC1E4}
    [2012-03-08 13:16:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{09835AF4-EDDB-429D-9AFB-BEE0555E7A32}
    [2012-03-08 13:16:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C855205A-2FA1-4036-A677-88C4865E746F}
    [2012-03-08 13:09:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9AF71FC1-0B9D-4AEE-A329-35202F5CDC62}
    [2012-03-08 13:08:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D81C2DEA-EC3D-463C-8B73-60AB6566B32D}
    [2012-03-08 12:29:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7669A81A-E158-4D97-B145-2FF01F332BA1}
    [2012-03-08 12:29:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8B070D49-89B0-4CDD-AFB8-C29202246F49}
    [2012-03-08 10:40:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A3BC74F0-AA86-4820-B535-655206AA9CD2}
    [2012-03-08 10:39:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2CF25D37-03C4-41BD-ADDA-CD9F5B752D85}
    [2012-03-07 23:15:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C6C9B701-426C-4033-8DE0-4B214DEFCA3F}
    [2012-03-07 23:15:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{16A9D638-C7FC-4897-8A6C-08D1D09FFC94}
    [2012-03-07 23:15:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{43048A9F-E9BD-49AB-A278-D7439D264CE0}
    [2012-03-07 23:15:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{82399C23-7267-4C57-B5B1-A9C9F8BB0692}
    [2012-03-07 22:17:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{834DD644-55D3-4503-BB84-A2E6BF93C5B6}
    [2012-03-07 21:55:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D9D17EA5-646D-42A9-AACC-F63AA92B7610}
    [2012-03-07 21:55:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0F008228-3499-4E4B-A64F-28ACC99DCFCF}
    [2012-03-07 18:16:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{96BB5626-EA94-40EB-8A71-CB56B92E5095}
    [2012-03-07 18:16:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7D2A06A2-C59C-4639-B300-7BC39B94BE2E}
    [2012-03-07 17:10:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{977A9CC4-1D88-4D32-A134-D2F88A7E9CD3}
    [2012-03-07 17:10:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2AA080EF-1E08-47D6-8512-C4BA15A75AF6}
    [2012-03-07 17:04:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CF863570-6F1F-465B-B426-1CD2F99F2025}
    [2012-03-07 17:03:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CB5AF8E2-F97B-4210-8D49-6019BAAF0308}
    [2012-03-07 17:03:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C38DF318-FFE5-4D74-AECF-76FBC18DC101}
    [2012-03-07 16:40:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{61EC2407-1DFB-4880-9085-E5D98AC81254}
    [2012-03-07 16:39:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{09FB019B-11F7-47DB-8870-9B1294C83DF0}
    [2012-03-07 10:55:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0BBBAB99-86EE-4A00-814F-76764952EEBE}
    [2012-03-07 10:55:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3FD8EF89-BDC4-4D29-9340-96CDD6F4D0C7}
    [2012-03-07 00:06:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B2CDD9AE-123D-4925-AB34-525F46407512}
    [2012-03-07 00:05:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FAA7A997-01A3-4BAF-B8D2-BB0FF3C82D3A}
    [2012-03-06 21:10:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3CB81A2E-0F73-4EB2-9471-48B9A1C7719C}
    [2012-03-06 21:10:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9BC60530-471C-466B-8041-DE5AAE7014CC}
    [2012-03-06 20:01:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{63A1191A-CD25-4FE6-906B-9DF9F8736ACB}
    [2012-03-06 20:00:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{89BB88DC-EBBD-4C28-BF89-353B2A3327B1}
    [2012-03-06 14:11:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EA6F9147-EBF7-4139-BFF0-7AFD2BC469B2}
    [2012-03-06 14:11:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{DBB11865-6801-49A3-98CE-8E6A5F6ED26E}
    [2012-03-06 12:08:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B3E89E10-B845-4B85-92BA-6EAA9B206D23}
    [2012-03-06 12:08:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CFB7FE3D-EE48-4D6A-AC49-7612099F6128}
    [2012-03-06 12:07:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00AA128F-78B9-4E41-AE16-49E8EF68E322}
    [2012-03-06 12:07:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{216D0E91-8391-4C37-92AE-AF7BC4725C17}
    [2012-03-06 10:01:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{26003F88-F3F6-424B-AD7B-8E7C2D0A854E}
    [2012-03-06 10:00:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{51594273-EDF3-4C87-BA1F-848C4B28BFDB}
    [2012-03-06 09:01:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AC61B50A-C5D2-4951-9EF9-B88C6B2C500A}
    [2012-03-06 09:01:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AE50E7CE-F30D-4C21-B96D-062FF2B49670}
    [2012-03-05 23:37:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CD1408E5-EDA3-4AC1-A301-DF8BCB661372}
    [2012-03-05 23:37:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8FFFABF5-EDA4-48D1-A571-F2887B058B06}
    [2012-03-05 23:28:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C583644D-1E57-4815-B5A9-A8955AD0061B}
    [2012-03-05 23:27:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5C23E93E-2781-44C0-A424-03286BF2473C}
    [2012-03-05 20:52:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{ACB6ACF1-D969-408E-8E3E-0721A995CE94}
    [2012-03-05 20:52:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{05DD12B4-B982-49F8-8A1A-1EC08C7A2FFA}
    [2012-03-05 17:19:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B983B63E-BD29-42F4-9EF2-D4AEAD7F9E13}
    [2012-03-05 17:19:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{97FF9C8E-5904-47BE-B603-74DADBFE35A6}
    [2012-03-05 13:06:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E69E7682-22B3-488C-BC41-67CAD45667A4}
    [2012-03-05 13:06:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B5792C82-7075-4F5A-B33E-816CFBA7878F}
    [2012-03-05 12:55:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C1CBF9C8-B0EF-4B20-900F-56445892F26D}
    [2012-03-05 12:55:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{910CE8EF-5E18-4F95-A185-8A041D20ECEC}
    [2012-03-05 12:44:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1EBBD953-BE0F-4387-B823-C1046A7C67C1}
    [2012-03-05 12:44:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FE39F697-8843-4A73-91AA-E97C72438466}
    [2012-03-05 11:57:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C8F30DED-5D5D-4A0F-AC26-D0400BDE7342}
    [2012-03-05 11:57:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37B4DE7C-6D79-4A7B-8C18-704ADF30FDD6}
    [2012-03-05 11:28:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{64EF48ED-6671-4EA1-8409-1012A384D1B1}
    [2012-03-05 11:28:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2971A6D8-82EF-43C8-A26C-C319D5843B3A}
    [2012-03-05 08:56:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{60EA503D-992A-4F4A-AB3C-0794CA573BB0}
    [2012-03-05 08:56:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{488ED906-A05C-434C-A780-9157205FD286}
    [2012-03-04 19:32:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{45FB87F4-61BB-4D5B-BC9A-821D5D8D383C}
    [2012-03-04 19:32:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CC07CB92-D0ED-49D5-9F32-DEF1DD6D2ECC}
    [2012-03-04 17:10:02 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{34C02B65-D8EE-4D7E-A3EE-1D9B3AE92F28}
    [2012-03-04 16:30:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AC45AEF2-EF6B-4D98-A939-8338B3EE1F84}
    [2012-03-04 16:30:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E7B45F18-F9C8-4CEE-AE16-A2FBE9C60308}
    [2012-03-04 09:45:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EAB19944-A9C9-42DC-89EC-6B02B00FE0F6}
    [2012-03-04 09:44:53 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{49C56FB3-300C-4D2D-B545-1B190ED5C654}
    [2012-03-04 09:37:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{47265DD9-C65A-4027-885C-E4A14E4A31CC}
    [2012-03-04 09:37:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A2740F8C-52DB-46B9-ADA3-437D6DD0B22B}
    [2012-03-04 09:36:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C0B7C08A-BB1F-43DA-90CF-C13BCD3089E4}
    [2012-03-04 09:36:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D85057BD-02A0-45BB-95DA-D9D6E48913DC}
    [2012-03-04 09:33:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C682C7B-3BB0-4BB4-8B77-4B69AABFB07B}
    [2012-03-04 09:33:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{34D8269A-2FF3-43A1-BF82-AE6CEA0D92E1}
    [2012-03-04 00:06:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EC68489B-8261-456D-A9FB-090867F31B47}
    [2012-03-04 00:06:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{10C9D44C-07A6-448E-B5C6-5B6D36219CDE}
    [2012-03-03 15:02:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{285B4CC2-CCA1-41CE-8DBE-A8E654879839}
    [2012-03-03 15:02:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A86AB0A1-2789-49BC-B2A1-9A0362201020}
    [2012-03-03 13:57:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{357ED63F-AB5D-4053-96B7-DA89001BA57F}
    [2012-03-03 13:57:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{27CF30A4-7509-4E9B-B0A9-7041AC6458E5}
    [2012-03-03 13:11:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59720F6D-AE5A-4512-9052-73234F5895EB}
    [2012-03-03 13:11:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F8FEFA25-E092-4C18-9FAB-9E6CCB398036}
    [2012-03-03 00:17:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6D076397-C2A0-49A8-8065-BE41D4971E84}
    [2012-03-03 00:17:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{03CA70CB-BF76-4543-934A-55A36CE155CE}
    [2012-03-02 21:52:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D90D6520-D13F-4D73-924D-C88BB6E58E64}
    [2012-03-02 21:52:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4D5A74B2-6570-46EC-A5B4-59D0C4B5E66F}
    [2012-03-02 16:30:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FA36239D-9352-42D6-BA9B-56765E6C7FDF}
    [2012-03-02 16:29:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B0D37998-ACB2-4E8A-A22A-C3BD0D0EF618}
    [2012-03-02 14:52:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{054891E9-80CF-4416-9B2F-AFF1938594D7}
    [2012-03-02 13:46:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A4D98DCB-0EFA-4410-923E-BD4C21C7B8D5}
    [2012-03-02 13:46:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4CFFA3D-BFED-4059-B45B-7386DF3E41CB}
    [2012-03-02 12:59:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C83B74F7-E3D0-44BD-BB8C-CEA69727A521}
    [2012-03-02 12:59:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{57B9EEEC-86BF-42ED-A106-05023C15D155}
    [2012-03-01 23:59:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{213899AA-4DCB-4B84-91EB-19193346BC94}
    [2012-03-01 23:59:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{31D3ED46-A0C0-46D5-A6B7-BEFA95CB18B1}
    [2012-03-01 20:59:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4AFF116-8CC1-4025-9686-40B13E5E4CE5}
    [2012-03-01 20:58:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F7C83BD8-1CFE-4B87-A259-25F2198E31C2}
    [2012-03-01 20:58:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E0FC6AF7-B997-4E9A-B0BE-181F01CEA55D}
    [2012-03-01 20:57:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9873CBC1-B028-4879-8CCC-E597A6A0C4C8}
    [2012-03-01 20:57:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{552929E3-A16D-4DC0-8D21-06E7BE83A2D2}
    [2012-03-01 18:01:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6324A3B5-9B8C-418B-BDF8-6ADFCEBEB364}
    [2012-03-01 17:17:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4F1B64E7-F2D7-4323-B0D5-2907DEC96A6F}
    [2012-03-01 16:49:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8651BBE2-DE31-4CE1-AB79-A2E073235CEE}
    [2012-03-01 12:15:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{47254C15-82F3-471C-92D1-09A370ACFE59}
    [2012-03-01 12:15:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D93722B1-E270-4B8C-A6AB-46CD8748B3CA}
    [2012-02-29 22:20:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4890735-74FF-4CDF-AA24-7D4FF8069065}
    [2012-02-29 22:20:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{93A3EDC8-6C07-47DD-AAE9-C13AD6DA613D}
    [2012-02-29 17:55:12 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5640543F-82DA-4C9D-AE8B-9B5F5ADD6B96}
    [2012-02-29 17:55:02 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2025E4A9-94B7-403C-9A63-873642145C96}
    [2012-02-29 12:43:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{76567C85-0037-420B-94D9-8FBD5529943A}
    [2012-02-29 11:29:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B0B42491-7549-4747-A883-F9D82334EEB6}
    [2012-02-29 11:29:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{16018457-F943-47EA-A84E-E1E8C198A66F}
    [2012-02-28 20:45:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{838C89BF-9825-466E-ABF2-593E05E1318B}
    [2012-02-28 20:45:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D8A53951-1C6F-4EEA-B996-000821044080}
    [2012-02-28 14:06:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{27EACED6-EC0D-4DDF-AAE2-9DF658CC341F}
    [2012-02-28 13:00:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1399D856-B0C0-4309-8ACC-4EFF63D0FB5C}
    [2012-02-28 13:00:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37110F28-6191-48AF-B38E-4B01C5C5F6BA}
    [2012-02-28 12:19:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5CA81E01-7C6C-42A4-8265-B3CFE044A3B1}
    [2012-02-28 12:19:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B41B77C3-4EB3-48FC-8F3D-F63C68E32D26}
    [2012-02-28 00:29:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{86D3B414-A6D9-459D-85E7-635CC7BE3A19}
    [2012-02-28 00:29:25 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8A8A9C26-AEE8-49D0-90F2-E7343C9237B0}
    [2012-02-27 22:54:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37C3BE8D-30B8-48FB-A3B4-5D45C6F50431}
    [2012-02-27 22:53:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{518295F5-02BF-45EA-B2C4-22EC9C42246A}
    [2012-02-27 20:19:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{533DD14A-75C0-4CFD-9BD6-2F8399F08FE7}
    [2012-02-27 20:18:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B08BCB1D-EBEC-47E7-8607-F79BDD7B6AD8}
    [2012-02-27 17:51:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{318EFD78-D218-4872-8871-24282874DC8A}
    [2012-02-27 17:51:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{50C10642-68C2-410B-A3D8-F9D55E384841}
    [2012-02-27 11:13:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F6CFCE34-8ADA-44C1-9955-40144FDAC091}
    [2012-02-27 11:13:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1314BC7C-2816-470C-AC42-0060A08A9579}
    [2012-02-27 11:07:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C8D1CF4-5227-4EA8-8394-A985ACF95077}
    [2012-02-27 11:07:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6F4F0F78-5E02-4A32-84C4-BC1C0EE3BBA5}
    [2012-02-27 10:33:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{43BE6172-2069-4F6B-98CF-E1281682C446}
    [2012-02-27 10:33:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4B5727F2-AE91-430A-B1BE-BDF36A3C7EF0}
    [2012-02-26 22:31:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8344D692-6E9A-4697-A601-159955061AE7}
    [2012-02-26 20:27:25 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{84486FBD-0CEF-481C-BFE4-13EA24BAB9A4}
    [2012-02-26 20:27:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C057A6CF-6625-48E3-A7AC-85ACE206E00E}
    [2012-02-26 17:12:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{171EC639-177B-453B-B064-539D72EB3498}
    [2012-02-26 16:19:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3732E7A8-AF8E-4AA3-9135-79AD64404677}
    [2012-02-26 16:19:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FB33B338-B769-4A06-881C-6DF1E619E9A0}
    [2012-02-26 13:58:53 | 000,000,000 | —D | C] – C:\Users\beheerder\Documents\codes en wachtwoorden
    [2012-02-26 13:21:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EF0266C1-D053-4307-872C-6E6235B5907F}
    [2012-02-26 13:21:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8D044A20-E397-4E09-9587-01C7B8167DC0}
    [2012-02-26 13:18:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9DE504CE-7840-420C-B785-959AACD8142A}
    [2012-02-26 13:18:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{892FC4D9-4172-46F3-A5D8-4C875D37E36A}
    [2012-02-26 13:07:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C87FB88-CA9E-46AA-86D4-6DE3FC56F7AC}
    [2012-02-26 13:07:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C60095C4-C2AA-4685-8D3C-F0751160EB0A}
    [2012-02-26 13:05:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FA037894-FC13-4C77-BE3D-7A1BD78DC6C8}
    [2012-02-26 13:05:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE2C6E0F-1553-42CA-B6F4-6A4BBA28D8CB}
    [2012-02-26 13:04:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5BA43E6D-84C7-47EE-BC58-972F9127959E}
    [2012-02-26 12:07:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{94F0D724-94DD-4392-AD37-C28718478F56}
    [2012-02-26 12:07:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{52369848-8104-4A10-AEA8-47D6C754C7EF}
    [2012-02-26 12:00:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00FE4A30-7611-4D57-B8AC-25AB506DEA6A}
    [2012-02-26 12:00:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AB810350-A13C-4A20-A8AD-60665A9DD29B}
    [2012-02-26 00:49:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{92E76890-C56A-4112-9CF8-F45DB1FDBAF7}
    [2012-02-26 00:00:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D6CC543E-7AD8-47A3-95C1-98740A63A7B2}
    [2012-02-25 23:59:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D7B13702-930E-4A59-9902-58549ABEB2BA}
    [2012-02-25 23:26:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{906D99AF-B7E2-4349-8B2B-55650BB35EDD}
    [2012-02-25 23:25:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E576CB08-E9D2-46F1-88E0-E9160C77167D}
    [2012-02-25 17:13:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{208CDCCC-2D4F-4BC8-A566-12D12CA79E8A}
    [2012-02-25 17:13:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{368CFD6F-6CFC-4A28-A2C8-95A90D9D63AA}
    [2012-02-25 17:11:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{51BC7E2A-D855-4774-8A4E-68EE84FD2C42}
    [2012-02-25 17:11:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4BA05AC5-BAF3-4A22-8C27-24DBED19F5B2}
    [2012-02-25 13:33:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F250A87D-485C-4691-AB92-008D06C19895}
    [2012-02-25 13:33:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{070E5C4C-0F51-42E9-9745-6E2B24E52B41}
    [2012-02-25 13:05:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{30147645-6AE9-4A15-A1B9-72CB0FE7337C}
    [2012-02-25 13:05:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5761C24C-2CD5-4407-87ED-691E2E07D4BB}
    [2012-02-25 12:25:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1E6849AD-4567-4A50-8418-7B0C48305EEE}
    [2012-02-25 12:24:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F557DE4F-DC1D-4532-9DD6-E6A6D9FCBB37}
    [2012-02-24 23:47:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A38577E9-489B-426A-878A-FC3568096C7C}
    [2012-02-24 23:47:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{79A272E6-D57F-4561-A4E1-4583D31FEF78}
    [2012-02-24 17:44:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59D44DED-5592-432E-AE47-084A42A3110F}
    [2012-02-24 17:44:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{73924AAE-4932-48BB-8BA5-51C9903E6ECA}
    [2012-02-24 14:04:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{35698623-C667-498F-9F13-F76F6FA26585}
    [2012-02-24 14:04:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D15F9CCE-6DB3-47B9-BA0B-62C30C3C6E23}
    [2012-02-24 13:31:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5DC01DF8-64FE-479D-ABD9-3B25A1076148}
    [2012-02-24 13:31:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C1DF2BD-13B7-4A5A-A09E-B21837875865}
    [2012-02-24 12:54:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0CC01258-D330-4944-B195-F439D2CFDC3A}
    [2012-02-24 12:53:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{76258158-826E-4C72-B923-633B6AFCF975}
    [2012-02-24 11:43:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1CF97791-A70F-4C3E-8F9E-01B25B1ACECF}
    [2012-02-24 11:42:35 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{57B26E0D-BA66-4198-84B6-D281E8E96663}
    [2012-02-24 11:19:20 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{29A88673-3050-4782-B1B8-F2949F1F48AB}
    [2012-02-24 11:19:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE386DD1-B751-4B55-9B0D-0CEE1C32754C}
    [2012-02-23 22:21:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7F14E751-F638-4005-9BE1-69F34A0D474C}
    [2012-02-23 22:20:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{30BCEC3C-18EB-4DF5-A568-92ABF1119D16}
    [2012-02-23 21:40:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{23F725DD-9C09-4D99-83D9-AF8C7884C981}
    [2012-02-23 21:40:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{872B2AC8-BD4C-45A2-82B0-7202A6817C7E}
    [2012-02-23 20:31:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FE4533E0-3442-4290-8E2C-B93CBA851CB0}
    [2012-02-23 20:30:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{547C12F7-9F37-4544-A0EE-5F52966DB3D7}
    [2012-02-23 18:04:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D6E5A812-1E92-43E0-BF0F-2D4B73052937}
    [2012-02-23 18:04:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{11C6AB28-6B00-45D9-A66F-D2981F658622}
    [2012-02-23 13:41:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{22E7B14E-90B6-4139-8EC9-07F822694C2F}
    [2012-02-23 13:41:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C12FA68-B321-4939-9D6B-2E5A7252C7F0}
    [2012-02-23 10:00:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E35B5F2D-524D-448F-B3FE-34EE28222616}
    [2012-02-23 10:00:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1D3C6943-F98F-4CD4-B9B4-558D72DF4463}
    [2012-02-22 22:27:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5EEDCB8F-F426-4EDC-9746-6D4C9CF9EC5F}
  • OTL Extras logfile created on: 11-3-2012 10:20:28 - Run 1
    OTL by OldTimer - Version 3.2.36.3 Folder = C:\Users\beheerder\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    2,93 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 57,77% Memory free
    6,07 Gb Paging File | 4,13 Gb Available in Paging File | 68,12% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 142,09 Gb Total Space | 68,09 Gb Free Space | 47,92% Space Free | Partition Type: NTFS
    Drive D: | 143,00 Gb Total Space | 43,57 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

    Computer Name: BEHEERDER1 | User Name: beheerder | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:8a96e2d378]


    ========== File Associations ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] – rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .hlp [@ = hlpfile] – C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Classes\<extension>]

    ========== Shell Spawning ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    hlpfile [open] – %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] – "C:\Program Files\VideoLAN\VLC\vlc.exe" –started-from-file –playlist-enqueue "%1" ()
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] – "C:\Program Files\VideoLAN\VLC\vlc.exe" –started-from-file –no-playlist-enqueue "%1" ()
    Folder [open] – %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] – %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type – File not found
    "VistaSp2" = Reg Error: Unknown registry data type – File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{03D738C0-34EF-47B0-8047-0BF9BE82125E}" = rport=138 | protocol=17 | dir=out | app=system |
    "{066C6C3D-E36A-436B-9657-4286D80F5AD8}" = rport=139 | protocol=6 | dir=out | app=system |
    "{07D21CE5-D4FD-4852-8D50-21C32616ABA7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{12A7EBF1-3B6A-4052-9F58-86054ACC1146}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{1F268E85-218A-426D-A96C-ABDEE4DFBAF4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{218E54ED-9626-495E-8889-26D6F5759C47}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
    "{26A84637-9F8A-4FE7-8011-86147FA03F19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{26B0A9A8-EDB4-4CB6-8982-755A6E4534C4}" = lport=139 | protocol=6 | dir=in | app=system |
    "{2C5A14EC-55A9-43B8-868B-DFCACF830234}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{4A304A48-6B4D-422B-A70B-2B17C7439DBF}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{4FE503F9-49FA-477D-98F6-7748CF9C2150}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
    "{593F0161-6140-48E8-BAD8-138526E5AB8F}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{5E69857A-BA05-4D4D-B844-98FB1D677308}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{5FAF3732-EF16-4290-BFB6-F011BB994E05}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
    "{64E06E4A-9D3D-4E79-9DF0-4466ED42F7D2}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
    "{666A52D0-E680-4A28-9D70-5DCA6540FCAF}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
    "{69E9EC80-3D88-489D-BF9F-318B78FF9E19}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
    "{6B3D0F65-E315-4FC9-A8BD-68EC2FA80269}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{6E2C1A73-5074-4EB3-9F4C-BB3D73EF5F40}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{77ABBA61-ADF3-4BF7-BC47-FA2A49E4E7BA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{7F69F1EC-70CA-46AE-ACBA-856620A261D2}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
    "{80611FD7-E0A1-4765-8431-F06EDEBA8387}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{81A0FD98-47C3-4CDD-96FE-1DCE3E0DBF80}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{84105407-A2BD-47C9-A2F9-FFCA258FE5EC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{84A11A78-8A70-44ED-BC1C-0C911C5FB80A}" = lport=137 | protocol=17 | dir=in | app=system |
    "{984A7562-169C-4315-B673-24F693AA7F0F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{9A5D77C3-CB0A-47C1-9959-127F3AF9230A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{9DAADB1A-689A-4C12-A3E0-7CFC2430D959}" = lport=138 | protocol=17 | dir=in | app=system |
    "{A379A9FF-CA8C-4905-83A8-68BEBC3C15D3}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{ABB410B4-69DC-49B3-92C5-73E734BA062D}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
    "{ABEAC869-2EC3-4546-8F99-5A3E1811046E}" = rport=137 | protocol=17 | dir=out | app=system |
    "{B683217B-D29B-4AB9-97DA-CA6BCF2ED16B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{C3AC4B56-FFC4-46C5-8801-42149BD2D691}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{C67DEC6A-AB8D-4385-82FD-20B24A1A8601}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{CF1EF587-94F8-44C5-8B95-D57F1FC7D649}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{D0AFFAD1-DAA3-4AE4-99BA-CE6C2E5505BB}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{D49D5B32-B4E3-469F-801A-36D0759EBD14}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D53633D1-EB4F-4587-BA09-98512667E701}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{DFB28BF0-87E9-4077-A824-0FA58E723F42}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{E071252E-FB21-4ECC-BE21-B0A7B53F7C0B}" = rport=445 | protocol=6 | dir=out | app=system |
    "{E1A65FA4-B51B-4156-B461-552A0FF0EEF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{E4CE62BE-227A-4A83-8460-1CA432B40861}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{EBF18ACD-9B04-446F-B5B7-48BE34FC68EA}" = lport=445 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{02E7C736-1426-4E67-BC56-74CC02CDA373}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{153F3035-79E5-4F43-AAB4-74AE235179D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{17617E92-9F53-4952-BC48-61B8F19BAA21}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
    "{1B227F08-3AEC-4095-98F1-78986A0E1B92}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{22DAED2E-FEB9-4AEB-9362-CA7E76970C1F}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
    "{2C75EC78-8E9D-4362-B395-E9E4803E155C}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "{2E534934-CAA8-4028-82FD-71832277D6DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{2F7A59A3-4F98-41A6-8F34-B480FF969622}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{323B1323-6FC3-40EB-A89B-8E805A0FC87B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{32EAF1AC-22BE-4957-BB18-099853DB63D4}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
    "{3641BF07-3901-41B8-A4E0-58886C15AFB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{369CDF84-D63C-4E8E-8AD4-9A86190F0E02}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "{3876ECD4-219A-45CD-BBD5-82EC417271FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{394415A7-07BB-49DC-868B-D180F10E2EF3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{4CD53191-AD24-4AD4-9CA7-F2B6955BDA27}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{544A7DD7-490F-40B0-8820-971D010FC834}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{555D34B5-3347-4A20-95ED-84D0BE635AAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{563EEF4F-A508-4785-83BF-760389EAA25C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{61738CD6-FC36-41CB-B709-4BD25EB3C3D2}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
    "{62FFEDCE-05DF-41CC-9C05-4DB7EC7DE455}" = protocol=6 | dir=out | app=system |
    "{64C536B4-B0A0-4CF7-89BA-D037E68E603A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{663A0F16-22D5-4BD2-A95D-B3CD68014774}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
    "{674C2C64-5971-4AB9-8773-073F2B60D788}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{7E9CAB2A-B830-46F8-95E6-84348A5B5F47}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{9D0F9872-5643-4AD8-9159-47FF5C8033ED}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
    "{9E087F0B-ED58-4045-903D-937769515C23}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{A30E6465-F130-41C6-BB90-566D073B94BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{A61869E1-3B72-48B0-B156-8BC7D752F0ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{A77724A4-49F9-42A7-81A5-55603B5A25E0}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{B02C9B01-D473-47F3-9A3C-5AF194EC7CF6}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
    "{B1BF1AEC-D1F6-4C33-8A07-2B55B3D33ABF}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
    "{B3C40D28-5371-43D0-87D5-5FB5E972115A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{B9F2F5AF-0F9C-4E6F-8A7D-3E39F33120F9}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
    "{BCDAC4CC-7E23-4057-BE61-9568D195EFB2}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "{C8C7406F-CF58-43CF-9EC9-D71A7AD9FBBE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{D1F89755-BBFD-4ED4-B19D-C229270CD2F2}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
    "{D29D99CF-1149-472F-B74F-762473154C57}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{D4E07281-2605-4AEC-BEB3-6DCC88E45A8B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{DD4D781C-8725-49E3-A036-73BC561CCB20}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{E2CCD906-9A67-43D0-A1D9-B1020DE77053}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{E90C99C1-5D90-49EE-9F81-0CE8C232F955}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
    "{F1ACF600-3DB9-4C4F-8BF6-4028B5CC8BFF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{F909A62A-83F2-44BF-9CE6-010242A50F26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{FDFB033B-BBBF-44C2-A749-983482366D5F}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
    "TCP Query User{68F4C27F-A5AC-4AAB-81F5-99625D9EAA36}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "TCP Query User{86D64ABC-A24A-4851-87C8-E1FF5343ECD7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
    "TCP Query User{B302ED8B-58AA-4E3B-8C0D-5A6A741FFDC2}C:\program files\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
    "TCP Query User{C649AA91-2549-4264-B99B-D941349FDED3}C:\program files\coffeecup software\free ftp\freeftp.exe" = protocol=6 | dir=in | app=c:\program files\coffeecup software\free ftp\freeftp.exe |
    "UDP Query User{040F1D44-0C64-462B-A4A0-AB340DCD5CCA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{11D71841-DC6D-40CB-B6E0-E70B65DB85CF}C:\program files\coffeecup software\free ftp\freeftp.exe" = protocol=17 | dir=in | app=c:\program files\coffeecup software\free ftp\freeftp.exe |
    "UDP Query User{268221DB-C890-4C50-90B8-0BB0976F0657}C:\program files\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
    "UDP Query User{73F93AC2-3B08-4070-BCE7-ECE18B954C1B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:8a96e2d378]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00010413-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack
    "{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld
    "{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}" = Nokia Ovi Player
    "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
    "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
    "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
    "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
    "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
    "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
    "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
    "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
    "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
    "{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
    "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 29
    "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
    "{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
    "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
    "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
    "{3832FA99-2EDD-41E0-94AD-FBF9FABAFEF9}" = Atheros WLAN Client
    "{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite DCP-145C
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
    "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.0
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
    "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
    "{55CCA8B6-977B-4CAC-8762-68394171E4AB}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    "{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}" = PC Connectivity Solution
    "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
    "{646611D4-D403-4E4A-AC9D-CB9F51A2A61C}" = Bluesoleil 5.4.245.0
    "{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
    "{6669B6EE-2335-49FA-BDEF-4D3419AAFF68}" = Microsoft SQL Server Native Client
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{68CAE442-579C-4D84-AA5F-253852522ED5}" = PCTroubleshooting
    "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
    "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
    "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
    "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
    "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
    "{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
    "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
    "{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
    "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
    "{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
    "{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
    "{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
    "{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
    "{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
    "{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
    "{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
    "{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{90535871-81B9-4D99-8A13-A7EE97F2D7FE}" = Sitecom Bluetooth Software
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
    "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95120000-0122-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
    "{A3752427-9AAA-4B1C-B428-01723E0E9FFA}" = 2x1/4x1 USB Peripheral Switch
    "{A4879FAF-1A81-4189-91FB-9D2109EB49B4}" = MovieTracer
    "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
    "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business-verbindingsonderdelen
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}" = BatteryLifeExtender
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Nederlands
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
    "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
    "{AF88496B-4BBA-4922-97E9-2582D3A28358}" = Nokia Connectivity Cable Driver
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
    "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "{B96DB037-DBEA-4186-9081-9CBD537F82E8}" = 3D-Viewer-innoplus
    "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
    "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
    "{cd4c80be-63bf-48c0-b95b-b3d8b3d97739}" = Business Contact Manager voor Outlook 2007 SP2
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
    "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech-webcamsoftware
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
    "{D820BECD-97D3-4942-B6CF-1B670CA7690C}" = ABN AMRO e.dentifier2 software
    "{D836006A-10F3-4069-B4FF-1A78D2B70234}" = Microsoft SQL Server Setup-ondersteuningsbestanden (Engels)
    "{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
    "{E4423F16-0E98-4855-BFF4-3EF016C55D67}" = Nokia_Multimedia_Common_Components_2_5
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E7E84E23-C5C0-4B15-B13A-C63149E59C98}" = AVG 2012
    "{E8E5ED05-E8CE-4313-A18C-49723394E0C9}" = Microsoft SQL Server VSS Writer
    "{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
    "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
    "{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
    "{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
    "{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
    "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
    "504244733D18C8F63FF584AEB290E3904E791693" = Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    "6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-stuurprogrammapakket - Nokia Modem (10/07/2010 4.6)
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "AVG" = AVG 2012
    "Business Contact Manager" = Business Contact Manager voor Outlook 2007 SP2
    "CCleaner" = CCleaner
    "CoffeeCup Free FTP 4.3.2" = CoffeeCup Free FTP
    "E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-stuurprogrammapakket - Nokia Modem (06/09/2010 7.01.0.8)
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "ImgBurn" = ImgBurn
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
    "InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
    "Logitech Vid" = Logitech Vid HD
    "MAGIX Foto Manager 9 NL" = MAGIX Foto Manager 9
    "MAGIX Screenshare NL" = MAGIX Screenshare
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.60.1.1000
    "Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
    "Microsoft SQL Server 2005" = Microsoft SQL Server 2005
    "Mobile Partner" = Mobile Partner
    "Nokia PC Suite" = Nokia PC Suite
    "Nokia Suite" = Nokia Suite
    "PROHYBRIDR" = 2007 Microsoft Office system
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TomTom HOME" = TomTom HOME 2.8.3.2499
    "VLC media player" = VLC media player 1.1.11
    "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
    "WinLiveSuite" = Windows Live Essentials

    ========== HKEY_USERS Uninstall List ==========[/color:8a96e2d378]

    [HKEY_USERS\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Ovi Maps 3D browser plugin for Internet Explorer" = Ovi Maps 3D browser plugin for Internet Explorer (5.3.0.0)

    ========== Last 10 Event Log Errors ==========[/color:8a96e2d378]

    [ Application Events ]
    Error - 9-3-2012 20:23:22 | Computer Name = beheerder1 | Source = Windows Search Service | ID = 3013
    Description =

    Error - 9-3-2012 20:23:22 | Computer Name = beheerder1 | Source = Windows Search Service | ID = 3013
    Description =

    Error - 9-3-2012 20:23:22 | Computer Name = beheerder1 | Source = Windows Search Service | ID = 3013
    Description =

    Error - 9-3-2012 20:23:22 | Computer Name = beheerder1 | Source = Windows Search Service | ID = 3013
    Description =

    Error - 9-3-2012 20:23:22 | Computer Name = beheerder1 | Source = Windows Search Service | ID = 3013
    Description =

    Error - 9-3-2012 20:23:22 | Computer Name = beheerder1 | Source = Windows Search Service | ID = 3013
    Description =

    Error - 10-3-2012 7:13:12 | Computer Name = beheerder1 | Source = WinMgmt | ID = 10
    Description =

    Error - 11-3-2012 2:04:55 | Computer Name = beheerder1 | Source = WinMgmt | ID = 10
    Description =

    Error - 11-3-2012 2:06:48 | Computer Name = beheerder1 | Source = Application Hang | ID = 1002
    Description = Programma iexplore.exe, versie 9.0.8112.16421 reageert niet meer op
    Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem
    beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en
    -oplossingen in het Configuratiescherm controleren. Proces-id: 1438 Starttijd: 01ccff4cf67a47dd
    Eindtijd:
    7

    Error - 11-3-2012 5:13:25 | Computer Name = beheerder1 | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 10-3-2012 7:13:12 | Computer Name = beheerder1 | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10-3-2012 7:16:12 | Computer Name = beheerder1 | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
    Description =

    Error - 11-3-2012 2:04:56 | Computer Name = beheerder1 | Source = Service Control Manager | ID = 7000
    Description =

    Error - 11-3-2012 2:06:07 | Computer Name = beheerder1 | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
    Description =

    Error - 11-3-2012 5:13:39 | Computer Name = beheerder1 | Source = Service Control Manager | ID = 7000
    Description =

    Error - 11-3-2012 5:14:12 | Computer Name = beheerder1 | Source = Service Control Manager | ID = 7009
    Description =

    Error - 11-3-2012 5:14:12 | Computer Name = beheerder1 | Source = Service Control Manager | ID = 7000
    Description =

    Error - 11-3-2012 5:14:42 | Computer Name = beheerder1 | Source = Service Control Manager | ID = 7009
    Description =

    Error - 11-3-2012 5:14:42 | Computer Name = beheerder1 | Source = Service Control Manager | ID = 7000
    Description =

    Error - 11-3-2012 5:15:39 | Computer Name = beheerder1 | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
    Description =


    < End of report >
  • Er is iets weggevallen bij OTL-log.

    Graag het hoofdlog nogmaals posten, maar dan geheel!
  • OTL logfile created on: 11-3-2012 10:20:28 - Run 1
    OTL by OldTimer - Version 3.2.36.3 Folder = C:\Users\beheerder\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    2,93 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 57,77% Memory free
    6,07 Gb Paging File | 4,13 Gb Available in Paging File | 68,12% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 142,09 Gb Total Space | 68,09 Gb Free Space | 47,92% Space Free | Partition Type: NTFS
    Drive D: | 143,00 Gb Total Space | 43,57 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

    Computer Name: BEHEERDER1 | User Name: beheerder | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:9bc2d5f9cf]

    PRC - [2012-03-11 10:17:08 | 000,594,944 | —- | M] (OldTimer Tools) – C:\Users\beheerder\Desktop\OTL.com
    PRC - [2012-01-24 17:24:26 | 002,416,480 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgtray.exe
    PRC - [2012-01-23 05:43:08 | 000,247,728 | —- | M] (TomTom) – C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2012-01-23 05:43:08 | 000,092,592 | —- | M] (TomTom) – C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2012-01-18 07:44:52 | 000,450,848 | —- | M] (Logitech Inc.) – C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
    PRC - [2012-01-15 14:54:07 | 000,909,152 | —- | M] () – C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
    PRC - [2012-01-15 14:54:06 | 000,939,872 | —- | M] () – C:\Program Files\AVG Secure Search\vprot.exe
    PRC - [2012-01-03 14:10:42 | 000,063,928 | —- | M] (Adobe Systems Incorporated) – C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011-11-28 01:19:04 | 001,229,664 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgnsx.exe
    PRC - [2011-11-11 14:08:06 | 000,205,336 | —- | M] (Logitech Inc.) – C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    PRC - [2011-11-11 14:07:54 | 000,265,240 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    PRC - [2011-11-01 15:40:04 | 001,053,056 | —- | M] (Nokia) – C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
    PRC - [2011-10-27 10:34:30 | 000,718,384 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    PRC - [2011-10-27 10:33:58 | 000,173,104 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    PRC - [2011-10-27 10:33:40 | 000,126,512 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    PRC - [2011-10-27 10:33:32 | 000,148,016 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    PRC - [2011-10-27 10:33:14 | 000,151,088 | —- | M] (Nokia) – C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
    PRC - [2011-10-12 06:25:22 | 004,433,248 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    PRC - [2011-09-08 20:53:26 | 000,743,264 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgrsx.exe
    PRC - [2011-08-15 06:21:40 | 000,337,760 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    PRC - [2011-08-12 12:19:40 | 000,680,984 | —- | M] () – C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    PRC - [2011-08-02 06:09:08 | 000,192,776 | —- | M] (AVG Technologies CZ, s.r.o.) – C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    PRC - [2011-06-14 16:42:26 | 001,540,096 | —- | M] (Nokia) – C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
    PRC - [2010-10-29 21:06:08 | 005,915,480 | —- | M] (Logitech Inc.) – C:\Program Files\Logitech\Vid HD\Vid.exe
    PRC - [2010-04-20 13:26:44 | 000,300,912 | —- | M] () – C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
    PRC - [2009-11-03 10:11:48 | 000,114,688 | —- | M] () – C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe
    PRC - [2009-10-24 02:18:54 | 000,360,224 | —- | M] (Sony Corporation) – C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
    PRC - [2009-08-27 17:09:10 | 001,253,376 | —- | M] (MAGIX AG) – C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
    PRC - [2009-05-28 07:06:56 | 000,548,864 | —- | M] (Samsung Electronics Co., Ltd.) – C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
    PRC - [2009-05-15 07:47:58 | 000,692,224 | —- | M] (Samsung Electronics Co., Ltd.) – C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    PRC - [2009-04-11 07:27:36 | 002,926,592 | —- | M] (Microsoft Corporation) – C:\Windows\explorer.exe
    PRC - [2009-01-13 13:36:02 | 000,837,120 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
    PRC - [2009-01-13 13:36:00 | 000,279,552 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
    PRC - [2009-01-07 18:53:22 | 000,098,407 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
    PRC - [2008-12-10 08:07:52 | 000,352,256 | —- | M] (SAMSUNG Electronics co., LTD.) – C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
    PRC - [2008-08-26 01:59:54 | 000,045,056 | —- | M] (Samsung Electronics Co., Ltd.) – C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
    PRC - [2008-01-16 09:16:44 | 000,030,312 | —- | M] (Microsoft Corporation) – C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    PRC - [2004-10-01 15:12:18 | 000,565,309 | —- | M] (Broadcom Corporation) – C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe
    PRC - [2004-10-01 15:06:34 | 000,163,840 | —- | M] (Broadcom Corporation) – C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe


    ========== Modules (No Company Name) ==========[/color:9bc2d5f9cf]

    MOD - [2012-01-15 14:54:06 | 000,939,872 | —- | M] () – C:\Program Files\AVG Secure Search\vprot.exe
    MOD - [2011-11-11 14:09:20 | 000,336,408 | —- | M] () – C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
    MOD - [2011-11-11 14:07:54 | 000,265,240 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    MOD - [2011-11-01 23:26:32 | 000,087,912 | —- | M] () – C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011-11-01 23:26:12 | 001,242,472 | —- | M] () – C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011-11-01 15:42:14 | 000,392,064 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
    MOD - [2011-11-01 15:42:12 | 000,058,240 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\securestorage.dll
    MOD - [2011-11-01 15:42:08 | 000,095,104 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\qjson.dll
    MOD - [2011-11-01 15:42:06 | 000,272,768 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\phonon4.dll
    MOD - [2011-11-01 15:41:38 | 000,165,248 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll
    MOD - [2011-11-01 15:41:36 | 000,384,896 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QxtCore.dll
    MOD - [2011-11-01 15:41:34 | 002,557,312 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
    MOD - [2011-11-01 15:41:32 | 000,346,496 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
    MOD - [2011-11-01 15:41:30 | 010,843,520 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
    MOD - [2011-11-01 15:41:24 | 000,196,480 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
    MOD - [2011-11-01 15:41:22 | 001,294,208 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
    MOD - [2011-11-01 15:41:20 | 000,682,880 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
    MOD - [2011-11-01 15:41:18 | 000,919,936 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
    MOD - [2011-11-01 15:41:16 | 000,517,504 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
    MOD - [2011-11-01 15:41:14 | 008,172,928 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
    MOD - [2011-11-01 15:41:12 | 002,252,672 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
    MOD - [2011-11-01 15:41:10 | 002,288,512 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
    MOD - [2011-11-01 15:41:06 | 000,422,272 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
    MOD - [2011-11-01 15:40:56 | 000,202,624 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
    MOD - [2011-11-01 15:40:54 | 000,034,688 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
    MOD - [2011-11-01 15:40:52 | 000,032,640 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
    MOD - [2011-11-01 15:40:08 | 000,388,480 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll
    MOD - [2011-11-01 15:40:00 | 000,438,144 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\NService.dll
    MOD - [2011-11-01 15:39:36 | 001,041,792 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll
    MOD - [2011-11-01 15:39:06 | 000,740,736 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
    MOD - [2011-11-01 14:57:42 | 000,112,640 | —- | M] () – C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
    MOD - [2011-08-12 12:19:40 | 000,680,984 | —- | M] () – C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    MOD - [2011-08-12 12:18:56 | 000,342,552 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
    MOD - [2011-08-12 12:18:56 | 000,128,536 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
    MOD - [2011-08-12 12:18:56 | 000,029,208 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
    MOD - [2011-08-12 12:18:54 | 007,956,504 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
    MOD - [2011-08-12 12:18:54 | 002,145,304 | —- | M] () – C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
    MOD - [2010-10-29 21:02:38 | 000,751,616 | —- | M] () – C:\Program Files\Logitech\Vid HD\vpxmd.dll
    MOD - [2010-10-29 21:01:30 | 000,027,472 | —- | M] () – C:\Program Files\Logitech\Vid HD\SDL.dll
    MOD - [2010-04-20 13:26:44 | 000,300,912 | —- | M] () – C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
    MOD - [2010-04-16 13:11:02 | 000,155,648 | —- | M] () – C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
    MOD - [2009-04-22 22:53:56 | 000,969,040 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
    MOD - [2009-04-10 00:04:56 | 002,141,008 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtCore4.dll
    MOD - [2009-03-03 23:18:08 | 000,138,064 | —- | M] () – C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
    MOD - [2009-03-03 23:18:06 | 000,035,152 | —- | M] () – C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
    MOD - [2009-03-03 23:18:06 | 000,029,008 | —- | M] () – C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
    MOD - [2009-03-03 23:17:46 | 011,311,952 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
    MOD - [2009-03-03 23:17:46 | 000,363,856 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtXml4.dll
    MOD - [2009-03-03 23:17:44 | 000,200,016 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtSql4.dll
    MOD - [2009-03-03 23:17:40 | 000,475,472 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
    MOD - [2009-03-03 23:17:38 | 007,704,400 | —- | M] () – C:\Program Files\Logitech\Vid HD\QtGui4.dll
    MOD - [2009-03-03 23:17:32 | 000,291,664 | —- | M] () – C:\Program Files\Logitech\Vid HD\phonon4.dll
    MOD - [2009-01-13 13:36:00 | 000,279,552 | —- | M] () – C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
    MOD - [2009-01-13 10:33:12 | 000,106,595 | —- | M] () – C:\Windows\System32\Bs2Res.dll
    MOD - [2009-01-07 18:55:00 | 000,622,693 | —- | M] () – C:\Windows\System32\BSShell.dll
    MOD - [2009-01-07 18:52:16 | 000,122,976 | —- | M] () – C:\Windows\System32\BsMobileSDK.dll
    MOD - [2008-03-07 12:54:22 | 017,907,824 | —- | M] () – C:\Windows\System32\BsLangInDepRes.dll
    MOD - [2006-08-12 04:48:40 | 000,049,152 | —- | M] () – C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
    MOD - [2006-08-12 04:48:40 | 000,049,152 | —- | M] () – C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll
    MOD - [2006-08-12 04:48:40 | 000,049,152 | —- | M] () – C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
    MOD - [2004-10-01 15:13:12 | 000,053,248 | —- | M] () – C:\Program Files\Sitecom\Bluetooth Software\BTKeyInd.dll


    ========== Win32 Services (SafeList) ==========[/color:9bc2d5f9cf]

    SRV - [2012-01-23 05:43:08 | 000,092,592 | —- | M] (TomTom) [Auto | Running] – C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe – (TomTomHOMEService)
    SRV - [2012-01-18 07:44:52 | 000,450,848 | —- | M] (Logitech Inc.) [Auto | Running] – C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe – (UMVPFSrv)
    SRV - [2012-01-15 14:54:07 | 000,909,152 | —- | M] () [Auto | Running] – C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe – (vToolbarUpdater)
    SRV - [2012-01-03 14:10:42 | 000,063,928 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
    SRV - [2011-10-27 10:34:30 | 000,718,384 | —- | M] (Nokia) [On_Demand | Running] – C:\Program Files\PC Connectivity Solution\ServiceLayer.exe – (ServiceLayer)
    SRV - [2011-10-12 06:25:22 | 004,433,248 | —- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] – C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe – (AVGIDSAgent)
    SRV - [2011-08-02 06:09:08 | 000,192,776 | —- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] – C:\Program Files\AVG\AVG2012\avgwdsvc.exe – (avgwd)
    SRV - [2009-11-03 10:11:48 | 000,114,688 | —- | M] () [Auto | Running] – C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe – (MSR Service)
    SRV - [2009-10-24 02:18:54 | 000,360,224 | —- | M] (Sony Corporation) [Auto | Running] – C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe – (PMBDeviceInfoProvider)
    SRV - [2009-08-27 17:09:10 | 001,253,376 | —- | M] (MAGIX AG) [Auto | Running] – C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe – (Fabs)
    SRV - [2009-01-13 13:36:02 | 000,837,120 | —- | M] () [Auto | Running] – C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe – (BlueSoleilCS)
    SRV - [2009-01-07 18:53:22 | 000,098,407 | —- | M] () [On_Demand | Running] – C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe – (BsHelpCS)
    SRV - [2008-08-07 11:10:02 | 003,276,800 | —- | M] (MAGIX®) [On_Demand | Stopped] – C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe – (FirebirdServerMAGIXInstance)
    SRV - [2008-01-16 09:16:44 | 000,030,312 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe – (BcmSqlStartupSvc)
    SRV - [2004-10-01 15:06:34 | 000,163,840 | —- | M] (Broadcom Corporation) [Auto | Running] – C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe – (btwdins)


    ========== Driver Services (SafeList) ==========[/color:9bc2d5f9cf]

    DRV - File not found [Kernel | On_Demand | Stopped] – – (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] – – (catchme)
    DRV - [2012-01-18 07:44:52 | 004,332,960 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lvuvc.sys – (LVUVC) Logitech Webcam C210(UVC)
    DRV - [2012-01-18 07:44:28 | 000,312,096 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\lvrs.sys – (LVRS)
    DRV - [2011-10-07 06:23:48 | 000,230,608 | —- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] – C:\Windows\System32\drivers\avgldx86.sys – (Avgldx86)
    DRV - [2011-10-04 06:21:16 | 000,016,720 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\AVGIDSShim.sys – (AVGIDSShim)
    DRV - [2011-09-13 06:30:10 | 000,032,592 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] – C:\Windows\system32\DRIVERS\avgrkx86.sys – (Avgrkx86)
    DRV - [2011-08-17 12:56:32 | 000,008,192 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbser_lowerfltj.sys – (UsbserFilt)
    DRV - [2011-08-17 12:56:30 | 000,008,192 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\usbser_lowerflt.sys – (upperdev)
    DRV - [2011-08-17 12:56:26 | 000,023,168 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ccdcmbo.sys – (nmwcdc)
    DRV - [2011-08-17 12:56:22 | 000,018,176 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ccdcmb.sys – (nmwcd)
    DRV - [2011-08-08 06:08:58 | 000,040,016 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] – C:\Windows\System32\drivers\avgmfx86.sys – (Avgmfx86)
    DRV - [2011-07-11 01:14:38 | 000,295,248 | —- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] – C:\Windows\System32\drivers\avgtdix.sys – (Avgtdix)
    DRV - [2011-07-11 01:14:02 | 000,024,272 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\AVGIDSFilter.sys – (AVGIDSFilter)
    DRV - [2011-07-11 01:14:00 | 000,023,120 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] – C:\Windows\system32\DRIVERS\AVGIDSEH.Sys – (AVGIDSEH)
    DRV - [2011-07-11 01:13:58 | 000,134,736 | —- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\AVGIDSDriver.sys – (AVGIDSDriver)
    DRV - [2009-12-17 16:02:20 | 001,203,712 | —- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\athr.sys – (athr)
    DRV - [2009-06-22 19:38:24 | 000,102,912 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ewusbmdm.sys – (hwdatacard)
    DRV - [2009-06-22 19:26:06 | 000,100,736 | —- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\ewusbdev.sys – (hwusbdev)
    DRV - [2009-05-04 15:35:00 | 000,163,328 | —- | M] (Realtek ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\Rtlh86.sys – (RTL8169)
    DRV - [2009-01-08 01:20:04 | 000,031,880 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\VCommMgr.sys – (VcommMgr)
    DRV - [2009-01-07 22:39:36 | 000,020,744 | —- | M] (IVT Corporation.) [Kernel | Boot | Running] – C:\Windows\System32\Drivers\BtHidBus.sys – (BtHidBus)
    DRV - [2009-01-03 15:40:12 | 000,039,304 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btcusb.sys – (Btcsrusb)
    DRV - [2008-12-07 11:44:54 | 000,030,088 | —- | M] () [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\btnetBus.sys – (btnetBUs)
    DRV - [2008-12-07 11:44:50 | 000,017,928 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\btnetdrv.sys – (BT)
    DRV - [2008-08-26 10:26:12 | 000,018,816 | —- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\pccsmcfd.sys – (pccsmcfd)
    DRV - [2008-07-02 13:58:48 | 000,026,248 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\IvtBtBus.sys – (IvtBtBUs)
    DRV - [2008-03-20 03:35:56 | 000,023,040 | —- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\aabed2.sys – (e.dentifier2)
    DRV - [2008-01-21 18:27:50 | 000,014,856 | —- | M] (IVT Corporation.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\VComm.sys – (VComm)
    DRV - [2008-01-21 03:32:45 | 002,225,664 | —- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\NETw3v32.sys – (NETw3v32) Intel(R)
    DRV - [2006-12-05 10:34:42 | 000,507,136 | —- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\PFC027.SYS – (PAC207)
    DRV - [2006-11-14 01:11:54 | 000,013,312 | —- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] – C:\Windows\System32\drivers\KMDFMEMIO.sys – (KMDFMEMIO)
    DRV - [2006-11-02 08:41:50 | 000,983,552 | —- | M] (Agere Systems) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\AGRSM.sys – (AgereSoftModem)
    DRV - [2006-11-02 08:30:53 | 000,045,056 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\bcm4sbxp.sys – (bcm4sbxp)
    DRV - [2005-01-31 10:20:04 | 000,211,712 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\LV561AV.SYS – (PID_0928) Logitech QuickCam Express(PID_0928)
    DRV - [2005-01-31 10:12:46 | 000,022,016 | —- | M] (Logitech Inc.) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\LVUSBSta.sys – (LVUSBSta)
    DRV - [2004-10-01 14:50:26 | 000,023,271 | —- | M] (Broadcom Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\btserial.sys – (BTSERIAL)
    DRV - [2004-10-01 14:50:20 | 000,222,876 | —- | M] (Broadcom Corporation) [Kernel | Auto | Running] – C:\Windows\System32\drivers\btslbcsp.sys – (BTSLBCSP)
    DRV - [2004-10-01 14:48:30 | 001,241,482 | —- | M] (Broadcom Corporation) [Kernel | Boot | Running] – C:\Windows\system32\drivers\btkrnl.sys – (BTKRNL)
    DRV - [2004-10-01 14:43:44 | 000,054,488 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\btwusb.sys – (BTWUSB)


    ========== Standard Registry (SafeList) ==========[/color:9bc2d5f9cf]


    ========== Internet Explorer ==========[/color:9bc2d5f9cf]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{882F15F8-2E2C-4390-97BA-CE3075702076}: "URL" = http://downloads.phpnuke.org/nl/index.php?rvs=google
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2102399


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_nl
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9D36EC7C-0D34-4F6C-8EE1-36E91E6E8418}&mid=7ccbdc14738147d69f4dd159265498df-a5ffb712878c353380133c18cf3775fed8c8d307&lang=nl&ds=AVG&pr=fr&d=2011-11-29 20:14:12&v=10.0.0.7&sap=dsp&q={searchTerms}
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========[/color:9bc2d5f9cf]

    FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
    FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2

    FF - HKLM\Software\MozillaPlugins\@ABNAMRO/BECON,version=1.00: C:\Program Files\ABN AMRO e.dentifier2\Mozilla
    pBECON.dll (ABN AMRO)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director
    p32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins
    pitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\innoplus\3D-Viewer-innoPlus
    pIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin
    ew_plugin
    pjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins
    ppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins
    prpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-01 10:42:36 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011-11-26 13:35:58 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012-01-15 14:54:11 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011-11-26 13:36:01 | 000,000,000 | —D | M]

    [2010-11-27 13:40:36 | 000,000,000 | —D | M] (No name found) – C:\Users\beheerder\AppData\Roaming\mozilla\Extensions
    [2010-11-27 13:40:36 | 000,000,000 | —D | M] (No name found) – C:\Users\beheerder\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
    [2012-03-02 16:30:50 | 000,000,000 | —D | M] (Map status indicator) – C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM

    O1 HOSTS File: ([2011-01-21 15:29:39 | 000,000,027 | —- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
    O3 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
    O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
    O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
    O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [] File not found
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
    O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
    O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm ()
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com
    esource/download/scanner/nl-nl/wlscctrl2.cab (Windows Live OneCare safety scanner control)
    O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} http://www.navigram.com/engine/v1026/Navigram.cab (Navigram Control)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7806D9FB-419E-49D2-8ABF-CD06414F48A2}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BF0D505-87A7-4FD5-A19C-66813A50DA05}: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\skype4com.dll (Skype Technologies)
    O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
    O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\System32\BTXPPanel.dll (Broadcom Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | —- | M] () - C:\autoexec.bat – [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync
    estart)
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O35 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..exefile [open] – "%1" %*
    O37 - HKLM\…com [@ = ComFile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*
    O37 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\…exe [@ = exefile] – "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========[/color:9bc2d5f9cf]

    [2012-03-11 10:17:55 | 000,594,944 | —- | C] (OldTimer Tools) – C:\Users\beheerder\Desktop\OTL.com
    [2012-03-11 10:10:27 | 000,000,000 | —D | C] – C:\Program Files\backups
    [2012-03-11 09:35:55 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012-03-11 09:35:53 | 000,020,464 | —- | C] (Malwarebytes Corporation) – C:\Windows\System32\drivers\mbam.sys
    [2012-03-11 09:35:53 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes' Anti-Malware
    [2012-03-11 09:18:50 | 000,388,608 | —- | C] (Trend Micro Inc.) – C:\Program Files\HijackThis.exe
    [2012-03-10 18:11:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{25272832-F3A5-42D9-8759-084D68EC7683}
    [2012-03-10 18:11:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0F7BD1B8-F436-4B97-9F01-31914D1B7A48}
    [2012-03-10 14:14:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C495001E-460E-4E02-9AF3-ED549646C91A}
    [2012-03-10 14:14:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{949A580D-25D5-46EA-B026-C02114F1D5CD}
    [2012-03-10 13:22:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{616F7C79-C3EA-4A6F-A0AC-BB97F2434D09}
    [2012-03-10 12:20:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F1103772-79C7-4F53-A4E4-421272CD8892}
    [2012-03-10 12:20:26 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{067BD554-2DFE-4CA2-AF9B-D77B69372256}
    [2012-03-10 12:17:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7A9B51B7-25D9-4EF4-8321-2965EAA9F601}
    [2012-03-10 12:17:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A77891E2-9A09-445A-9816-7A8ADD8FD9A0}
    [2012-03-09 22:17:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FCF2A1DD-9F46-4122-A6F5-8D8C5677FC35}
    [2012-03-09 22:17:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{674EA8A9-B7D8-42E1-8D24-FB426F3CC1E5}
    [2012-03-09 20:55:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AFA1E704-4100-4AC1-AC9D-D5BC53EA0A39}
    [2012-03-09 20:55:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E9C6F9EE-9EEA-463A-92EC-A76EE14064BA}
    [2012-03-09 19:19:31 | 000,213,640 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfehidk.sys
    [2012-03-09 19:19:31 | 000,130,424 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\Mpfp.sys
    [2012-03-09 19:19:31 | 000,079,304 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfeavfk.sys
    [2012-03-09 19:19:31 | 000,040,552 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfesmfk.sys
    [2012-03-09 19:19:31 | 000,035,272 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfebopk.sys
    [2012-03-09 19:19:31 | 000,034,216 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mferkdk.sys
    [2012-03-09 13:53:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CDD0A1D2-B55C-48AD-A04A-0936696B177F}
    [2012-03-09 13:52:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{835C2E95-0138-4D13-8264-F9AF574272CC}
    [2012-03-09 13:47:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8DCBEB48-B2F8-45DB-A4BA-D08528B1AC37}
    [2012-03-09 13:46:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5B9E8D5C-5FD6-40E6-AC66-048DAA32D1A8}
    [2012-03-09 12:58:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{67E3A528-B2FB-410A-92C1-A2946007D725}
    [2012-03-09 12:57:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{92D885BC-6DF0-450A-A48D-80140A650CAC}
    [2012-03-09 12:48:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7D777AA5-0B90-4594-BF60-A2E0AAFA200B}
    [2012-03-09 12:48:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE2651D1-735C-4E49-AAF9-CB87BCD55636}
    [2012-03-09 11:28:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D362E7E7-C601-44A5-AF50-2E3ACE6814A8}
    [2012-03-09 11:28:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E91EB1A5-BDEF-4C81-8BE2-84B3B770952E}
    [2012-03-09 10:38:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9CB9825A-CCD1-4A10-9FBB-1B1B7DA6FAEA}
    [2012-03-09 10:37:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0CC54677-8C63-4AE8-B4C1-EF050C2CABCC}
    [2012-03-08 23:29:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F1DAE921-F81F-4CE1-B581-44A196598A31}
    [2012-03-08 23:29:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59401D54-7C13-4420-9A31-334E5BF7E01A}
    [2012-03-08 20:30:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{927E6BAE-371C-4F76-BE34-3A5DEE65F46F}
    [2012-03-08 20:30:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{305B497A-F720-440A-8B35-9BDDD0F9C66B}
    [2012-03-08 19:51:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1E5B4A3C-8E38-4369-90DD-AB0F3FE3A569}
    [2012-03-08 19:51:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B42CFFE7-81B4-4177-A488-D6F8747D84D1}
    [2012-03-08 19:21:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F6BE485D-5DF5-47BD-AE4D-4613C7075516}
    [2012-03-08 19:21:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{88A6E4AD-EA87-49C4-95DE-A7AEB8D04F0E}
    [2012-03-08 18:41:26 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{BD202943-6487-4A1D-BEC7-4F7284650E29}
    [2012-03-08 18:40:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2F81ED96-A8A2-42EE-A3EB-A62584768A94}
    [2012-03-08 13:55:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0DA0A806-7C08-442A-81CF-0EA765B0AE7F}
    [2012-03-08 13:55:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE964D24-201D-4911-BDA2-03C80A8EC1E4}
    [2012-03-08 13:16:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{09835AF4-EDDB-429D-9AFB-BEE0555E7A32}
    [2012-03-08 13:16:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C855205A-2FA1-4036-A677-88C4865E746F}
    [2012-03-08 13:09:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9AF71FC1-0B9D-4AEE-A329-35202F5CDC62}
    [2012-03-08 13:08:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D81C2DEA-EC3D-463C-8B73-60AB6566B32D}
    [2012-03-08 12:29:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7669A81A-E158-4D97-B145-2FF01F332BA1}
    [2012-03-08 12:29:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8B070D49-89B0-4CDD-AFB8-C29202246F49}
    [2012-03-08 10:40:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A3BC74F0-AA86-4820-B535-655206AA9CD2}
    [2012-03-08 10:39:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2CF25D37-03C4-41BD-ADDA-CD9F5B752D85}
    [2012-03-07 23:15:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C6C9B701-426C-4033-8DE0-4B214DEFCA3F}
    [2012-03-07 23:15:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{16A9D638-C7FC-4897-8A6C-08D1D09FFC94}
    [2012-03-07 23:15:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{43048A9F-E9BD-49AB-A278-D7439D264CE0}
    [2012-03-07 23:15:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{82399C23-7267-4C57-B5B1-A9C9F8BB0692}
    [2012-03-07 22:17:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{834DD644-55D3-4503-BB84-A2E6BF93C5B6}
    [2012-03-07 21:55:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D9D17EA5-646D-42A9-AACC-F63AA92B7610}
    [2012-03-07 21:55:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0F008228-3499-4E4B-A64F-28ACC99DCFCF}
    [2012-03-07 18:16:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{96BB5626-EA94-40EB-8A71-CB56B92E5095}
    [2012-03-07 18:16:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7D2A06A2-C59C-4639-B300-7BC39B94BE2E}
    [2012-03-07 17:10:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{977A9CC4-1D88-4D32-A134-D2F88A7E9CD3}
    [2012-03-07 17:10:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2AA080EF-1E08-47D6-8512-C4BA15A75AF6}
    [2012-03-07 17:04:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CF863570-6F1F-465B-B426-1CD2F99F2025}
    [2012-03-07 17:03:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CB5AF8E2-F97B-4210-8D49-6019BAAF0308}
    [2012-03-07 17:03:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C38DF318-FFE5-4D74-AECF-76FBC18DC101}
    [2012-03-07 16:40:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{61EC2407-1DFB-4880-9085-E5D98AC81254}
    [2012-03-07 16:39:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{09FB019B-11F7-47DB-8870-9B1294C83DF0}
    [2012-03-07 10:55:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0BBBAB99-86EE-4A00-814F-76764952EEBE}
    [2012-03-07 10:55:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3FD8EF89-BDC4-4D29-9340-96CDD6F4D0C7}
    [2012-03-07 00:06:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B2CDD9AE-123D-4925-AB34-525F46407512}
    [2012-03-07 00:05:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FAA7A997-01A3-4BAF-B8D2-BB0FF3C82D3A}
    [2012-03-06 21:10:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3CB81A2E-0F73-4EB2-9471-48B9A1C7719C}
    [2012-03-06 21:10:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9BC60530-471C-466B-8041-DE5AAE7014CC}
    [2012-03-06 20:01:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{63A1191A-CD25-4FE6-906B-9DF9F8736ACB}
    [2012-03-06 20:00:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{89BB88DC-EBBD-4C28-BF89-353B2A3327B1}
    [2012-03-06 14:11:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EA6F9147-EBF7-4139-BFF0-7AFD2BC469B2}
    [2012-03-06 14:11:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{DBB11865-6801-49A3-98CE-8E6A5F6ED26E}
    [2012-03-06 12:08:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B3E89E10-B845-4B85-92BA-6EAA9B206D23}
    [2012-03-06 12:08:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CFB7FE3D-EE48-4D6A-AC49-7612099F6128}
    [2012-03-06 12:07:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00AA128F-78B9-4E41-AE16-49E8EF68E322}
    [2012-03-06 12:07:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{216D0E91-8391-4C37-92AE-AF7BC4725C17}
    [2012-03-06 10:01:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{26003F88-F3F6-424B-AD7B-8E7C2D0A854E}
    [2012-03-06 10:00:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{51594273-EDF3-4C87-BA1F-848C4B28BFDB}
    [2012-03-06 09:01:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AC61B50A-C5D2-4951-9EF9-B88C6B2C500A}
    [2012-03-06 09:01:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AE50E7CE-F30D-4C21-B96D-062FF2B49670}
    [2012-03-05 23:37:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CD1408E5-EDA3-4AC1-A301-DF8BCB661372}
    [2012-03-05 23:37:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8FFFABF5-EDA4-48D1-A571-F2887B058B06}
    [2012-03-05 23:28:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C583644D-1E57-4815-B5A9-A8955AD0061B}
    [2012-03-05 23:27:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5C23E93E-2781-44C0-A424-03286BF2473C}
    [2012-03-05 20:52:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{ACB6ACF1-D969-408E-8E3E-0721A995CE94}
    [2012-03-05 20:52:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{05DD12B4-B982-49F8-8A1A-1EC08C7A2FFA}
    [2012-03-05 17:19:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B983B63E-BD29-42F4-9EF2-D4AEAD7F9E13}
    [2012-03-05 17:19:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{97FF9C8E-5904-47BE-B603-74DADBFE35A6}
    [2012-03-05 13:06:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E69E7682-22B3-488C-BC41-67CAD45667A4}
    [2012-03-05 13:06:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B5792C82-7075-4F5A-B33E-816CFBA7878F}
    [2012-03-05 12:55:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C1CBF9C8-B0EF-4B20-900F-56445892F26D}
    [2012-03-05 12:55:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{910CE8EF-5E18-4F95-A185-8A041D20ECEC}
    [2012-03-05 12:44:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1EBBD953-BE0F-4387-B823-C1046A7C67C1}
    [2012-03-05 12:44:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FE39F697-8843-4A73-91AA-E97C72438466}
    [2012-03-05 11:57:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C8F30DED-5D5D-4A0F-AC26-D0400BDE7342}
    [2012-03-05 11:57:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37B4DE7C-6D79-4A7B-8C18-704ADF30FDD6}
    [2012-03-05 11:28:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{64EF48ED-6671-4EA1-8409-1012A384D1B1}
    [2012-03-05 11:28:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2971A6D8-82EF-43C8-A26C-C319D5843B3A}
    [2012-03-05 08:56:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{60EA503D-992A-4F4A-AB3C-0794CA573BB0}
    [2012-03-05 08:56:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{488ED906-A05C-434C-A780-9157205FD286}
    [2012-03-04 19:32:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{45FB87F4-61BB-4D5B-BC9A-821D5D8D383C}
    [2012-03-04 19:32:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CC07CB92-D0ED-49D5-9F32-DEF1DD6D2ECC}
    [2012-03-04 17:10:02 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{34C02B65-D8EE-4D7E-A3EE-1D9B3AE92F28}
    [2012-03-04 16:30:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AC45AEF2-EF6B-4D98-A939-8338B3EE1F84}
    [2012-03-04 16:30:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E7B45F18-F9C8-4CEE-AE16-A2FBE9C60308}
    [2012-03-04 09:45:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EAB19944-A9C9-42DC-89EC-6B02B00FE0F6}
    [2012-03-04 09:44:53 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{49C56FB3-300C-4D2D-B545-1B190ED5C654}
    [2012-03-04 09:37:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{47265DD9-C65A-4027-885C-E4A14E4A31CC}
    [2012-03-04 09:37:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A2740F8C-52DB-46B9-ADA3-437D6DD0B22B}
    [2012-03-04 09:36:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C0B7C08A-BB1F-43DA-90CF-C13BCD3089E4}
    [2012-03-04 09:36:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D85057BD-02A0-45BB-95DA-D9D6E48913DC}
    [2012-03-04 09:33:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C682C7B-3BB0-4BB4-8B77-4B69AABFB07B}
    [2012-03-04 09:33:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{34D8269A-2FF3-43A1-BF82-AE6CEA0D92E1}
    [2012-03-04 00:06:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EC68489B-8261-456D-A9FB-090867F31B47}
    [2012-03-04 00:06:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{10C9D44C-07A6-448E-B5C6-5B6D36219CDE}
    [2012-03-03 15:02:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{285B4CC2-CCA1-41CE-8DBE-A8E654879839}
    [2012-03-03 15:02:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A86AB0A1-2789-49BC-B2A1-9A0362201020}
    [2012-03-03 13:57:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{357ED63F-AB5D-4053-96B7-DA89001BA57F}
    [2012-03-03 13:57:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{27CF30A4-7509-4E9B-B0A9-7041AC6458E5}
    [2012-03-03 13:11:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59720F6D-AE5A-4512-9052-73234F5895EB}
    [2012-03-03 13:11:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F8FEFA25-E092-4C18-9FAB-9E6CCB398036}
    [2012-03-03 00:17:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6D076397-C2A0-49A8-8065-BE41D4971E84}
    [2012-03-03 00:17:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{03CA70CB-BF76-4543-934A-55A36CE155CE}
    [2012-03-02 21:52:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D90D6520-D13F-4D73-924D-C88BB6E58E64}
    [2012-03-02 21:52:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4D5A74B2-6570-46EC-A5B4-59D0C4B5E66F}
    [2012-03-02 16:30:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FA36239D-9352-42D6-BA9B-56765E6C7FDF}
    [2012-03-02 16:29:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B0D37998-ACB2-4E8A-A22A-C3BD0D0EF618}
    [2012-03-02 14:52:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{054891E9-80CF-4416-9B2F-AFF1938594D7}
    [2012-03-02 13:46:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A4D98DCB-0EFA-4410-923E-BD4C21C7B8D5}
    [2012-03-02 13:46:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4CFFA3D-BFED-4059-B45B-7386DF3E41CB}
    [2012-03-02 12:59:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C83B74F7-E3D0-44BD-BB8C-CEA69727A521}
    [2012-03-02 12:59:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{57B9EEEC-86BF-42ED-A106-05023C15D155}
    [2012-03-01 23:59:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{213899AA-4DCB-4B84-91EB-19193346BC94}
    [2012-03-01 23:59:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{31D3ED46-A0C0-46D5-A6B7-BEFA95CB18B1}
    [2012-03-01 20:59:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4AFF116-8CC1-4025-9686-40B13E5E4CE5}
    [2012-03-01 20:58:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F7C83BD8-1CFE-4B87-A259-25F2198E31C2}
    [2012-03-01 20:58:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E0FC6AF7-B997-4E9A-B0BE-181F01CEA55D}
    [2012-03-01 20:57:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9873CBC1-B028-4879-8CCC-E597A6A0C4C8}
    [2012-03-01 20:57:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{552929E3-A16D-4DC0-8D21-06E7BE83A2D2}
    [2012-03-01 18:01:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6324A3B5-9B8C-418B-BDF8-6ADFCEBEB364}
    [2012-03-01 17:17:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4F1B64E7-F2D7-4323-B0D5-2907DEC96A6F}
    [2012-03-01 16:49:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8651BBE2-DE31-4CE1-AB79-A2E073235CEE}
    [2012-03-01 12:15:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{47254C15-82F3-471C-92D1-09A370ACFE59}
    [2012-03-01 12:15:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D93722B1-E270-4B8C-A6AB-46CD8748B3CA}
    [2012-02-29 22:20:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4890735-74FF-4CDF-AA24-7D4FF8069065}
    [2012-02-29 22:20:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{93A3EDC8-6C07-47DD-AAE9-C13AD6DA613D}
    [2012-02-29 17:55:12 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5640543F-82DA-4C9D-AE8B-9B5F5ADD6B96}
    [2012-02-29 17:55:02 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2025E4A9-94B7-403C-9A63-873642145C96}
    [2012-02-29 12:43:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{76567C85-0037-420B-94D9-8FBD5529943A}
    [2012-02-29 11:29:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B0B42491-7549-4747-A883-F9D82334EEB6}
    [2012-02-29 11:29:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{16018457-F943-47EA-A84E-E1E8C198A66F}
    [2012-02-28 20:45:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{838C89BF-9825-466E-ABF2-593E05E1318B}
    [2012-02-28 20:45:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D8A53951-1C6F-4EEA-B996-000821044080}
    [2012-02-28 14:06:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{27EACED6-EC0D-4DDF-AAE2-9DF658CC341F}
    [2012-02-28 13:00:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1399D856-B0C0-4309-8ACC-4EFF63D0FB5C}
    [2012-02-28 13:00:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37110F28-6191-48AF-B38E-4B01C5C5F6BA}
    [2012-02-28 12:19:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5CA81E01-7C6C-42A4-8265-B3CFE044A3B1}
    [2012-02-28 12:19:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B41B77C3-4EB3-48FC-8F3D-F63C68E32D26}
    [2012-02-28 00:29:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{86D3B414-A6D9-459D-85E7-635CC7BE3A19}
    [2012-02-28 00:29:25 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8A8A9C26-AEE8-49D0-90F2-E7343C9237B0}
    [2012-02-27 22:54:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37C3BE8D-30B8-48FB-A3B4-5D45C6F50431}
    [2012-02-27 22:53:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{518295F5-02BF-45EA-B2C4-22EC9C42246A}
    [2012-02-27 20:19:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{533DD14A-75C0-4CFD-9BD6-2F8399F08FE7}
    [2012-02-27 20:18:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B08BCB1D-EBEC-47E7-8607-F79BDD7B6AD8}
    [2012-02-27 17:51:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{318EFD78-D218-4872-8871-24282874DC8A}
    [2012-02-27 17:51:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{50C10642-68C2-410B-A3D8-F9D55E384841}
    [2012-02-27 11:13:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F6CFCE34-8ADA-44C1-9955-40144FDAC091}
    [2012-02-27 11:13:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1314BC7C-2816-470C-AC42-0060A08A9579}
    [2012-02-27 11:07:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C8D1CF4-5227-4EA8-8394-A985ACF95077}
    [2012-02-27 11:07:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6F4F0F78-5E02-4A32-84C4-BC1C0EE3BBA5}
    [2012-02-27 10:33:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{43BE6172-2069-4F6B-98CF-E1281682C446}
    [2012-02-27 10:33:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4B5727F2-AE91-430A-B1BE-BDF36A3C7EF0}
    [2012-02-26 22:31:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8344D692-6E9A-4697-A601-159955061AE7}
    [2012-02-26 20:27:25 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{84486FBD-0CEF-481C-BFE4-13EA24BAB9A4}
    [2012-02-26 20:27:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C057A6CF-6625-48E3-A7AC-85ACE206E00E}
    [2012-02-26 17:12:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{171EC639-177B-453B-B064-539D72EB3498}
    [2012-02-26 16:19:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3732E7A8-AF8E-4AA3-9135-79AD64404677}
    [2012-02-26 16:19:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FB33B338-B769-4A06-881C-6DF1E619E9A0}
    [2012-02-26 13:58:53 | 000,000,000 | —D | C] – C:\Users\beheerder\Documents\codes en wachtwoorden
    [2012-02-26 13:21:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EF0266C1-D053-4307-872C-6E6235B5907F}
    [2012-02-26 13:21:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8D044A20-E397-4E09-9587-01C7B8167DC0}
    [2012-02-26 13:18:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9DE504CE-7840-420C-B785-959AACD8142A}
    [2012-02-26 13:18:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{892FC4D9-4172-46F3-A5D8-4C875D37E36A}
    [2012-02-26 13:07:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C87FB88-CA9E-46AA-86D4-6DE3FC56F7AC}
    [2012-02-26 13:07:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C60095C4-C2AA-4685-8D3C-F0751160EB0A}
    [2012-02-26 13:05:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FA037894-FC13-4C77-BE3D-7A1BD78DC6C8}
    [2012-02-26 13:05:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE2C6E0F-1553-42CA-B6F4-6A4BBA28D8CB}
    [2012-02-26 13:04:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5BA43E6D-84C7-47EE-BC58-972F9127959E}
    [2012-02-26 12:07:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{94F0D724-94DD-4392-AD37-C28718478F56}
    [2012-02-26 12:07:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{52369848-8104-4A10-AEA8-47D6C754C7EF}
    [2012-02-26 12:00:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00FE4A30-7611-4D57-B8AC-25AB506DEA6A}
    [2012-02-26 12:00:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AB810350-A13C-4A20-A8AD-60665A9DD29B}
    [2012-02-26 00:49:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{92E76890-C56A-4112-9CF8-F45DB1FDBAF7}
    [2012-02-26 00:00:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D6CC543E-7AD8-47A3-95C1-98740A63A7B2}
    [2012-02-25 23:59:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D7B13702-930E-4A59-9902-58549ABEB2BA}
    [2012-02-25 23:26:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{906D99AF-B7E2-4349-8B2B-55650BB35EDD}
    [2012-02-25 23:25:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E576CB08-E9D2-46F1-88E0-E9160C77167D}
    [2012-02-25 17:13:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{208CDCCC-2D4F-4BC8-A566-12D12CA79E8A}
    [2012-02-25 17:13:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{368CFD6F-6CFC-4A28-A2C8-95A90D9D63AA}
    [2012-02-25 17:11:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{51BC7E2A-D855-4774-8A4E-68EE84FD2C42}
    [2012-02-25 17:11:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4BA05AC5-BAF3-4A22-8C27-24DBED19F5B2}
    [2012-02-25 13:33:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F250A87D-485C-4691-AB92-008D06C19895}
    [2012-02-25 13:33:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{070E5C4C-0F51-42E9-9745-6E2B24E52B41}
    [2012-02-25 13:05:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{30147645-6AE9-4A15-A1B9-72CB0FE7337C}
    [2012-02-25 13:05:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5761C24C-2CD5-4407-87ED-691E2E07D4BB}
    [2012-02-25 12:25:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1E6849AD-4567-4A50-8418-7B0C48305EEE}
    [2012-02-25 12:24:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F557DE4F-DC1D-4532-9DD6-E6A6D9FCBB37}
    [2012-02-24 23:47:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A38577E9-489B-426A-878A-FC3568096C7C}
    [2012-02-24 23:47:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{79A272E6-D57F-4561-A4E1-4583D31FEF78}
    [2012-02-24 17:44:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59D44DED-5592-432E-AE47-084A42A3110F}
    [2012-02-24 17:44:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{73924AAE-4932-48BB-8BA5-51C9903E6ECA}
    [2012-02-24 14:04:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{35698623-C667-498F-9F13-F76F6FA26585}
    [2012-02-24 14:04:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D15F9CCE-6DB3-47B9-BA0B-62C30C3C6E23}
    [2012-02-24 13:31:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5DC01DF8-64FE-479D-ABD9-3B25A1076148}
    [2012-02-24 13:31:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C1DF2BD-13B7-4A5A-A09E-B21837875865}
    [2012-02-24 12:54:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0CC01258-D330-4944-B195-F439D2CFDC3A}
    [2012-02-24 12:53:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{76258158-826E-4C72-B923-633B6AFCF975}
    [2012-02-24 11:43:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1CF97791-A70F-4C3E-8F9E-01B25B1ACECF}
    [2012-02-24 11:42:35 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{57B26E0D-BA66-4198-84B6-D281E8E96663}
    [2012-02-24 11:19:20 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{29A88673-3050-4782-B1B8-F2949F1F48AB}
    [2012-02-24 11:19:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE386DD1-B751-4B55-9B0D-0CEE1C32754C}
    [2012-02-23 22:21:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7F14E751-F638-4005-9BE1-69F34A0D474C}
    [2012-02-23 22:20:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{30BCEC3C-18EB-4DF5-A568-92ABF1119D16}
    [2012-02-23 21:40:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{23F725DD-9C09-4D99-83D9-AF8C7884C981}
    [2012-02-23 21:40:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{872B2AC8-BD4C-45A2-82B0-7202A6817C7E}
    [2012-02-23 20:31:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FE4533E0-3442-4290-8E2C-B93CBA851CB0}
    [2012-02-23 20:30:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{547C12F7-9F37-4544-A0EE-5F52966DB3D7}
    [2012-02-23 18:04:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D6E5A812-1E92-43E0-BF0F-2D4B73052937}
    [2012-02-23 18:04:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{11C6AB28-6B00-45D9-A66F-D2981F658622}
    [2012-02-23 13:41:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{22E7B14E-90B6-4139-8EC9-07F822694C2F}
    [2012-02-23 13:41:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C12FA68-B321-4939-9D6B-2E5A7252C7F0}
    [2012-02-23 10:00:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E35B5F2D-524D-448F-B3FE-34EE28222616}
    [2012-02-23 10:00:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1D3C6943-F98F-4CD4-B9B4-558D72DF4463}
    [2012-02-22 22:27:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5EEDCB8F-F426-4EDC-9746-6D4C9CF9EC5F}
  • ========== Files/Folders - Created Within 30 Days ==========[/color:c8d44bbd3b]

    [2012-03-11 10:17:55 | 000,594,944 | —- | C] (OldTimer Tools) – C:\Users\beheerder\Desktop\OTL.com
    [2012-03-11 10:10:27 | 000,000,000 | —D | C] – C:\Program Files\backups
    [2012-03-11 09:35:55 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012-03-11 09:35:53 | 000,020,464 | —- | C] (Malwarebytes Corporation) – C:\Windows\System32\drivers\mbam.sys
    [2012-03-11 09:35:53 | 000,000,000 | —D | C] – C:\Program Files\Malwarebytes' Anti-Malware
    [2012-03-11 09:18:50 | 000,388,608 | —- | C] (Trend Micro Inc.) – C:\Program Files\HijackThis.exe
    [2012-03-10 18:11:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{25272832-F3A5-42D9-8759-084D68EC7683}
    [2012-03-10 18:11:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0F7BD1B8-F436-4B97-9F01-31914D1B7A48}
    [2012-03-10 14:14:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C495001E-460E-4E02-9AF3-ED549646C91A}
    [2012-03-10 14:14:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{949A580D-25D5-46EA-B026-C02114F1D5CD}
    [2012-03-10 13:22:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{616F7C79-C3EA-4A6F-A0AC-BB97F2434D09}
    [2012-03-10 12:20:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F1103772-79C7-4F53-A4E4-421272CD8892}
    [2012-03-10 12:20:26 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{067BD554-2DFE-4CA2-AF9B-D77B69372256}
    [2012-03-10 12:17:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7A9B51B7-25D9-4EF4-8321-2965EAA9F601}
    [2012-03-10 12:17:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A77891E2-9A09-445A-9816-7A8ADD8FD9A0}
    [2012-03-09 22:17:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FCF2A1DD-9F46-4122-A6F5-8D8C5677FC35}
    [2012-03-09 22:17:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{674EA8A9-B7D8-42E1-8D24-FB426F3CC1E5}
    [2012-03-09 20:55:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AFA1E704-4100-4AC1-AC9D-D5BC53EA0A39}
    [2012-03-09 20:55:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E9C6F9EE-9EEA-463A-92EC-A76EE14064BA}
    [2012-03-09 19:19:31 | 000,213,640 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfehidk.sys
    [2012-03-09 19:19:31 | 000,130,424 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\Mpfp.sys
    [2012-03-09 19:19:31 | 000,079,304 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfeavfk.sys
    [2012-03-09 19:19:31 | 000,040,552 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfesmfk.sys
    [2012-03-09 19:19:31 | 000,035,272 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mfebopk.sys
    [2012-03-09 19:19:31 | 000,034,216 | —- | C] (McAfee, Inc.) – C:\Windows\System32\drivers\mferkdk.sys
    [2012-03-09 13:53:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CDD0A1D2-B55C-48AD-A04A-0936696B177F}
    [2012-03-09 13:52:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{835C2E95-0138-4D13-8264-F9AF574272CC}
    [2012-03-09 13:47:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8DCBEB48-B2F8-45DB-A4BA-D08528B1AC37}
    [2012-03-09 13:46:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5B9E8D5C-5FD6-40E6-AC66-048DAA32D1A8}
    [2012-03-09 12:58:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{67E3A528-B2FB-410A-92C1-A2946007D725}
    [2012-03-09 12:57:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{92D885BC-6DF0-450A-A48D-80140A650CAC}
    [2012-03-09 12:48:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7D777AA5-0B90-4594-BF60-A2E0AAFA200B}
    [2012-03-09 12:48:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE2651D1-735C-4E49-AAF9-CB87BCD55636}
    [2012-03-09 11:28:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D362E7E7-C601-44A5-AF50-2E3ACE6814A8}
    [2012-03-09 11:28:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E91EB1A5-BDEF-4C81-8BE2-84B3B770952E}
    [2012-03-09 10:38:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9CB9825A-CCD1-4A10-9FBB-1B1B7DA6FAEA}
    [2012-03-09 10:37:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0CC54677-8C63-4AE8-B4C1-EF050C2CABCC}
    [2012-03-08 23:29:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F1DAE921-F81F-4CE1-B581-44A196598A31}
    [2012-03-08 23:29:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59401D54-7C13-4420-9A31-334E5BF7E01A}
    [2012-03-08 20:30:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{927E6BAE-371C-4F76-BE34-3A5DEE65F46F}
    [2012-03-08 20:30:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{305B497A-F720-440A-8B35-9BDDD0F9C66B}
    [2012-03-08 19:51:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1E5B4A3C-8E38-4369-90DD-AB0F3FE3A569}
    [2012-03-08 19:51:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B42CFFE7-81B4-4177-A488-D6F8747D84D1}
    [2012-03-08 19:21:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F6BE485D-5DF5-47BD-AE4D-4613C7075516}
    [2012-03-08 19:21:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{88A6E4AD-EA87-49C4-95DE-A7AEB8D04F0E}
    [2012-03-08 18:41:26 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{BD202943-6487-4A1D-BEC7-4F7284650E29}
    [2012-03-08 18:40:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2F81ED96-A8A2-42EE-A3EB-A62584768A94}
    [2012-03-08 13:55:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0DA0A806-7C08-442A-81CF-0EA765B0AE7F}
    [2012-03-08 13:55:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE964D24-201D-4911-BDA2-03C80A8EC1E4}
    [2012-03-08 13:16:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{09835AF4-EDDB-429D-9AFB-BEE0555E7A32}
    [2012-03-08 13:16:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C855205A-2FA1-4036-A677-88C4865E746F}
    [2012-03-08 13:09:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9AF71FC1-0B9D-4AEE-A329-35202F5CDC62}
    [2012-03-08 13:08:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D81C2DEA-EC3D-463C-8B73-60AB6566B32D}
    [2012-03-08 12:29:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7669A81A-E158-4D97-B145-2FF01F332BA1}
    [2012-03-08 12:29:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8B070D49-89B0-4CDD-AFB8-C29202246F49}
    [2012-03-08 10:40:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A3BC74F0-AA86-4820-B535-655206AA9CD2}
    [2012-03-08 10:39:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2CF25D37-03C4-41BD-ADDA-CD9F5B752D85}
    [2012-03-07 23:15:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C6C9B701-426C-4033-8DE0-4B214DEFCA3F}
    [2012-03-07 23:15:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{16A9D638-C7FC-4897-8A6C-08D1D09FFC94}
    [2012-03-07 23:15:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{43048A9F-E9BD-49AB-A278-D7439D264CE0}
    [2012-03-07 23:15:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{82399C23-7267-4C57-B5B1-A9C9F8BB0692}
    [2012-03-07 22:17:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{834DD644-55D3-4503-BB84-A2E6BF93C5B6}
    [2012-03-07 21:55:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D9D17EA5-646D-42A9-AACC-F63AA92B7610}
    [2012-03-07 21:55:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0F008228-3499-4E4B-A64F-28ACC99DCFCF}
    [2012-03-07 18:16:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{96BB5626-EA94-40EB-8A71-CB56B92E5095}
    [2012-03-07 18:16:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7D2A06A2-C59C-4639-B300-7BC39B94BE2E}
    [2012-03-07 17:10:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{977A9CC4-1D88-4D32-A134-D2F88A7E9CD3}
    [2012-03-07 17:10:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2AA080EF-1E08-47D6-8512-C4BA15A75AF6}
    [2012-03-07 17:04:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CF863570-6F1F-465B-B426-1CD2F99F2025}
    [2012-03-07 17:03:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CB5AF8E2-F97B-4210-8D49-6019BAAF0308}
    [2012-03-07 17:03:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C38DF318-FFE5-4D74-AECF-76FBC18DC101}
    [2012-03-07 16:40:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{61EC2407-1DFB-4880-9085-E5D98AC81254}
    [2012-03-07 16:39:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{09FB019B-11F7-47DB-8870-9B1294C83DF0}
    [2012-03-07 10:55:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0BBBAB99-86EE-4A00-814F-76764952EEBE}
    [2012-03-07 10:55:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3FD8EF89-BDC4-4D29-9340-96CDD6F4D0C7}
    [2012-03-07 00:06:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B2CDD9AE-123D-4925-AB34-525F46407512}
    [2012-03-07 00:05:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FAA7A997-01A3-4BAF-B8D2-BB0FF3C82D3A}
    [2012-03-06 21:10:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3CB81A2E-0F73-4EB2-9471-48B9A1C7719C}
    [2012-03-06 21:10:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9BC60530-471C-466B-8041-DE5AAE7014CC}
    [2012-03-06 20:01:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{63A1191A-CD25-4FE6-906B-9DF9F8736ACB}
    [2012-03-06 20:00:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{89BB88DC-EBBD-4C28-BF89-353B2A3327B1}
    [2012-03-06 14:11:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EA6F9147-EBF7-4139-BFF0-7AFD2BC469B2}
    [2012-03-06 14:11:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{DBB11865-6801-49A3-98CE-8E6A5F6ED26E}
    [2012-03-06 12:08:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B3E89E10-B845-4B85-92BA-6EAA9B206D23}
    [2012-03-06 12:08:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CFB7FE3D-EE48-4D6A-AC49-7612099F6128}
    [2012-03-06 12:07:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00AA128F-78B9-4E41-AE16-49E8EF68E322}
    [2012-03-06 12:07:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{216D0E91-8391-4C37-92AE-AF7BC4725C17}
    [2012-03-06 10:01:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{26003F88-F3F6-424B-AD7B-8E7C2D0A854E}
    [2012-03-06 10:00:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{51594273-EDF3-4C87-BA1F-848C4B28BFDB}
    [2012-03-06 09:01:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AC61B50A-C5D2-4951-9EF9-B88C6B2C500A}
    [2012-03-06 09:01:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AE50E7CE-F30D-4C21-B96D-062FF2B49670}
    [2012-03-05 23:37:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CD1408E5-EDA3-4AC1-A301-DF8BCB661372}
    [2012-03-05 23:37:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8FFFABF5-EDA4-48D1-A571-F2887B058B06}
    [2012-03-05 23:28:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C583644D-1E57-4815-B5A9-A8955AD0061B}
    [2012-03-05 23:27:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5C23E93E-2781-44C0-A424-03286BF2473C}
    [2012-03-05 20:52:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{ACB6ACF1-D969-408E-8E3E-0721A995CE94}
    [2012-03-05 20:52:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{05DD12B4-B982-49F8-8A1A-1EC08C7A2FFA}
    [2012-03-05 17:19:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B983B63E-BD29-42F4-9EF2-D4AEAD7F9E13}
    [2012-03-05 17:19:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{97FF9C8E-5904-47BE-B603-74DADBFE35A6}
    [2012-03-05 13:06:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E69E7682-22B3-488C-BC41-67CAD45667A4}
    [2012-03-05 13:06:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B5792C82-7075-4F5A-B33E-816CFBA7878F}
    [2012-03-05 12:55:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C1CBF9C8-B0EF-4B20-900F-56445892F26D}
    [2012-03-05 12:55:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{910CE8EF-5E18-4F95-A185-8A041D20ECEC}
    [2012-03-05 12:44:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1EBBD953-BE0F-4387-B823-C1046A7C67C1}
    [2012-03-05 12:44:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FE39F697-8843-4A73-91AA-E97C72438466}
    [2012-03-05 11:57:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C8F30DED-5D5D-4A0F-AC26-D0400BDE7342}
    [2012-03-05 11:57:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37B4DE7C-6D79-4A7B-8C18-704ADF30FDD6}
    [2012-03-05 11:28:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{64EF48ED-6671-4EA1-8409-1012A384D1B1}
    [2012-03-05 11:28:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2971A6D8-82EF-43C8-A26C-C319D5843B3A}
    [2012-03-05 08:56:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{60EA503D-992A-4F4A-AB3C-0794CA573BB0}
    [2012-03-05 08:56:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{488ED906-A05C-434C-A780-9157205FD286}
    [2012-03-04 19:32:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{45FB87F4-61BB-4D5B-BC9A-821D5D8D383C}
    [2012-03-04 19:32:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CC07CB92-D0ED-49D5-9F32-DEF1DD6D2ECC}
    [2012-03-04 17:10:02 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{34C02B65-D8EE-4D7E-A3EE-1D9B3AE92F28}
    [2012-03-04 16:30:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AC45AEF2-EF6B-4D98-A939-8338B3EE1F84}
    [2012-03-04 16:30:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E7B45F18-F9C8-4CEE-AE16-A2FBE9C60308}
    [2012-03-04 09:45:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EAB19944-A9C9-42DC-89EC-6B02B00FE0F6}
    [2012-03-04 09:44:53 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{49C56FB3-300C-4D2D-B545-1B190ED5C654}
    [2012-03-04 09:37:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{47265DD9-C65A-4027-885C-E4A14E4A31CC}
    [2012-03-04 09:37:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A2740F8C-52DB-46B9-ADA3-437D6DD0B22B}
    [2012-03-04 09:36:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C0B7C08A-BB1F-43DA-90CF-C13BCD3089E4}
    [2012-03-04 09:36:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D85057BD-02A0-45BB-95DA-D9D6E48913DC}
    [2012-03-04 09:33:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C682C7B-3BB0-4BB4-8B77-4B69AABFB07B}
    [2012-03-04 09:33:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{34D8269A-2FF3-43A1-BF82-AE6CEA0D92E1}
    [2012-03-04 00:06:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EC68489B-8261-456D-A9FB-090867F31B47}
    [2012-03-04 00:06:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{10C9D44C-07A6-448E-B5C6-5B6D36219CDE}
    [2012-03-03 15:02:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{285B4CC2-CCA1-41CE-8DBE-A8E654879839}
    [2012-03-03 15:02:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A86AB0A1-2789-49BC-B2A1-9A0362201020}
    [2012-03-03 13:57:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{357ED63F-AB5D-4053-96B7-DA89001BA57F}
    [2012-03-03 13:57:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{27CF30A4-7509-4E9B-B0A9-7041AC6458E5}
    [2012-03-03 13:11:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59720F6D-AE5A-4512-9052-73234F5895EB}
    [2012-03-03 13:11:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F8FEFA25-E092-4C18-9FAB-9E6CCB398036}
    [2012-03-03 00:17:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6D076397-C2A0-49A8-8065-BE41D4971E84}
    [2012-03-03 00:17:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{03CA70CB-BF76-4543-934A-55A36CE155CE}
    [2012-03-02 21:52:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D90D6520-D13F-4D73-924D-C88BB6E58E64}
    [2012-03-02 21:52:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4D5A74B2-6570-46EC-A5B4-59D0C4B5E66F}
    [2012-03-02 16:30:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FA36239D-9352-42D6-BA9B-56765E6C7FDF}
    [2012-03-02 16:29:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B0D37998-ACB2-4E8A-A22A-C3BD0D0EF618}
    [2012-03-02 14:52:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{054891E9-80CF-4416-9B2F-AFF1938594D7}
    [2012-03-02 13:46:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A4D98DCB-0EFA-4410-923E-BD4C21C7B8D5}
    [2012-03-02 13:46:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4CFFA3D-BFED-4059-B45B-7386DF3E41CB}
    [2012-03-02 12:59:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C83B74F7-E3D0-44BD-BB8C-CEA69727A521}
    [2012-03-02 12:59:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{57B9EEEC-86BF-42ED-A106-05023C15D155}
    [2012-03-01 23:59:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{213899AA-4DCB-4B84-91EB-19193346BC94}
    [2012-03-01 23:59:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{31D3ED46-A0C0-46D5-A6B7-BEFA95CB18B1}
    [2012-03-01 20:59:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4AFF116-8CC1-4025-9686-40B13E5E4CE5}
    [2012-03-01 20:58:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F7C83BD8-1CFE-4B87-A259-25F2198E31C2}
    [2012-03-01 20:58:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E0FC6AF7-B997-4E9A-B0BE-181F01CEA55D}
    [2012-03-01 20:57:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9873CBC1-B028-4879-8CCC-E597A6A0C4C8}
    [2012-03-01 20:57:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{552929E3-A16D-4DC0-8D21-06E7BE83A2D2}
    [2012-03-01 18:01:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6324A3B5-9B8C-418B-BDF8-6ADFCEBEB364}
    [2012-03-01 17:17:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4F1B64E7-F2D7-4323-B0D5-2907DEC96A6F}
    [2012-03-01 16:49:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8651BBE2-DE31-4CE1-AB79-A2E073235CEE}
    [2012-03-01 12:15:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{47254C15-82F3-471C-92D1-09A370ACFE59}
    [2012-03-01 12:15:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D93722B1-E270-4B8C-A6AB-46CD8748B3CA}
    [2012-02-29 22:20:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D4890735-74FF-4CDF-AA24-7D4FF8069065}
    [2012-02-29 22:20:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{93A3EDC8-6C07-47DD-AAE9-C13AD6DA613D}
    [2012-02-29 17:55:12 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5640543F-82DA-4C9D-AE8B-9B5F5ADD6B96}
    [2012-02-29 17:55:02 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2025E4A9-94B7-403C-9A63-873642145C96}
    [2012-02-29 12:43:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{76567C85-0037-420B-94D9-8FBD5529943A}
    [2012-02-29 11:29:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B0B42491-7549-4747-A883-F9D82334EEB6}
    [2012-02-29 11:29:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{16018457-F943-47EA-A84E-E1E8C198A66F}
    [2012-02-28 20:45:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{838C89BF-9825-466E-ABF2-593E05E1318B}
    [2012-02-28 20:45:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D8A53951-1C6F-4EEA-B996-000821044080}
    [2012-02-28 14:06:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{27EACED6-EC0D-4DDF-AAE2-9DF658CC341F}
    [2012-02-28 13:00:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1399D856-B0C0-4309-8ACC-4EFF63D0FB5C}
    [2012-02-28 13:00:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37110F28-6191-48AF-B38E-4B01C5C5F6BA}
    [2012-02-28 12:19:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5CA81E01-7C6C-42A4-8265-B3CFE044A3B1}
    [2012-02-28 12:19:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B41B77C3-4EB3-48FC-8F3D-F63C68E32D26}
    [2012-02-28 00:29:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{86D3B414-A6D9-459D-85E7-635CC7BE3A19}
    [2012-02-28 00:29:25 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8A8A9C26-AEE8-49D0-90F2-E7343C9237B0}
    [2012-02-27 22:54:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{37C3BE8D-30B8-48FB-A3B4-5D45C6F50431}
    [2012-02-27 22:53:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{518295F5-02BF-45EA-B2C4-22EC9C42246A}
    [2012-02-27 20:19:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{533DD14A-75C0-4CFD-9BD6-2F8399F08FE7}
    [2012-02-27 20:18:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B08BCB1D-EBEC-47E7-8607-F79BDD7B6AD8}
    [2012-02-27 17:51:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{318EFD78-D218-4872-8871-24282874DC8A}
    [2012-02-27 17:51:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{50C10642-68C2-410B-A3D8-F9D55E384841}
    [2012-02-27 11:13:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F6CFCE34-8ADA-44C1-9955-40144FDAC091}
    [2012-02-27 11:13:14 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1314BC7C-2816-470C-AC42-0060A08A9579}
    [2012-02-27 11:07:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C8D1CF4-5227-4EA8-8394-A985ACF95077}
    [2012-02-27 11:07:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6F4F0F78-5E02-4A32-84C4-BC1C0EE3BBA5}
    [2012-02-27 10:33:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{43BE6172-2069-4F6B-98CF-E1281682C446}
    [2012-02-27 10:33:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4B5727F2-AE91-430A-B1BE-BDF36A3C7EF0}
    [2012-02-26 22:31:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8344D692-6E9A-4697-A601-159955061AE7}
    [2012-02-26 20:27:25 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{84486FBD-0CEF-481C-BFE4-13EA24BAB9A4}
    [2012-02-26 20:27:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C057A6CF-6625-48E3-A7AC-85ACE206E00E}
    [2012-02-26 17:12:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{171EC639-177B-453B-B064-539D72EB3498}
    [2012-02-26 16:19:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3732E7A8-AF8E-4AA3-9135-79AD64404677}
    [2012-02-26 16:19:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FB33B338-B769-4A06-881C-6DF1E619E9A0}
    [2012-02-26 13:58:53 | 000,000,000 | —D | C] – C:\Users\beheerder\Documents\codes en wachtwoorden
    [2012-02-26 13:21:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EF0266C1-D053-4307-872C-6E6235B5907F}
    [2012-02-26 13:21:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8D044A20-E397-4E09-9587-01C7B8167DC0}
    [2012-02-26 13:18:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9DE504CE-7840-420C-B785-959AACD8142A}
    [2012-02-26 13:18:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{892FC4D9-4172-46F3-A5D8-4C875D37E36A}
    [2012-02-26 13:07:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C87FB88-CA9E-46AA-86D4-6DE3FC56F7AC}
    [2012-02-26 13:07:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C60095C4-C2AA-4685-8D3C-F0751160EB0A}
    [2012-02-26 13:05:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FA037894-FC13-4C77-BE3D-7A1BD78DC6C8}
    [2012-02-26 13:05:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE2C6E0F-1553-42CA-B6F4-6A4BBA28D8CB}
    [2012-02-26 13:04:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5BA43E6D-84C7-47EE-BC58-972F9127959E}
    [2012-02-26 12:07:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{94F0D724-94DD-4392-AD37-C28718478F56}
    [2012-02-26 12:07:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{52369848-8104-4A10-AEA8-47D6C754C7EF}
    [2012-02-26 12:00:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00FE4A30-7611-4D57-B8AC-25AB506DEA6A}
    [2012-02-26 12:00:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AB810350-A13C-4A20-A8AD-60665A9DD29B}
    [2012-02-26 00:49:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{92E76890-C56A-4112-9CF8-F45DB1FDBAF7}
    [2012-02-26 00:00:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D6CC543E-7AD8-47A3-95C1-98740A63A7B2}
    [2012-02-25 23:59:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D7B13702-930E-4A59-9902-58549ABEB2BA}
    [2012-02-25 23:26:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{906D99AF-B7E2-4349-8B2B-55650BB35EDD}
    [2012-02-25 23:25:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E576CB08-E9D2-46F1-88E0-E9160C77167D}
    [2012-02-25 17:13:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{208CDCCC-2D4F-4BC8-A566-12D12CA79E8A}
    [2012-02-25 17:13:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{368CFD6F-6CFC-4A28-A2C8-95A90D9D63AA}
    [2012-02-25 17:11:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{51BC7E2A-D855-4774-8A4E-68EE84FD2C42}
    [2012-02-25 17:11:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4BA05AC5-BAF3-4A22-8C27-24DBED19F5B2}
    [2012-02-25 13:33:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F250A87D-485C-4691-AB92-008D06C19895}
    [2012-02-25 13:33:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{070E5C4C-0F51-42E9-9745-6E2B24E52B41}
    [2012-02-25 13:05:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{30147645-6AE9-4A15-A1B9-72CB0FE7337C}
    [2012-02-25 13:05:13 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5761C24C-2CD5-4407-87ED-691E2E07D4BB}
    [2012-02-25 12:25:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1E6849AD-4567-4A50-8418-7B0C48305EEE}
    [2012-02-25 12:24:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F557DE4F-DC1D-4532-9DD6-E6A6D9FCBB37}
    [2012-02-24 23:47:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A38577E9-489B-426A-878A-FC3568096C7C}
    [2012-02-24 23:47:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{79A272E6-D57F-4561-A4E1-4583D31FEF78}
    [2012-02-24 17:44:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{59D44DED-5592-432E-AE47-084A42A3110F}
    [2012-02-24 17:44:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{73924AAE-4932-48BB-8BA5-51C9903E6ECA}
    [2012-02-24 14:04:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{35698623-C667-498F-9F13-F76F6FA26585}
    [2012-02-24 14:04:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D15F9CCE-6DB3-47B9-BA0B-62C30C3C6E23}
    [2012-02-24 13:31:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5DC01DF8-64FE-479D-ABD9-3B25A1076148}
    [2012-02-24 13:31:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C1DF2BD-13B7-4A5A-A09E-B21837875865}
    [2012-02-24 12:54:43 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0CC01258-D330-4944-B195-F439D2CFDC3A}
    [2012-02-24 12:53:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{76258158-826E-4C72-B923-633B6AFCF975}
    [2012-02-24 11:43:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1CF97791-A70F-4C3E-8F9E-01B25B1ACECF}
    [2012-02-24 11:42:35 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{57B26E0D-BA66-4198-84B6-D281E8E96663}
    [2012-02-24 11:19:20 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{29A88673-3050-4782-B1B8-F2949F1F48AB}
    [2012-02-24 11:19:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EE386DD1-B751-4B55-9B0D-0CEE1C32754C}
    [2012-02-23 22:21:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7F14E751-F638-4005-9BE1-69F34A0D474C}
    [2012-02-23 22:20:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{30BCEC3C-18EB-4DF5-A568-92ABF1119D16}
    [2012-02-23 21:40:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{23F725DD-9C09-4D99-83D9-AF8C7884C981}
    [2012-02-23 21:40:07 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{872B2AC8-BD4C-45A2-82B0-7202A6817C7E}
    [2012-02-23 20:31:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FE4533E0-3442-4290-8E2C-B93CBA851CB0}
    [2012-02-23 20:30:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{547C12F7-9F37-4544-A0EE-5F52966DB3D7}
    [2012-02-23 18:04:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D6E5A812-1E92-43E0-BF0F-2D4B73052937}
    [2012-02-23 18:04:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{11C6AB28-6B00-45D9-A66F-D2981F658622}
    [2012-02-23 13:41:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{22E7B14E-90B6-4139-8EC9-07F822694C2F}
    [2012-02-23 13:41:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6C12FA68-B321-4939-9D6B-2E5A7252C7F0}
    [2012-02-23 10:00:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E35B5F2D-524D-448F-B3FE-34EE28222616}
    [2012-02-23 10:00:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1D3C6943-F98F-4CD4-B9B4-558D72DF4463}
    [2012-02-22 22:27:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5EEDCB8F-F426-4EDC-9746-6D4C9CF9EC5F}
    [2012-02-22 22:27:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F1E118BE-D695-44D5-A769-87831816ACDF}
    [2012-02-22 18:54:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B5425D43-FD9E-48A5-A168-472681E8DDEC}
    [2012-02-22 18:49:20 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{811A5F01-3D2B-4A03-BF37-6E8199F0515E}
    [2012-02-22 18:49:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{061BAA8B-8999-4F4C-BC10-C3260F1802EA}
    [2012-02-22 18:13:27 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6F719C5B-EEFB-44A3-87D7-70BE306D6966}
    [2012-02-22 18:13:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1B574872-BE56-4EE4-85E0-BC0415277FDB}
    [2012-02-22 11:22:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FC14CE92-C5BC-4901-984A-50062BA2D6E3}
    [2012-02-22 11:22:36 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D56C8CD2-FC83-4D4C-A83F-C73604458779}
    [2012-02-22 10:46:52 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3241E67C-6419-48C9-BEC2-0008EA2E73FD}
    [2012-02-22 10:46:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F378A921-883C-49EF-B401-D9A918C7CDD4}
    [2012-02-21 23:54:35 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{BCC9DFEC-C011-4BAE-8FEC-47A3082A6C15}
    [2012-02-21 23:54:25 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D9216ABB-CBAD-4669-89D8-65A79FBA4799}
    [2012-02-21 20:05:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1A5558CA-A3BC-4068-AF15-F314DD2CC456}
    [2012-02-21 20:05:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8A220F8B-5B31-4EC0-93A3-EA1F04202A4E}
    [2012-02-21 13:22:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A8D29B0E-535C-489A-9075-39D5DC91FC16}
    [2012-02-21 13:22:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{08750581-1D95-4500-9E50-B9C7BF7C5DF0}
    [2012-02-21 12:42:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B4A36E0F-126A-48AC-A2C6-9B18D2183EAB}
    [2012-02-21 12:42:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C8B624F1-284A-4AE2-8800-AE683431453A}
    [2012-02-21 12:13:20 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{BF33D322-B3CD-4288-95C5-67A46E8BA9EC}
    [2012-02-21 12:13:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{73934AA3-7763-4400-A3B9-A32E064575F9}
    [2012-02-21 09:29:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A979BEF4-0D1A-416D-A01B-FE3BB8D983B4}
    [2012-02-21 09:28:57 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8523DCE3-B712-4EC3-BFDD-C9FC87FA854A}
    [2012-02-21 09:06:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C22C77E7-E66C-465C-B4A0-695D2C2B1152}
    [2012-02-21 09:06:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{21C5FE87-96A4-4DE4-AB1A-C229BDA21519}
    [2012-02-20 22:36:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{02EC839B-68EC-4EC8-A915-13BC3DD5180C}
    [2012-02-20 22:35:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3DCBFBCD-FF1F-4604-8EC8-912D32BDE984}
    [2012-02-20 20:07:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2B215803-6C92-4632-8047-2F4EA4EB0D2D}
    [2012-02-20 20:07:17 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0F60A293-5589-46CD-A473-705A7D5970D8}
    [2012-02-20 17:24:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6982B55D-BF8B-418E-926E-C012365FDE31}
    [2012-02-20 17:23:53 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EA9AD0B9-079F-4234-A141-0F966A5D0769}
    [2012-02-20 13:57:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00B5DF19-D943-42F1-B1B4-87690C283ABB}
    [2012-02-20 13:57:20 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{755E5AF5-77A0-43C6-A6FC-21AAF5B4DEBB}
    [2012-02-20 13:00:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CA9124DC-3D40-48E3-868D-1D4A0C91E181}
    [2012-02-20 13:00:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{73A86248-C285-4904-A006-72891FBCC3F2}
    [2012-02-20 11:04:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5EA21D9E-F4AE-48C7-97F0-9780C52818DB}
    [2012-02-20 11:04:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{23BAAE88-05A4-486F-98D2-140A8CBC48DA}
    [2012-02-20 10:29:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{494E6BC5-5312-408E-BC97-A930AF865177}
    [2012-02-20 10:28:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0509DDCB-0AAD-40FD-AE15-0F57CC5BFEC9}
    [2012-02-19 22:36:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{DA202AE1-BC4E-4A3B-B32C-B4A37D5B183B}
    [2012-02-19 22:36:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D7874254-7F10-437E-B00A-4BA5D4224443}
    [2012-02-19 20:16:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{FB39A077-3044-444F-BB1F-AD55D989BF2D}
    [2012-02-19 20:15:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E481B9AD-C80F-467A-9C31-B0EF229E9F99}
    [2012-02-19 09:39:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C80B09F-40D8-41DF-8938-E71C33D6CE5D}
    [2012-02-19 09:38:59 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7B750BD6-EAF5-4B67-B151-A4DB16FB1E04}
    [2012-02-18 20:06:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{71AE88A7-34F4-49ED-A923-850610A78F83}
    [2012-02-18 20:05:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{50096037-4259-4918-8EAF-C072658E8309}
    [2012-02-18 11:25:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F08EAA04-0604-4A04-9604-E4238369A233}
    [2012-02-18 11:24:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{99E741B2-D909-45FF-86E0-E10D4A32F63C}
    [2012-02-17 20:13:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2826B43B-9192-4F72-BE9A-059B0FF76DA5}
    [2012-02-17 20:13:48 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{85A73854-4F65-4177-ABA7-88D2558FC7F0}
    [2012-02-17 13:21:51 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1BBA908F-830C-4B61-8354-A452B610968A}
    [2012-02-17 13:21:41 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EA0F73DD-9867-4D35-9948-8A30A6C8DFBB}
    [2012-02-17 12:17:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{58A68C2A-95CC-4BAC-97E7-ADA116162FDF}
    [2012-02-17 12:17:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{87DD4934-C17B-4AF8-B6CD-BD9D8588057D}
    [2012-02-17 10:39:55 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C67409B4-68FE-4220-8D47-37417B5DF9D4}
    [2012-02-17 10:39:46 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B88634FE-86DE-42AA-8858-E461C95C88BF}
    [2012-02-16 23:13:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0C1389B5-8519-4EC9-A75A-B8ADD9FE7361}
    [2012-02-16 23:13:00 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3CE9FE63-6DDF-4E33-B079-832DE8E1C1C7}
    [2012-02-16 21:11:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{377F8F1E-8A72-4E9D-AC99-E60445515D0B}
    [2012-02-16 21:11:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{0826D10B-8A9D-484C-970B-D0BA2E1B7125}
    [2012-02-16 17:59:05 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5A27F5B5-2FDF-499C-9DFA-BAA01E36CADA}
    [2012-02-16 17:58:55 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{45E304C5-DE03-4240-947B-6C4BD1507446}
    [2012-02-16 10:56:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F069A1B3-491D-45F3-9606-B519D03683F2}
    [2012-02-16 10:56:29 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{32AA9F73-EB3F-43BE-9A90-5AF9A1F44A23}
    [2012-02-16 10:40:35 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{438277F4-86A1-4EFD-91C0-79242F925486}
    [2012-02-16 10:40:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8E6C4FDC-11F9-45AD-A3D0-B4AAFCBDF2DE}
    [2012-02-15 22:51:53 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7EFC8C08-61A8-44A0-83AA-F5B91E4803D3}
    [2012-02-15 22:51:44 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{46AB578C-DBF5-46E2-9A4B-0C6B4B7D1F8A}
    [2012-02-15 17:51:33 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4082400F-B74C-46B5-A640-BAAB4A4D8A60}
    [2012-02-15 17:51:23 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4BFD30AF-81F9-4FC9-9E83-E40BC89888C9}
    [2012-02-15 12:43:08 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6A418514-DF1F-4572-9475-57443945B535}
    [2012-02-15 10:26:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E1B1F855-5631-4459-BFBC-C34AE54E452B}
    [2012-02-15 10:06:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2563F692-7CAB-4A38-B133-BCCCB2E1883A}
    [2012-02-15 10:06:22 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{BE9BD3CA-414B-4BCC-99A1-22E83CE430FA}
    [2012-02-14 20:39:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D34DE6C7-1B52-4F1E-B81F-9E4749F6CF8A}
    [2012-02-14 18:26:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4BA9C85C-4A24-489C-BF7F-D39E4C464AC8}
    [2012-02-14 18:26:35 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{8D09F877-06DF-43A5-A5C2-CF96AA4E8D7E}
    [2012-02-14 14:01:26 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4ED3E56E-145A-4413-B8A3-8C4E654CD942}
    [2012-02-14 14:01:01 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{AFA81228-AA65-4DCB-B167-999D95BF0130}
    [2012-02-14 13:49:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{018C7F4D-F7C7-48B7-9923-221E9355E574}
    [2012-02-14 13:49:30 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{16E991AE-BCF6-4F10-90C0-7922B215D93A}
    [2012-02-14 12:51:12 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{590B0C1E-B2FE-4FD9-BE9A-90B8FA63D990}
    [2012-02-14 12:51:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{3587CD2B-187B-4B60-8318-5D449698BE9C}
    [2012-02-14 01:14:31 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F2FB0CE1-AE29-4637-AB13-950C3BAFA70B}
    [2012-02-14 01:14:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1C91016A-E7D4-4ED0-8A9D-B7994E1DBC84}
    [2012-02-14 01:07:38 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{46917D46-892C-4150-8C27-1C9BD9B0C123}
    [2012-02-14 01:07:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9078FE83-D989-4E83-97E1-58C91FE29340}
    [2012-02-13 21:08:16 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6BD73584-F138-4076-9F8E-2194815B57BF}
    [2012-02-13 21:08:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F41DACA0-B80E-4893-9E32-1D0F3458C930}
    [2012-02-13 19:41:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{61F32C1F-BE2D-4586-ABAC-E8B0F5B03BBD}
    [2012-02-13 19:41:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{C672B7AA-13FE-409C-BC2A-4730B351287C}
    [2012-02-13 18:51:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{45F89D54-3754-4CC8-82EF-040748ECB417}
    [2012-02-13 18:50:34 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1FB9B2D2-0D04-492B-98A6-6A0B4DAA96AE}
    [2012-02-13 17:11:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{250EB79F-4A82-40F5-9362-CEB79E25C265}
    [2012-02-13 17:10:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1F7847EC-DC53-430E-984B-E05EB6AAC1CD}
    [2012-02-13 13:28:28 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5467551E-82B8-4B12-B473-35DCCB6AE07D}
    [2012-02-13 13:28:18 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{028EA5DD-8E55-4A69-99C1-584508139A41}
    [2012-02-12 21:45:50 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{B08E6314-B268-4C20-8BA3-0B03A7F506F4}
    [2012-02-12 21:45:40 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{176D14CB-3F45-4173-9051-1DDEB9C8395C}
    [2012-02-12 16:50:19 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1FAD0ED3-E0B6-469B-83D0-96670918D9A8}
    [2012-02-12 16:50:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{276FC48C-DD1A-44BD-A078-7FBAA1E2A5FE}
    [2012-02-12 16:19:24 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6D412D90-D7C2-448C-AA5E-6F0182F4FB70}
    [2012-02-12 16:19:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6F9D8226-DF2B-4A9F-BED7-90A0F864136C}
    [2012-02-12 15:13:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{52077C10-A474-40E4-875F-FB74E08C5ADE}
    [2012-02-12 15:13:37 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{936AAE17-B65F-4D13-9923-63EF45FCE894}
    [2012-02-12 13:24:42 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{2A1682C8-3034-4C9C-9949-A6AC059BFB0A}
    [2012-02-12 13:24:32 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{69EDA47B-78FD-43D8-BE05-67F7F71BBCF2}
    [2012-02-12 00:35:03 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1EDE9B90-C8D9-4506-AA0E-CE731FE459CD}
    [2012-02-12 00:34:54 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E191796A-AB43-446E-8E5C-1FADC340779C}
    [2012-02-11 20:17:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{EFD0A3A7-C941-401F-88A5-0D35756018B3}
    [2012-02-11 20:17:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{5E7A38D2-00AA-4630-9503-77F91BDE9552}
    [2012-02-11 20:15:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{CB545380-546E-4D8F-9828-81433034D734}
    [2012-02-11 20:15:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{BEB07302-A3DE-43D8-B1D2-627322143CF0}
    [2012-02-11 19:42:49 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{E705A01A-D81D-489B-B644-C500F2D6CE5A}
    [2012-02-11 19:42:39 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{D2EFBB71-C3FA-4F28-AD96-9B55965939F8}
    [2012-02-11 17:02:15 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{550A38EA-73CC-4A23-8923-1DE9D1A4FAB6}
    [2012-02-11 17:02:06 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7B444FB9-0670-41E2-9967-C9F24F4285E3}
    [2012-02-11 14:18:20 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{A694812E-39CF-4365-95BD-335384A4BB49}
    [2012-02-11 14:18:11 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{41CF4443-2F18-454A-98D0-C17C4DEC11D5}
    [2012-02-11 13:45:21 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1B84D5E9-3455-40F4-9138-621FFDFA665B}
    [2012-02-11 13:45:10 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{744EEB8D-F5E6-48C7-B412-11222297A382}
    [2012-02-11 12:28:04 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{7F9875F0-5DC5-4D57-9801-8958A7DB58DF}
    [2012-02-11 12:27:53 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{ABA73995-F125-4B7F-9E5A-F3AA2BCB8DF2}
    [2012-02-10 22:44:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{00C10C1D-BFB6-4AF7-934D-31A1159F3A94}
    [2012-02-10 22:43:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{177D9C43-8627-447C-8CD6-5B2E628D439F}
    [2012-02-10 12:39:09 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{F3E4B0DF-9DDB-494C-A0C6-217FE508C81C}
    [2012-02-10 12:38:58 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{1B1C6E8F-3FED-437B-AB38-85F5AA14B8F6}
    [2012-02-10 11:07:45 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{232209D0-D969-41E8-87E2-4D20C3AA5F40}
    [2012-02-10 11:07:35 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{4ED5212C-A580-4BE6-9DCA-1D76CAF4778F}
    [2012-02-10 10:42:56 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{6E4414AD-8AB6-4774-B355-41B9D5828ED6}
    [2012-02-10 10:42:47 | 000,000,000 | —D | C] – C:\Users\beheerder\AppData\Local\{9DC7E50C-F53F-4DF6-BBBF-07A07A5D9B13}
    [2 C:\Users\beheerder\*.tmp files -> C:\Users\beheerder\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========[/color:c8d44bbd3b]

    [2012-03-11 10:17:08 | 000,594,944 | —- | M] (OldTimer Tools) – C:\Users\beheerder\Desktop\OTL.com
    [2012-03-11 10:12:24 | 000,004,535 | —- | M] () – C:\Windows\System32\LOCALSERVICE.INI
    [2012-03-11 10:12:12 | 000,065,536 | —- | M] () – C:\Windows\System32\Ikeext.etl
    [2012-03-11 10:12:12 | 000,001,143 | —- | M] () – C:\Windows\System32\bscs.ini
    [2012-03-11 10:12:06 | 000,004,784 | -H– | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012-03-11 10:12:06 | 000,004,784 | -H– | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012-03-11 10:12:00 | 000,067,584 | –S- | M] () – C:\Windows\bootstat.dat
    [2012-03-11 10:11:52 | 3150,561,280 | -HS- | M] () – C:\hiberfil.sys
    [2012-03-11 09:35:55 | 000,000,906 | —- | M] () – C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012-03-11 09:18:50 | 000,388,608 | —- | M] (Trend Micro Inc.) – C:\Program Files\HijackThis.exe
    [2012-03-11 09:00:52 | 091,374,423 | —- | M] () – C:\Windows\System32\drivers\AVG\incavi.avm
    [2012-03-10 18:01:36 | 000,470,630 | —- | M] () – C:\Windows\System32\drivers\AVG\iavichjg.avm
    [2012-03-09 10:32:56 | 000,386,688 | —- | M] () – C:\Windows\System32\FNTCACHE.DAT
    [2012-03-08 23:51:26 | 000,744,410 | —- | M] () – C:\Windows\System32\perfh013.dat
    [2012-03-08 23:51:26 | 000,653,896 | —- | M] () – C:\Windows\System32\perfh009.dat
    [2012-03-08 23:51:26 | 000,159,308 | —- | M] () – C:\Windows\System32\perfc013.dat
    [2012-03-08 23:51:26 | 000,126,446 | —- | M] () – C:\Windows\System32\perfc009.dat
    [2012-03-07 23:24:30 | 000,260,707 | —- | M] () – C:\Users\beheerder\Documents\PIXresizer gebruiken.pdf
    [2012-03-07 15:29:08 | 000,002,611 | —- | M] () – C:\Users\beheerder\Desktop\Microsoft Word.lnk
    [2012-02-29 22:07:55 | 000,000,000 | —- | M] () – C:\Users\beheerder\Documents\Nuance Image Printer Writer Port
    [2012-02-29 11:53:21 | 000,090,624 | —- | M] () – C:\Users\beheerder\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012-02-29 01:25:56 | 000,000,680 | —- | M] () – C:\Users\beheerder\AppData\Local\d3d9caps.dat
    [2012-02-14 18:29:13 | 000,000,186 | —- | M] () – C:\Users\beheerder\Desktop\SAMSUNG (F) - Snelkoppeling.lnk
    [2 C:\Users\beheerder\*.tmp files -> C:\Users\beheerder\*.tmp -> ]

    ========== Files Created - No Company Name ==========[/color:c8d44bbd3b]

    [2012-03-11 09:35:55 | 000,000,906 | —- | C] () – C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012-03-09 19:19:31 | 000,000,003 | —- | C] () – C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
    [2012-03-07 23:24:30 | 000,260,707 | —- | C] () – C:\Users\beheerder\Documents\PIXresizer gebruiken.pdf
    [2012-02-29 22:07:55 | 000,000,000 | —- | C] () – C:\Users\beheerder\Documents\Nuance Image Printer Writer Port
    [2012-02-14 18:29:13 | 000,000,186 | —- | C] () – C:\Users\beheerder\Desktop\SAMSUNG (F) - Snelkoppeling.lnk
    [2012-01-18 07:44:00 | 010,920,984 | —- | C] () – C:\Windows\System32\LogiDPP.dll
    [2012-01-18 07:44:00 | 000,336,408 | —- | C] () – C:\Windows\System32\DevManagerCore.dll
    [2012-01-18 07:44:00 | 000,104,472 | —- | C] () – C:\Windows\System32\LogiDPPApp.exe
    [2011-11-12 15:48:38 | 000,120,200 | —- | C] () – C:\Windows\System32\DLLDEV32i.dll
    [2011-08-12 12:20:14 | 000,015,896 | —- | C] () – C:\Windows\System32\drivers\iKeyLFT2.dll
    [2011-07-26 07:48:54 | 000,028,418 | —- | C] () – C:\Windows\System32\lvcoinst.ini
    [2011-04-22 22:50:44 | 000,011,836 | -HS- | C] () – C:\Users\beheerder\AppData\Local\3b06d0njtxmf4624h5s7r2c47420ib478
    [2011-04-22 22:50:44 | 000,011,836 | -HS- | C] () – C:\ProgramData\3b06d0njtxmf4624h5s7r2c47420ib478
    [2011-01-21 15:11:32 | 000,256,512 | —- | C] () – C:\Windows\PEV.exe
    [2011-01-21 15:11:32 | 000,098,816 | —- | C] () – C:\Windows\sed.exe
    [2011-01-21 15:11:32 | 000,089,088 | —- | C] () – C:\Windows\MBR.exe
    [2011-01-21 15:11:32 | 000,080,412 | —- | C] () – C:\Windows\grep.exe
    [2011-01-21 15:11:32 | 000,068,096 | —- | C] () – C:\Windows\zip.exe
    [2011-01-08 14:14:38 | 000,000,434 | —- | C] () – C:\Windows\BRWMARK.INI
    [2011-01-08 14:14:38 | 000,000,027 | —- | C] () – C:\Windows\BRPP2KA.INI
    [2011-01-08 14:11:04 | 000,000,050 | —- | C] () – C:\Windows\System32\bridf08b.dat
    [2011-01-08 14:07:48 | 000,031,684 | —- | C] () – C:\Windows\maxlink.ini
    [2010-11-23 00:20:18 | 000,149,504 | —- | C] () – C:\Users\beheerder\AppData\Roaming\SharedSettings.ccs
    [2010-11-15 01:11:20 | 000,000,680 | —- | C] () – C:\Users\beheerder\AppData\Local\d3d9caps.dat
    [2010-08-25 19:30:02 | 000,439,308 | —- | C] () – C:\Windows\System32\igcompkrng500.bin
    [2010-08-25 19:30:00 | 000,982,240 | —- | C] () – C:\Windows\System32\igkrng500.bin
    [2010-08-25 19:30:00 | 000,092,356 | —- | C] () – C:\Windows\System32\igfcg500m.bin
    [2010-08-25 18:59:08 | 000,004,096 | —- | C] ( ) – C:\Windows\System32\IGFXDEVLib.dll
    [2010-08-25 18:57:00 | 000,000,151 | —- | C] () – C:\Windows\System32\GfxUI.exe.config
    [2010-08-25 18:52:00 | 000,208,896 | —- | C] () – C:\Windows\System32\iglhsip32.dll
    [2010-08-25 18:52:00 | 000,143,360 | —- | C] () – C:\Windows\System32\iglhcp32.dll
    [2010-05-15 22:09:28 | 000,002,797 | —- | C] () – C:\Windows\System32\SHORTCUT.INI
    [2010-05-15 22:08:37 | 000,000,140 | —- | C] () – C:\Windows\System32\REMOTEDEVICE.INI

    ========== LOP Check ==========[/color:c8d44bbd3b]

    [2011-12-13 23:35:53 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Auslogics
    [2011-10-30 11:18:57 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\AVG2012
    [2010-11-24 08:54:38 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\CoffeeCup Software
    [2011-01-21 15:19:50 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\F-Secure
    [2011-01-27 19:55:43 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\ImgBurn
    [2011-12-24 01:09:43 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\iolo
    [2011-11-03 01:02:01 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Leadertech
    [2011-11-12 15:53:27 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\MAGIX
    [2011-02-22 16:34:39 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Nokia
    [2011-02-22 16:34:40 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Nokia Ovi Suite
    [2011-11-26 14:02:55 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Nokia Suite
    [2011-02-05 14:56:40 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\PC Suite
    [2009-11-28 12:18:23 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\PeerNetworking
    [2011-12-11 11:40:26 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Reviversoft
    [2011-03-11 18:51:43 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\ScanSoft
    [2009-11-12 00:10:06 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Thinstall
    [2010-11-27 13:40:36 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\TomTom
    [2010-01-30 21:01:03 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\VistaCodecs
    [2010-10-26 21:00:34 | 000,000,000 | —D | M] – C:\Users\beheerder\AppData\Roaming\Windows Live Writer
    [2012-03-11 10:11:00 | 000,032,620 | —- | M] () – C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========[/color:c8d44bbd3b]



    ========== Alternate Data Streams ==========[/color:c8d44bbd3b]

    @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:07BF512B

    < End of report >
  • jaja, nu is die compleet!

    [b:7c3ace930a]Sluit voordat je OTL de fix laat doen, eerst alle andere openstaande vensters![/b:7c3ace930a]

    Start OTL[list:7c3ace930a][*:7c3ace930a]Plak de volgende (vetgedrukte, blauwe tekst) onder [b:7c3ace930a]Custom Scans/Fixes[/b:7c3ace930a][/color:7c3ace930a]

    [b:7c3ace930a]
    :OTL

    @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:07BF512B
    C:\Users\beheerder\*.tmp


    :Services


    :Reg


    :Files


    :Commands
    [purity]

    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot][/color:7c3ace930a][/b:7c3ace930a]


    [*:7c3ace930a]Klik daarna bovenaan op de knop [b:7c3ace930a]Run Fix[/b:7c3ace930a][/color:7c3ace930a][*:7c3ace930a]Laat het programma ongestoord zijn werk doen.
    [*:7c3ace930a]De pc zal na afloop opnieuw opgestart worden.
    [*:7c3ace930a]Post tevens de inhoud van het OTL-scanlog[/list:u:7c3ace930a]
  • All processes killed
    ========== OTL ==========
    ADS C:\ProgramData\Temp:07BF512B deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: beheerder
    ->Temp folder emptied: 34988858 bytes
    ->Temporary Internet Files folder emptied: 128561112 bytes
    ->Java cache emptied: 56716 bytes
    ->Flash cache emptied: 470 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 21849514 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 177,00 mb


    [EMPTYFLASH]

    User: All Users

    User: beheerder
    ->Flash cache emptied: 0 bytes

    User: Default

    User: Default User

    User: Public

    Total Flash Files Cleaned = 0,00 mb



    OTL by OldTimer - Version 3.2.36.3 log created on 03112012_123458

    Files\Folders moved on Reboot…

    Registry entries deleted on Reboot…
  • Goed gedaan.

    [b:4c560e9c40]Welk programma[/b:4c560e9c40]: "aswMBR.exe'
    [b:4c560e9c40]Waarvoor/waarom[/b:4c560e9c40]: MBR-Rootkitscanner
    [b:4c560e9c40]Moeilijkheidsgraad[/b:4c560e9c40]: geen
    [b:4c560e9c40]Downloadlokatie[/b:4c560e9c40]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:4c560e9c40]Download[/b:4c560e9c40] [b:4c560e9c40]aswMBR.exe[/b:4c560e9c40] [b:4c560e9c40]hier[/b:4c560e9c40].


    [b:4c560e9c40]aswMBR.exe gebruiken[/b:4c560e9c40]:
    [list:4c560e9c40][*:4c560e9c40]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe".
    [*:4c560e9c40]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:4c560e9c40]Als Administrator uitvoeren[/b:4c560e9c40].[/list:u:4c560e9c40]

    [list:4c560e9c40][*:4c560e9c40] Klik in het volgende venster op "[b:4c560e9c40]Nee[/b:4c560e9c40]"[/list:u:4c560e9c40]
    [img:4c560e9c40]http://www.imgdumper.nl/uploads4/4e4115af00b45/4e4115af00378-aswmbrno.png[/img:4c560e9c40]

    [img:4c560e9c40]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:4c560e9c40]
    [list:4c560e9c40][*:4c560e9c40] Klik nu in het zwarte scherm op de knop [b:4c560e9c40]Scan[/b:4c560e9c40]
    [*:4c560e9c40] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:4c560e9c40]Save log[/b:4c560e9c40][/list:u:4c560e9c40]
    [img:4c560e9c40]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:4c560e9c40]
    [list:4c560e9c40][*:4c560e9c40] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen.
    [*:4c560e9c40] Tevens vindt je nu op het bureaublad ook het bestand [b:4c560e9c40]MBR.dat[/b:4c560e9c40]!
    [*:4c560e9c40] [b:4c560e9c40]MBR.dat[/b:4c560e9c40] is een backupbestand, bewaar dat dus voorlopig.
    [*:4c560e9c40] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:4c560e9c40]aswMBR.txt[/b:4c560e9c40][*:4c560e9c40] Post de inhoud van [b:4c560e9c40]aswMBR.txt[/b:4c560e9c40] in jouw volgende bericht.[/list:u:4c560e9c40]

    N.B.: zorg er voor dat externe HD's/USB-sticks eerst worden verwijderd.
  • aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
    Run date: 2012-03-11 12:55:03
    —————————–
    12:55:03.361 OS Version: Windows 6.0.6002 Service Pack 2
    12:55:03.361 Number of processors: 2 586 0xF0D
    12:55:03.362 ComputerName: BEHEERDER1 UserName: beheerder
    12:55:04.787 Initialize success
    12:55:18.807 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    12:55:18.810 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
    12:55:18.823 Disk 0 MBR read successfully
    12:55:18.826 Disk 0 MBR scan
    12:55:18.830 Disk 0 unknown MBR code
    12:55:18.837 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
    12:55:18.858 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 145497 MB offset 27265024
    12:55:18.876 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 146434 MB offset 325242880
    12:55:18.881 Disk 0 scanning sectors +625139712
    12:55:18.964 Disk 0 scanning C:\Windows\system32\drivers
    12:55:26.453 Service scanning
    12:55:43.089 Modules scanning
    12:55:47.886 Disk 0 trace - called modules:
    12:55:47.908 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    12:55:47.914 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86299268]
    12:55:47.920 3 CLASSPNP.SYS[8ada78b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x857e4028]
    12:55:47.925 Scan finished successfully
    12:56:07.331 Disk 0 MBR has been saved successfully to "C:\Users\beheerder\Desktop\MBR.dat"
    12:56:07.337 The log file has been saved successfully to "C:\Users\beheerder\Desktop\aswMBR.txt"
  • De MBR is in orde:

    Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048 - dit is de recovery-partitie!

    Doe het volgende: download de [b:48c4ea4ccf]Emsisoft Emergency Kit[/color:48c4ea4ccf][/b:48c4ea4ccf] naar het bureaublad en pak het [b:48c4ea4ccf]ZIP[/b:48c4ea4ccf] bestand uit.
    [list:48c4ea4ccf]
    [*:48c4ea4ccf] Open de map "[b:48c4ea4ccf]EmsisoftEmergencyKit[/b:48c4ea4ccf]" en dubbelklik op "[b:48c4ea4ccf]Start.exe[/b:48c4ea4ccf]"
    [*:48c4ea4ccf] Klik nu op "[b:48c4ea4ccf]Emergency Kit Scanner[/b:48c4ea4ccf]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:48c4ea4ccf]Ja[/b:48c4ea4ccf]"
    [img:48c4ea4ccf]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:48c4ea4ccf]
    [*:48c4ea4ccf] Als de update gereed is en de melding "[b:48c4ea4ccf]Update process is succesvol afgerond[/b:48c4ea4ccf]" verschijnt klikt u op "[b:48c4ea4ccf]menu[/b:48c4ea4ccf]" en dan op "[b:48c4ea4ccf]Scan PC[/b:48c4ea4ccf]"
    [*:48c4ea4ccf] Selecteer de optie "[b:48c4ea4ccf]Diep[/b:48c4ea4ccf]" als deze niet standaard al zo is ingesteld.
    [*:48c4ea4ccf] Klik Nu op de knop "[b:48c4ea4ccf]Scan[/b:48c4ea4ccf]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
    [*:48c4ea4ccf] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.

    Opmerking:

    Als u deze melding ziet.

    [b:48c4ea4ccf]C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK [/b:48c4ea4ccf]

    Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor [b:48c4ea4ccf] "Versturen als vals alarm (False Positive)".[/b:48c4ea4ccf]


    [*:48c4ea4ccf] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:48c4ea4ccf]verwijder geselecteerde[/b:48c4ea4ccf]" u zal nu de volgende melding krijgen maar klik hier op "[b:48c4ea4ccf]Ja[/b:48c4ea4ccf]"
    [img:48c4ea4ccf]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:48c4ea4ccf]
    [*:48c4ea4ccf] Als het verwijderen gereed is klikt u op de knop "[b:48c4ea4ccf]View report[/b:48c4ea4ccf]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:48c4ea4ccf]a2scan_110730-111615.txt[/b:48c4ea4ccf]
    [*:48c4ea4ccf] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
    [*:48c4ea4ccf] Herstart nu de computer.[/list:u:48c4ea4ccf]
  • Ik ga ermee verder, moet zo weg, zal later op de dag deze machine remote overnemen en posten. Ook nu alweer!! bedankt
  • Emsisoft Emergency Kit - Versie 1.0
    Laatste Update: 11-3-2012 13:09:56

    Scaninstellingen:

    Scantype: Diepe Scan
    Objecten: Geheugen, Sporen, Cookies, C:\, D:\
    Scan archieven: Aan
    Heuristieken: Uit
    ADS Scan: Aan

    Scan gestart: 11-3-2012 13:10:16

    C:\Users\beheerder\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000002500002h\MSTORE.EXE Ontdekt: Backdoor.SuspectCRC!IK
    C:\Users\beheerder\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\30000000d900002h\DW20.EXE Ontdekt: Malware.Win32.AMN!A2

    Gescand

    Bestanden: 1009037
    Sporen: 405504
    Cookies: 17
    Processen: 95

    Gevonden

    Bestanden: 2
    Sporen: 0
    Cookies: 0
    Processen: 0
    Registersleutels: 0

    Scan Geëindigd: 11-3-2012 15:36:16
    Scantijd: 2:26:00
  • Gebruik de volgende scanner eens: [b:10b4756311]Download CKScanner by askey 127[/b:10b4756311] en sla het op je bureaublad op.
    Vista en Win 7 gebruikers gebruiken dit tool via rechtsklik en kiezen voor Als Administrator uitvoeren.
    [list:10b4756311][*:10b4756311] Klik/dubbelklik op [b:10b4756311]CKScanner by askey 127[/b:10b4756311] om het tool te starten en klik op Search for Files.
    [*:10b4756311] Na een korte tijd, wanneer de zandloper verdwijnt, klik dan op Save List To File
    [*:10b4756311] Een berichtvenster zal bevestigen dat het dokument is opgelagen.
    [*:10b4756311] Klik/dubbelklik op de CKFiles.txt snelkoppeling op je bureaublad en kopiëer en plak de inhoud in je volgende post.[/list:u:10b4756311]
  • AVG deed moeilijk, kon niet als admin draaien.
    Melding van .dll is weg
    Log
    CKScanner - Additional Security Risks - These are not necessarily bad
    scanner sequence 3.RP.11.FLNAUT
    —– EOF —–


    Ik weet jouw voorkeur voor Avast, maar eigenaar deze PC wil nog even AVG houden. Krijg nog wel meldingen van geblokkeerde opstartprogsels.

    Aparte gewaarwording, via Teamviewer de zaken regelen, eea loopt zeer vertraagd, LOL
  • Ik heb elders ook al dit geschreven:

    "Wat antivirus betreft, vreemd is het gegeven dat bij de laatste Antivirustests is gebleken dat AVG2012 momenteel de beste gratis antivirus is.
    Welnu het gros van de logs die ik hier en elders behandel, hebben als antivirus inderdaad een AVG-versie.

    MSE komt ook regelmatig voorbij en maar een enkele keer Avast Free of al helemaal sporadisch: Avira Antivir Free.

    Wat die laatste betreft: die gebruik ik ook, waarom?
    Avira heeft een van de beste ondemandscanners aan boord.
    En als enigste voorkomt Avira veranderingen aan de hostfile!
    Maar Avira heeft in de gratis versie geen e-mailscanner bijvoorbeeld."


    En probeer of het volgende wil lukken:

    [b:d5510bd7f4]Welk programma[/b:d5510bd7f4]: ComboFix
    [b:d5510bd7f4]Waarvoor/waarom[/b:d5510bd7f4]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:d5510bd7f4]Moeilijkheidsgraad[/b:d5510bd7f4]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:d5510bd7f4]Downloadlokatie[/b:d5510bd7f4]: Dit programma absoluut naar het bureaublad downloaden!
    [b:d5510bd7f4]Download ComboFix via één van deze locaties[/b:d5510bd7f4]:
    [list:d5510bd7f4][*:d5510bd7f4][b:d5510bd7f4]Bleepingcomputer[/b:d5510bd7f4]
    [*:d5510bd7f4][b:d5510bd7f4]ForoSpyware[/b:d5510bd7f4]
    [*:d5510bd7f4][b:d5510bd7f4]Geekstogo[/b:d5510bd7f4][/list:u:d5510bd7f4]
    [b:d5510bd7f4]Hier[/b:d5510bd7f4] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:d5510bd7f4]Hier[/b:d5510bd7f4] en [b:d5510bd7f4]hier[/b:d5510bd7f4] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:d5510bd7f4]Voor alle duidelijkheid nogmaals[/b:d5510bd7f4]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:d5510bd7f4]Opmerkingen[/b:d5510bd7f4]:
    [list:d5510bd7f4][*:d5510bd7f4] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:d5510bd7f4]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:d5510bd7f4]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:d5510bd7f4]
    [b:d5510bd7f4]ComboFix is opgestart[/b:d5510bd7f4]:
    [list:d5510bd7f4][*:d5510bd7f4]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:d5510bd7f4]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:d5510bd7f4]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:d5510bd7f4]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:d5510bd7f4]Post de inhoud van dit logbestand in je volgende bericht.
    [*:d5510bd7f4]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:d5510bd7f4]
    [b:d5510bd7f4]Belangrijke opmerking[/b:d5510bd7f4]:
    [list:d5510bd7f4][*:d5510bd7f4][b:d5510bd7f4]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:d5510bd7f4][/b:d5510bd7f4]
    [*:d5510bd7f4][b:d5510bd7f4]Illegal operation attempted on a registery key that has been marked for deletion.[/color:d5510bd7f4][/b:d5510bd7f4]
    [*:d5510bd7f4][b:d5510bd7f4]Start dan de computer opnieuw op.[/color:d5510bd7f4][/b:d5510bd7f4][/list:u:d5510bd7f4]
  • ComboFix 12-03-11.01 - beheerder 11-03-2012 20:47:00.1.2 - x86
    Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.31.1043.18.3004.1636 [GMT 1:00]
    Gestart vanuit: c:\users\beheerder\Downloads\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\beheerder\AppData\Roaming\Adobe\plugs
    c:\users\beheerder\AppData\Roaming\Adobe\shed
    c:\users\beheerder\AppData\Roaming\Microsoft\Windows\Recent\Mannen en vrouwen Een pagina over lichamelijke en geestelijke verschillen tussen mannen en vrouwen..url
    c:\windows\system32\roboot.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-02-11 to 2012-03-11 ))))))))))))))))))))))))))))))
    .
    .
    2012-03-11 19:55 . 2012-03-11 19:55 ——– d—–w- c:\users\Public\AppData\Local\temp
    2012-03-11 19:55 . 2012-03-11 19:55 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-03-11 11:34 . 2012-03-11 11:34 ——– d—–w- C:\_OTL
    2012-03-11 11:03 . 2012-03-11 11:14 ——– d—–w- c:\users\beheerder\AppData\Roaming\TeamViewer
    2012-03-11 11:02 . 2012-03-11 11:02 ——– d—–w- c:\program files\TeamViewer
    2012-03-11 09:10 . 2012-03-11 09:10 ——– d—–w- c:\program files\backups
    2012-03-11 08:35 . 2012-03-11 08:35 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2012-03-11 08:35 . 2011-12-10 14:24 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-03-11 08:18 . 2012-03-11 08:18 388608 —-a-w- c:\program files\HijackThis.exe
    2012-02-16 09:42 . 2011-12-14 16:17 680448 —-a-w- c:\windows\system32\msvcrt.dll
    2012-02-16 09:42 . 2012-01-12 19:52 2044416 —-a-w- c:\windows\system32\win32k.sys
    2012-02-16 09:42 . 2011-12-20 10:56 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-02-17 09:24 . 2011-05-20 07:09 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-01-18 06:44 . 2012-01-18 06:44 540960 —-a-w- c:\windows\system32\LVUI2RC.dll
    2012-01-18 06:44 . 2012-01-18 06:44 4332960 —-a-w- c:\windows\system32\drivers\lvuvc.sys
    2012-01-18 06:44 . 2012-01-18 06:44 545056 —-a-w- c:\windows\system32\LVUI2.dll
    2012-01-18 06:44 . 2012-01-18 06:44 312096 —-a-w- c:\windows\system32\drivers\lvrs.sys
    2012-01-18 06:44 . 2012-01-18 06:44 307488 —-a-w- c:\windows\system32\lvcodec2.dll
    2012-01-18 06:44 . 2012-01-18 06:44 196896 —-a-w- c:\windows\system32\lvci13311044.dll
    2012-01-18 06:44 . 2012-01-18 06:44 336408 —-a-w- c:\windows\system32\DevManagerCore.dll
    2012-01-18 06:44 . 2012-01-18 06:44 10920984 —-a-w- c:\windows\system32\LogiDPP.dll
    2012-01-18 06:44 . 2012-01-18 06:44 104472 —-a-w- c:\windows\system32\LogiDPPApp.exe
    2007-03-12 16:59 . 2007-03-12 16:59 299008 —-a-w- c:\program files
    avigram_register.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
    2012-01-15 13:54 1811296 —-a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-01-15 1811296]
    .
    [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
    [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
    [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
    "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
    "NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-21 7420448]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1049896]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
    "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
    "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
    "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-19 1089536]
    "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]
    "NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-10-20 2192752]
    "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
    "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-01-15 939872]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-01-13 981680]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
    "ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-15 928096]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    BTTray.lnk - c:\program files\Sitecom\Bluetooth Software\BTTray.exe [2004-10-1 565309]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync
    estart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^F1U201.401.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\F1U201.401.lnk
    backup=c:\windows\pss\F1U201.401.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
    backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKLM\~\startupfolder\C:^Users^beheerder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk]
    path=c:\users\beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk
    backup=c:\windows\pss\Samsung Auto Backup Guage.lnk.Startup
    backupExtension=.Startup
    .
    [HKLM\~\startupfolder\C:^Users^beheerder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Real-Time Daemon.lnk]
    path=c:\users\beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk
    backup=c:\windows\pss\Samsung Auto Backup Real-Time Daemon.lnk.Startup
    backupExtension=.Startup
    .
    [HKLM\~\startupfolder\C:^Users^beheerder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Auto Backup Scheduler.lnk]
    path=c:\users\beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk
    backup=c:\windows\pss\Samsung Auto Backup Scheduler.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2012-01-03 07:37 843712 —-a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    2012-01-03 13:10 35736 —-a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
    2009-01-13 12:36 279552 —-a-w- c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
    2008-12-24 03:29 103720 ——w- c:\program files\CyberLink\Power2Go\CLMLSvc.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    2010-08-25 18:45 171032 —-a-w- c:\windows\System32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2010-08-25 18:45 136216 —-a-w- c:\windows\System32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2012-01-16 16:22 421736 —-a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
    2009-04-15 14:54 50472 ——w- c:\program files\CyberLink\PowerDVD8\Language\Language.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2010-08-25 18:45 170520 —-a-w- c:\windows\System32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
    2009-10-24 01:18 597792 —-a-w- c:\program files\Sony\PMB\PMBVolumeWatcher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 13:28 421888 —-a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
    2009-04-15 14:52 91432 ——w- c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    2009-04-11 06:28 1233920 —-a-w- c:\program files\Windows Sidebar\sidebar.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2011-06-09 11:06 254696 —-a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
    2012-01-23 04:43 247728 —-a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
    2008-12-03 13:15 218408 —-a-w- c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
    2009-02-25 05:40 218408 ——w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
    2008-01-04 02:02 222504 ——w- c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePPShortCut]
    2008-12-03 13:15 218408 ——w- c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
    2009-03-12 11:35 210216 ——w- c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    2008-01-21 02:35 202240 —-a-w- c:\program files\Windows Media Player\wmpnscfg.exe
    .
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    bthsvcs REG_MULTI_SZ BthServ
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.google.nl/
    mStart Page = hxxp://downloads.phpnuke.org/nl/index.php?rvs=google
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Verzenden naar &Bluetooth - c:\program files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm
    TCP: DhcpNameServer = 192.168.1.254
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
    DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    SafeBoot-WudfPf
    SafeBoot-WudfRd
    MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-03-11 20:55
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (S-1-5-21-3967947940-1414231668-3034202555-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="Microsoft Internet Mail Message"
    .
    [HKEY_USERS\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'Explorer.exe'(4480)
    c:\windows\system32\BsMobileSDK.dll
    c:\windows\system32\BsLangInDepRes.dll
    c:\windows\system32\Bs2Res.dll
    c:\windows\system32\btncopy.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    .
    Voltooingstijd: 2012-03-11 20:58:38
    ComboFix-quarantined-files.txt 2012-03-11 19:58
    ComboFix2.txt 2011-01-21 14:31
    .
    Pre-Run: 72.817.872.896 bytes beschikbaar
    Post-Run: 72.783.568.896 bytes beschikbaar
    .
    - - End Of File - - 1D3B1636D745E1951BA0CC9FA024F00F
  • Doe het volgende: download Farbar Service Scanner
    Zorg ervoor dat het tool vervolgens op het buraublad geplaatst wordt.

    [b:2e647229c0]"Farbar Service Scanner" gebruiken[/b:2e647229c0]:
    [list:2e647229c0][*:2e647229c0] [b:2e647229c0]Sluit nu eerst alle nog openstaande programmavensters![/color:2e647229c0][/b:2e647229c0]
    [list:2e647229c0][*:2e647229c0][b:2e647229c0]Windows 2000[/color:2e647229c0][/b:2e647229c0] en [b:2e647229c0]Windows XP[/b:2e647229c0][/color:2e647229c0]: start het tool middels dubbelklik op "FSS.exe".
    [*:2e647229c0][b:2e647229c0]Windows Vista[/b:2e647229c0][/color:2e647229c0] en [b:2e647229c0]Windows 7[/b:2e647229c0][/color:2e647229c0]: start het tool middels rechtsklik op "FSS.exe" en dan kiezen voor [b:2e647229c0]Als Administrator uitvoeren[/b:2e647229c0].[/list:u:2e647229c0][/list:u:2e647229c0]

    [list:2e647229c0][*:2e647229c0]Zorg er voor dat het volgende onderdeel is aangevinkt:
    [list:2e647229c0][*:2e647229c0]Internet Services
    [*:2e647229c0]Windows Firewall
    [*:2e647229c0]System Restore
    [*:2e647229c0]Security Center[/list:u:2e647229c0]
    [*:2e647229c0]Klik nu op de knop "Scan".
    [*:2e647229c0]Aansluitend wordt een log aangemaakt (FSS.txt) in de zelfde map waar "FSS.exe" in zit.
    [*:2e647229c0]Kopieer en plak de inhoud van het log in jouw volgende bericht.[/list:u:2e647229c0]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.