Vraag & Antwoord

Beveiliging & privacy

commonshield.dll

27 antwoorden
  • goeiemorge ik heb een vaag probleem op mijn laptop. als ik internet explorer aanklik dan krijg ik de volgende melding: commonshell:mcshield.dll kan de opgegeven brotnaal-id niet vinden in het kopiebestand. het systeem kan het opgegeven bestand niet vinden . ik weet niet wat ik hieraan moet doen ik had wel een scan gedaan van advanced system protector maar dat is maar een probeer versie en hy had een aantal dingen gevonden : 5 agent trojan , 1 generic malware , en 1 adbundler potentialy unwanted application . en mcafee die ik wel volledig heb die vind niks zegt dat me computer helemaal goed is ... ik hoop dat je me kan helpen ... groete kim
  • Hoi Kim, we gaan beginnen. Overigens: Iobit Advanceced System Scanner is een van origine Chinees tool, dat je beter weer kan verwijderen. [color=#FF0000:8cdea2e564][b:8cdea2e564]Stap •1•[/b:8cdea2e564][/color:8cdea2e564] [b:8cdea2e564]Welk programma[/b:8cdea2e564]: [color=#008000:8cdea2e564][b:8cdea2e564]AdwCleaner[/b:8cdea2e564][/color:8cdea2e564] [b:8cdea2e564]Waarvoor/waarom[/b:8cdea2e564]: Scanner om Windows op te schonen en te ontdoen van malafide toolbars. [b:8cdea2e564]Moeilijkheidsgraad[/b:8cdea2e564]: Geen. [b:8cdea2e564]Downloadlokatie[/b:8cdea2e564]: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen! [b:8cdea2e564]Download[/b:8cdea2e564]: [url=http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner]AdwCleaner by Xplode[/url]. [b:8cdea2e564]Opmerkingen[/b:8cdea2e564]: [list:8cdea2e564][*:8cdea2e564][color=#FF0000:8cdea2e564][b:8cdea2e564] Alle openstaande programma's en webpagina's dienen afgesloten te zijn[/b:8cdea2e564][/color:8cdea2e564]. [*:8cdea2e564]Dat na opstarten van [color=#008000:8cdea2e564][b:8cdea2e564]AdwCleaner[/b:8cdea2e564][/color:8cdea2e564] de snelkoppelingen verdwijnen van bureaublad, is normaal.[/list:u:8cdea2e564] [b:8cdea2e564][color=#008000:8cdea2e564]AdwCleaner[/color:8cdea2e564] opstarten[/b:8cdea2e564]: [list:8cdea2e564][*:8cdea2e564][b:8cdea2e564][color=#0000FF:8cdea2e564]Windows 2000[/color:8cdea2e564][/b:8cdea2e564] en [color=#0000FF:8cdea2e564][b:8cdea2e564]Windows XP[/b:8cdea2e564][/color:8cdea2e564]: dubbelklik op adwcleaner.exe. [*:8cdea2e564][color=#0000FF:8cdea2e564][b:8cdea2e564]Windows Vista[/b:8cdea2e564][/color:8cdea2e564] en [color=#0000FF:8cdea2e564][b:8cdea2e564]Windows 7[/b:8cdea2e564][/color:8cdea2e564]: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".[/list:u:8cdea2e564] [b:8cdea2e564][color=#008000:8cdea2e564]AdwCleaner[/color:8cdea2e564] is opgestart[/b:8cdea2e564]: [list:8cdea2e564][*:8cdea2e564]Klik op de knop [color=#0000FF:8cdea2e564][b:8cdea2e564]Verwijderen[/b:8cdea2e564][/color:8cdea2e564] [*:8cdea2e564]Klik bij [color=#0000FF:8cdea2e564][b:8cdea2e564]AdwCleaner – Afsluiting van de programma's[/b:8cdea2e564][/color:8cdea2e564] op [b:8cdea2e564]OK[/b:8cdea2e564] [*:8cdea2e564]Klik bij [color=#0000FF:8cdea2e564][b:8cdea2e564]AdwCleaner – Herstarten noodzakelijk[/b:8cdea2e564][/color:8cdea2e564] op [b:8cdea2e564]OK[/b:8cdea2e564][/list:u:8cdea2e564] [b:8cdea2e564][color=#008000:8cdea2e564]AdwCleaner[/color:8cdea2e564] logbestand[/b:8cdea2e564]: [list:8cdea2e564][*:8cdea2e564]Nadat de PC opnieuw is opgestart, opent een logfile. [*:8cdea2e564]Post vervolgens de inhoud van dit log in je volgende bericht.[/list:u:8cdea2e564] [color=#FF0000:8cdea2e564][b:8cdea2e564]Stap •2•[/b:8cdea2e564][/color:8cdea2e564] [b:8cdea2e564]Welk programma[/b:8cdea2e564]: [color=#008000:8cdea2e564][b:8cdea2e564]sUbs dds[/b:8cdea2e564][/color:8cdea2e564] [b:8cdea2e564]Waarvoor/waarom[/b:8cdea2e564]: DDS is een diagnosetool en maakt gebruik van scripts. [b:8cdea2e564]Moeilijkheidsgraad[/b:8cdea2e564]: Lees eerst goed wat te doen. [b:8cdea2e564]Downloadlokatie[/b:8cdea2e564]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen! [b:8cdea2e564]Download DDS[/b:8cdea2e564] van [b:8cdea2e564]sUBS[/b:8cdea2e564] van één van deze locaties en plaats het op je [b:8cdea2e564]bureaublad[/b:8cdea2e564]: [b:8cdea2e564][url=http://download.bleepingcomputer.com/sUBs/dds.com]DDS - Bleeping Computer download[/url]. [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS - Bleeping Computer download[/url]. [url=http://www.infospyware.net/sUBs/dds]DDS - Infospyware[/url].[/b:8cdea2e564] [img:8cdea2e564]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:8cdea2e564] [b:8cdea2e564]sUBs dds. gebruiken[/b:8cdea2e564]: [list:8cdea2e564][*:8cdea2e564][b:8cdea2e564][color=#0000FF:8cdea2e564]Sluit vervolgens eerst alle nog openstaande programmavensters![/color:8cdea2e564][/b:8cdea2e564] [*:8cdea2e564] [b:8cdea2e564][color=#008000:8cdea2e564]Antivirusprogramma en actieve malwarescanners dienen gedeaktiveerd zijn![/color:8cdea2e564][/b:8cdea2e564] [list:8cdea2e564][*:8cdea2e564][url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32608][b:8cdea2e564][color=#0000FF:8cdea2e564]Hier[/color:8cdea2e564][/b:8cdea2e564][/url] of [url=http://www.hijackthis.nl/forum/viewtopic.php?f=86&t=32607][color=#0000FF:8cdea2e564][b:8cdea2e564]hier[/b:8cdea2e564][/color:8cdea2e564][/url] kan je lezen hoe je dat doet.[/list:u:8cdea2e564] [list:8cdea2e564][*:8cdea2e564][b:8cdea2e564][color=#0000FF:8cdea2e564]Windows 2000[/color:8cdea2e564][/b:8cdea2e564] en [color=#0000FF:8cdea2e564][b:8cdea2e564]Windows XP[/b:8cdea2e564][/color:8cdea2e564]: start sUBs dds. middels dubbelklik op de snelkoppeling. [*:8cdea2e564][color=#0000FF:8cdea2e564][b:8cdea2e564]Windows Vista[/b:8cdea2e564][/color:8cdea2e564] en [color=#0000FF:8cdea2e564][b:8cdea2e564]Windows 7[/b:8cdea2e564][/color:8cdea2e564]: start sUBs dds. rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:8cdea2e564][/list:u:8cdea2e564] [b:8cdea2e564]Na de scan[/b:8cdea2e564] [list:8cdea2e564][*:8cdea2e564] [b:8cdea2e564][color=#FF0000:8cdea2e564]Heraktiveer nu de actieve beveiligingssoftware[/color:8cdea2e564][/b:8cdea2e564] [*:8cdea2e564]Er worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - let even op het volgende! [*:8cdea2e564]Kopieer en plak de gehele inhoud van de [b:8cdea2e564]DDS-logfile[/b:8cdea2e564] in jouw volgende bericht. [*:8cdea2e564]De inhoud van [b:8cdea2e564]Attach.txt[/b:8cdea2e564] post je wanneer ik daarom vraag.[/list:u:8cdea2e564]
  • # AdwCleaner v2.005 - Verslag gemaakt op 24/10/2012 om 12:21:58 # Geactualiseerd op 14/10/2012 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : auke kim stefan - AUKEKIMSTEFAN # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\auke kim stefan\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Program Files (x86)\Mozilla Firefox\.autoreg File Verwijdert : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml File Verwijdert : C:\Users\auke kim stefan\AppData\Local\funmoods.crx File Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\searchplugins\Conduit.xml File Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\searchplugins\funmoods.xml File Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\searchplugins\Search_Results.xml Map Verwijdert : C:\Program Files (x86)\Complitly Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\Download_Energy Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\boost_interprocess Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\Users\auke kim stefan\AppData\Local\Conduit Map Verwijdert : C:\Users\auke kim stefan\AppData\LocalLow\BabylonToolbar Map Verwijdert : C:\Users\auke kim stefan\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\auke kim stefan\AppData\LocalLow\Download_Energy Map Verwijdert : C:\Users\auke kim stefan\AppData\LocalLow\Funmoods Map Verwijdert : C:\Users\auke kim stefan\AppData\LocalLow\PriceGong Map Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Babylon Map Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Complitly Map Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\CT1269415 Map Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Map Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\{ad708c09-d51b-45b3-9d28-4eba2681febf} Map Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\staged Map Verwijdert : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\Smartbar Map Verwijdert : C:\Users\AUKEKI~1\AppData\Local\Temp\CT1269415 Verwijdert bij het opstarten : C:\ProgramData\Premium ***** [Register] ***** Data Verwijdert : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\IMESHA~1\Mediabar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\Mediabar\Datamngr\IEBHO.dll c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll c:\windows\syswow64\nvinit.dll Sleutel Verwijdert : HKCU\Software\APN DTX Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Crossrider Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Download_Energy Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\Complitly Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD708C09-D51B-45B3-9D28-4EBA2681FEBF} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD708C09-D51B-45B3-9D28-4EBA2681FEBF} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT1269415 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT3242338 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\Software\Download_Energy Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{929A8D4E-87AC-4604-B216-A5A2A2925762} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{929A8D4E-87AC-4604-B216-A5A2A2925762} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AD708C09-D51B-45B3-9D28-4EBA2681FEBF} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{552F66DC-E8AE-4312-BA16-EB4A71F3BC8D} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EAEDBA90-5E21-41FF-B0EC-77957B6A2ABF} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD708C09-D51B-45B3-9D28-4EBA2681FEBF} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Download_Energy Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{474597C5-AB09-49D6-A4D5-2E8D7341384E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Sleutel Verwijdert : HKLM\SOFTWARE\DataMngr Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{AD708C09-D51B-45B3-9D28-4EBA2681FEBF}] Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{AD708C09-D51B-45B3-9D28-4EBA2681FEBF}] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{AD708C09-D51B-45B3-9D28-4EBA2681FEBF}] Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AD708C09-D51B-45B3-9D28-4EBA2681FEBF}] ***** [Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0Fzy0A0FtD0ByD0B0F0F0DtBtN0D0Tzu0CtBzyyBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1152357215 --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://searchfunmoods.com/?f=2&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0Fzy0A0FtD0ByD0B0F0F0DtBtN0D0Tzu0CtBzyyBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1152357215 --> hxxp://www.google.com -\\ Mozilla Firefox v15.0.1 (nl) Profielnaam : default File : C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\prefs.js C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\user.js ... Verwijdert ! Verwijdert : user_pref("CT1269415.1000082.isPlayDisplay", "true"); Verwijdert : user_pref("CT1269415.1000082.state", "{\"state\":\"stopped\",\"text\":\"Classic R...\",\"description[...] Verwijdert : user_pref("CT1269415.1000234.TWC_TMP_city", "AMSTERDAM"); Verwijdert : user_pref("CT1269415.1000234.TWC_TMP_country", "NL"); Verwijdert : user_pref("CT1269415.1000234.TWC_locId", "NLXX0002"); Verwijdert : user_pref("CT1269415.1000234.TWC_location", "Amsterdam, Netherlands"); Verwijdert : user_pref("CT1269415.1000234.TWC_region", "OT"); Verwijdert : user_pref("CT1269415.1000234.TWC_temp_dis", "c"); Verwijdert : user_pref("CT1269415.1000234.TWC_wind_dis", "kmh"); Verwijdert : user_pref("CT1269415.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"13°C\",\"temperat[...] Verwijdert : user_pref("CT1269415.128333654985132191.isToggled_item0_12", "true"); Verwijdert : user_pref("CT1269415.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT1269415.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Verwijdert : user_pref("CT1269415.FirstTime", "true"); Verwijdert : user_pref("CT1269415.FirstTimeFF3", "true"); Verwijdert : user_pref("CT1269415.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT126[...] Verwijdert : user_pref("CT1269415.UserID", "UN86073253169835111"); Verwijdert : user_pref("CT1269415.addressBarTakeOverEnabledInHidden", "true"); Verwijdert : user_pref("CT1269415.autoDisableScopes", -1); Verwijdert : user_pref("CT1269415.browser.search.defaultthis.engineName", true); Verwijdert : user_pref("CT1269415.defaultSearch", "true"); Verwijdert : user_pref("CT1269415.embeddedsData", "[{\"appId\":\"128333655015757195\",\"apiPermissions\":{\"cross[...] Verwijdert : user_pref("CT1269415.enableAlerts", "always"); Verwijdert : user_pref("CT1269415.enableSearchFromAddressBar", "true"); Verwijdert : user_pref("CT1269415.firstTimeDialogOpened", "true"); Verwijdert : user_pref("CT1269415.fixPageNotFoundError", "true"); Verwijdert : user_pref("CT1269415.fixPageNotFoundErrorInHidden", "true"); Verwijdert : user_pref("CT1269415.fixUrls", true); Verwijdert : user_pref("CT1269415.hxxp___pinterest_aot_im.isEnabled", "Y"); Verwijdert : user_pref("CT1269415.installId", "conduitinstaller.exe"); Verwijdert : user_pref("CT1269415.installType", "ConduitNSISIntegration"); Verwijdert : user_pref("CT1269415.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT1269415.isNewTabEnabled", true); Verwijdert : user_pref("CT1269415.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT1269415.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT1269415.keyword", true); Verwijdert : user_pref("CT1269415.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Verwijdert : user_pref("CT1269415.openThankYouPage", "false"); Verwijdert : user_pref("CT1269415.openUninstallPage", "true"); Verwijdert : user_pref("CT1269415.search.searchAppId", "128333655015757195"); Verwijdert : user_pref("CT1269415.search.searchCount", "0"); Verwijdert : user_pref("CT1269415.searchInNewTabEnabledInHidden", "true"); Verwijdert : user_pref("CT1269415.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT1269415.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT1269415.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT1269415.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT1269415.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Verwijdert : user_pref("CT1269415.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350837986041"); Verwijdert : user_pref("CT1269415.serviceLayer_services_appsMetadata_lastUpdate", "1350808902519"); Verwijdert : user_pref("CT1269415.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1349951462247"); Verwijdert : user_pref("CT1269415.serviceLayer_services_login_10.10.27.6_lastUpdate", "1350837985437"); Verwijdert : user_pref("CT1269415.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1349951462299"); Verwijdert : user_pref("CT1269415.serviceLayer_services_searchAPI_lastUpdate", "1350808902554"); Verwijdert : user_pref("CT1269415.serviceLayer_services_serviceMap_lastUpdate", "1350808902455"); Verwijdert : user_pref("CT1269415.serviceLayer_services_toolbarContextMenu_lastUpdate", "1349951462213"); Verwijdert : user_pref("CT1269415.serviceLayer_services_toolbarSettings_lastUpdate", "1350837985925"); Verwijdert : user_pref("CT1269415.serviceLayer_services_translation_lastUpdate", "1350808902648"); Verwijdert : user_pref("CT1269415.settingsINI", true); Verwijdert : user_pref("CT1269415.shouldFirstTimeDialog", "false"); Verwijdert : user_pref("CT1269415.smartbar.CTID", "CT1269415"); Verwijdert : user_pref("CT1269415.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT1269415.smartbar.homepage", true); Verwijdert : user_pref("CT1269415.smartbar.toolbarName", "Download Energy "); Verwijdert : user_pref("CT1269415.toolbarBornServerTime", "11-10-2012"); Verwijdert : user_pref("CT1269415.toolbarCurrentServerTime", "21-10-2012"); Verwijdert : user_pref("Smartbar.ConduitHomepagesList", ""); Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", ""); Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", ""); Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT1269415"); Verwijdert : user_pref("browser.search.defaultenginename", "Funmoods"); Verwijdert : user_pref("browser.search.order.1", "Search Results"); Verwijdert : user_pref("browser.search.selectedEngine", "Funmoods"); Verwijdert : user_pref("browser.startup.homepage", "hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2X[...] Verwijdert : user_pref("extensions.507db73cc0e1a.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...] Verwijdert : user_pref("extensions.BabylonToolbar.admin", false); Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Verwijdert : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", "16"); Verwijdert : user_pref("extensions.BabylonToolbar.cntry", "NL"); Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Verwijdert : user_pref("extensions.BabylonToolbar.dpkLst", "1169821598,3855095921,302281469,2400444324,3654782829[...] Verwijdert : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Verwijdert : user_pref("extensions.BabylonToolbar.excTlbr", false); Verwijdert : user_pref("extensions.BabylonToolbar.hdrMd5", "2D9C59F51B752344A35C043F259CE493"); Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", false); Verwijdert : user_pref("extensions.BabylonToolbar.id", "141dffd2000000000000ec55f9af0b5b"); Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15629"); Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.3.821:21:18"); Verwijdert : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Verwijdert : user_pref("extensions.BabylonToolbar.newTab", false); Verwijdert : user_pref("extensions.BabylonToolbar.pnu_tb9", "{\"newVrsn\":\"2\",\"lastVrsn\":\"2\",\"vrsnLoad\":\[...] Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Verwijdert : user_pref("extensions.BabylonToolbar.sg", "azb"); Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.3.821:21:18"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); Verwijdert : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.821:21:18"); Verwijdert : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=292&systemid=1&apn_d[...] ************************* AdwCleaner[S1].txt - [20467 octets] - [24/10/2012 12:21:58] ########## EOF - C:\AdwCleaner[S1].txt - [20528 octets] ########## dit is stap 1 stap 2 moet ik nog doen
  • DDS (Ver_2012-10-19.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by auke kim stefan at 12:49:40 on 2012-10-24 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.5996.4386 [GMT 2:00] . AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Windows\system32\CxAudMsg64.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\ProgramData\Premium\Codec\Codec.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\System32\rundll32.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\DOLBY PCEE4\pcee4.exe C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.nl/ uDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://www.google.com mDefault_Page_URL = hxxp://acer.msn.com uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll uURLSearchHooks: {37e17185-b07a-47b3-bd86-c675e4e4b89a} - <orphaned> mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Vaudix Class: {1C24321E-DE31-E41F-2A91-6078296C3601} - C:\ProgramData\Vaudix\507db73cc0ef3.ocx BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll BHO: Search-Results Toolbar: {31d8407c-62e4-4125-a4a9-717efb1a56ae} - LocalServer32 - <no file> BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120927034708.dll BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Search-Results Toolbar: {31d8407c-62e4-4125-a4a9-717efb1a56ae} - LocalServer32 - <no file> uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent uRun: [µTorrent] "C:\Program Files (x86)\uTorrent\utorrent.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACERVC~1.LNK - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe TCP: NameServer = 192.168.1.254 TCP: Interfaces\{1933CCC1-B4ED-4467-B6FA-E1E989136A27} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{8671C6E9-4C9D-4E3C-B7C9-E33B0621E1EC} : DHCPNameServer = 150.200.3.2 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-mStart Page = hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0Fzy0A0FtD0ByD0B0F0F0DtBtN0D0Tzu0CtBzyyBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1152357215 x64-mDefault_Page_URL = hxxp://acer.msn.com x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120927034708.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" x64-Run: [Power Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\ FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\{ad708c09-d51b-45b3-9d28-4eba2681febf}\plugins\np-mswmp.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2012-09-27 14:21; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor FF - ExtSQL: 2012-10-11 12:30; {33e0daa6-3af3-d8b5-6752-10e949c61516}; C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} FF - ExtSQL: 2012-10-11 12:30; {ad708c09-d51b-45b3-9d28-4eba2681febf}; C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\{ad708c09-d51b-45b3-9d28-4eba2681febf} FF - ExtSQL: 2012-10-16 23:16; 507db73cc0d6f@507db73cc0da8.com; C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\507db73cc0d6f@507db73cc0da8.com FF - ExtSQL: 2012-10-19 12:03; {31d8407c-62e4-4125-a4a9-717efb1a56ae}; C:\Users\auke kim stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0nay9as8.default\extensions\{31d8407c-62e4-4125-a4a9-717efb1a56ae} FF - ExtSQL: !HIDDEN! 2012-10-19 12:03; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\FirefoxExtension . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-6 752672] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-6 335784] R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-6-26 25960] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-4-1 22912] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-4-1 20328] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-4-1 62584] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-3 76448] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-6-26 198784] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-4-1 352336] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-6-26 799848] R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-1 13336] R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-4-1 1817088] R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-4-1 244624] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304] R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-4-1 237920] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-4-1 218320] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2011-4-1 177144] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-2-15 257344] R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2011-4-1 260640] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-30 16120] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-1 2656280] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-3 28832] R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-1-6 69672] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-1 317440] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-1 76912] R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-4-1 56344] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-6 300392] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-6 513456] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-30 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-30 180736] R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-4-1 333928] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-9-27 250808] S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-3 36000] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560] S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-3 298656] S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-3 201376] S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-3 55456] S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-3 154272] S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-3 280224] S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-28 172912] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-22 196440] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-6 106112] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-26 114144] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-29 1255736] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-10-24 10:25:32 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{62DA554F-F74D-4450-9910-A66741899BA5} 2012-10-24 08:35:10 -------- d-----w- C:\Program Files (x86)\Free Window Registry Repair 2012-10-24 08:28:24 -------- d-----w- C:\ProgramData\Systweak 2012-10-24 08:28:23 16896 ----a-w- C:\Windows\System32\sasnative64.exe 2012-10-24 08:28:23 -------- d-----w- C:\Program Files (x86)\Advanced System Protector 2012-10-24 08:28:08 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\Systweak 2012-10-24 08:28:07 17080 ----a-w- C:\Windows\System32\roboot64.exe 2012-10-24 08:28:05 -------- d-----w- C:\Program Files (x86)\RegClean Pro 2012-10-22 18:02:30 196440 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys 2012-10-22 07:20:14 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{C6ED369E-7811-4464-AA98-883ED5CE13E3} 2012-10-21 08:20:59 -------- d-----w- C:\ProgramData\EA Core 2012-10-21 08:07:29 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{737A090F-D8E9-4C85-AB2E-AEC762B263C4} 2012-10-20 08:22:59 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{CD760234-0ACB-4094-8B7E-D0BD66A2AA9E} 2012-10-19 17:13:59 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\Ahead 2012-10-19 15:20:36 106496 ----a-w- C:\Windows\SysWow64\TwnLib20.dll 2012-10-19 15:20:31 476320 ------w- C:\Windows\SysWow64\ImagXpr7.dll 2012-10-19 15:20:31 471040 ------w- C:\Windows\SysWow64\ImagXRA7.dll 2012-10-19 15:20:31 262144 ------w- C:\Windows\SysWow64\ImagXR7.dll 2012-10-19 15:20:31 1568768 ------w- C:\Windows\SysWow64\ImagX7.dll 2012-10-19 10:58:25 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\uTorrent 2012-10-19 10:58:23 -------- d-----w- C:\Program Files (x86)\uTorrent 2012-10-19 10:02:55 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\MusicNet 2012-10-19 10:00:58 -------- d-----w- C:\Program Files (x86)\iMesh Applications 2012-10-19 10:00:17 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\PackageAware 2012-10-19 07:04:32 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{FCA073FC-5000-4FE8-B1BD-7A86BA85C21D} 2012-10-18 06:04:55 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{ED20E30B-A008-4BDE-92AE-5354E347253C} 2012-10-17 15:14:57 -------- d-----w- C:\Program Files (x86)\Origin Games 2012-10-17 15:14:56 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\Origin 2012-10-17 15:14:55 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\Origin 2012-10-17 15:14:39 -------- d-----w- C:\ProgramData\Origin 2012-10-17 15:14:15 -------- d-----w- C:\Program Files (x86)\Origin 2012-10-17 15:10:53 -------- d-----w- C:\ProgramData\Electronic Arts 2012-10-17 15:08:42 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2012-10-17 14:36:53 -------- d-----w- C:\Program Files (x86)\Microsoft WSE 2012-10-17 14:36:24 3977496 ----a-w- C:\Windows\System32\d3dx9_31.dll 2012-10-17 14:36:24 2414360 ----a-w- C:\Windows\SysWow64\d3dx9_31.dll 2012-10-17 07:15:01 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{CD4E421F-7239-4A9B-ACDD-C43E18324176} 2012-10-16 19:29:53 -------- d-----w- C:\ProgramData\Premium 2012-10-16 19:29:50 -------- d-----w- C:\Program Files (x86)\Optimizer Pro 2012-10-16 19:29:27 -------- d-----w- C:\ProgramData\Vaudix 2012-10-16 19:21:36 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0307020.005 2012-10-16 19:21:36 -------- d-----w- C:\Windows\System32\drivers\NSSx64 2012-10-16 19:21:36 -------- d-----w- C:\Program Files (x86)\Norton Security Scan 2012-10-16 19:21:33 -------- d-----w- C:\ProgramData\Norton 2012-10-16 19:21:32 -------- d-----w- C:\ProgramData\NortonInstaller 2012-10-16 19:21:32 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2012-10-16 19:21:07 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\Google 2012-10-16 12:37:04 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{DD376151-DF70-498F-842E-EB8155F74B53} 2012-10-16 07:18:19 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{C8B86756-999A-49E5-9503-3A8D33641D2C} 2012-10-15 07:15:44 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{E7C2DF17-DD5C-41DD-8666-15E444BD5457} 2012-10-15 07:15:44 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{8DD51C3B-41DA-4C26-83AA-A24D754AB378} 2012-10-15 07:15:30 -------- d-----w- C:\Users\auke kim stefan\Tracing 2012-10-11 10:36:13 -------- d-----w- C:\Users\auke kim stefan\Incomplete 2012-10-11 10:35:41 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-10-11 10:35:41 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-10-11 10:35:31 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-10-11 10:30:27 -------- d-----w- C:\Users\auke kim stefan\Shared 2012-10-11 10:30:27 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\LimeWire Music 2012-10-11 10:30:27 -------- d-----w- C:\ProgramData\LimeWire Music 2012-10-10 07:04:03 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-10-10 07:04:02 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-10-10 07:04:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-10-10 07:04:01 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-10-10 07:02:52 715776 ----a-w- C:\Windows\System32\kerberos.dll 2012-10-10 07:02:52 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-10-10 07:02:48 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-10-10 07:02:48 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2012-10-10 07:02:48 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-10-10 07:02:48 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-10-10 07:02:48 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-10-10 07:02:48 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-10-05 19:48:00 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\PokerStars.EU 2012-10-05 19:47:44 -------- d-----w- C:\Program Files (x86)\PokerStars.EU 2012-10-05 19:42:42 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\PokerStars.NET 2012-10-05 19:42:27 -------- d-----w- C:\Program Files (x86)\PokerStars.NET 2012-10-05 13:27:31 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\CrashDumps 2012-10-03 14:48:24 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll 2012-10-03 14:48:24 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll 2012-10-03 10:42:02 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\{A91D54BF-BA3D-4B4D-9038-5F138B25BB7C} 2012-10-03 10:41:50 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\Windows Live Writer 2012-10-03 10:41:50 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\Windows Live Writer 2012-10-01 14:11:41 -------- d-----w- C:\ProgramData\VirtualizedApplications 2012-10-01 08:57:34 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\SoftGrid Client 2012-10-01 08:57:34 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\SoftGrid Client 2012-10-01 08:56:59 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client 2012-10-01 08:56:31 -------- d-----w- C:\Users\auke kim stefan\AppData\Roaming\TP 2012-09-30 01:00:41 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys 2012-09-29 02:47:56 -------- d-----w- C:\Windows\SysWow64\Wat 2012-09-29 02:47:56 -------- d-----w- C:\Windows\System32\Wat 2012-09-29 02:13:34 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2012-09-29 02:09:32 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-09-29 02:09:32 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-09-29 02:09:32 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-09-29 02:09:32 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-09-29 02:09:32 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-09-27 22:39:36 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin 2012-09-27 12:31:51 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-09-27 12:30:35 467456 ----a-w- C:\Windows\System32\drivers\srv.sys 2012-09-27 12:29:48 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2012-09-27 12:29:40 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2012-09-27 12:29:40 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2012-09-27 12:29:40 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll 2012-09-27 12:29:40 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2012-09-27 12:29:40 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2012-09-27 12:29:39 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe 2012-09-27 12:29:39 31232 ----a-w- C:\Windows\System32\prevhost.exe 2012-09-27 12:29:27 723456 ----a-w- C:\Windows\System32\EncDec.dll 2012-09-27 12:29:27 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll 2012-09-27 12:29:25 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll 2012-09-27 12:29:25 634880 ----a-w- C:\Windows\System32\msvcrt.dll 2012-09-27 12:26:35 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2012-09-27 12:26:33 861696 ----a-w- C:\Windows\System32\oleaut32.dll 2012-09-27 12:26:33 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2012-09-27 12:26:33 331776 ----a-w- C:\Windows\System32\oleacc.dll 2012-09-27 12:26:33 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2012-09-27 12:16:37 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-09-27 12:16:37 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-09-27 12:16:37 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-09-27 01:57:06 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\Macromedia 2012-09-27 01:56:36 -------- d-----w- C:\ProgramData\McAfee Security Scan 2012-09-27 01:56:35 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan 2012-09-27 01:56:33 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-27 01:56:33 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-09-27 01:43:29 24376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll 2012-09-27 01:20:18 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-09-27 01:19:45 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-09-27 01:19:10 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-09-27 01:19:10 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-09-26 20:08:41 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\Diagnostics 2012-09-26 19:43:57 -------- d-----w- C:\ProgramData\clear.fi 2012-09-26 19:40:37 -------- d---a-w- C:\book 2012-09-26 19:31:54 26604032 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\SingleImageWW.msi 2012-09-26 19:28:14 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\EgisTec IPS 2012-09-26 19:24:34 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\Acer 2012-09-26 19:24:32 -------- d-----w- C:\Users\auke kim stefan\AppData\Local\PowerCinema 2012-09-26 19:24:08 -------- d-----w- C:\Program Files\Accessory Store 2012-09-26 19:21:52 -------- d-sh--w- C:\Recovery . ==================== Find3M ==================== . 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe 2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll . ============= FINISH: 12:50:06,63 =============== ok dit is de dds
  • wanneer moet ik die andere log posten ?
  • Indien nodig vraag ik er naar dat te posten! We gaan verder kijken. Download [url=http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe][b:70d47a6809]RogueKiller[/b:70d47a6809][/url] naar je bureaublad. Sluit alle overige programma's. Start het programma. [b:70d47a6809][color=blue:70d47a6809]Vista en windows 7 gebruikers -> rechtsklik uitvoeren als administrator[/b:70d47a6809][/color:70d47a6809] Wacht tot de 'Prescan' klaar is. Klik op [b:70d47a6809]scan[/b:70d47a6809] [img:70d47a6809]http://i1224.photobucket.com/albums/ee362/Essexboy3/RogueKiller/RGKRScan.png[/img:70d47a6809] Wacht tot het einde van de scan. Een log wordt aangemaakt en geplaatst op het bureaublad. [b:70d47a6809][color=#008000:70d47a6809]Doe verder nog niks maar plaats eerst de inhoud van dat log in jouw volgende bericht.[/color:70d47a6809][/b:70d47a6809]
  • Beste Abraham, Ik wil me niet tussen het gesprek gooien dat jij en Kim aan het voeren zijn maar, ik wil gewoon even zeggen dat ik net hetzelfde probleem heb. Het probleem is bij mij begonnen na een McAfee update. Ik ben dit forum onderwerp constant aan het volgen voor een mogelijke oplossing. Ik wacht dus mee tot Kim haar probleem is opgelost. Nu heb ik wel een kleine vraag tussendoor; moet ik me zorgen maken om dit probleem? Is het iets gevaarlijk? Is het nog veilig voor mij, om bijvoorbeeld aan online banking te doen? Alvast Bedankt, Sorry voor het storen :)
  • ok heb het gedaan hy had 3 dingen gevonden maar ik heb ze nog niet verwijderd . RogueKiller V8.2.0 [10/22/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website: http://tigzy.geekstogo.com/roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : auke kim stefan [Admin rights] Mode : Scan -- Date : 10/25/2012 18:06:15 ¤¤¤ Bad processes : 1 ¤¤¤ [SUSP PATH] Codec.exe -- C:\ProgramData\Premium\Codec\Codec.exe -> KILLED [TermProc] ¤¤¤ Registry Entries : 3 ¤¤¤ [TASK][SUSP PATH] CodecUpdaterTask{1DE8CA6A-25B3-4612-9199-762CB917D8E6}.job : C:\ProgramData\Premium\Codec\Codec.exe -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6459GSXP +++++ --- User --- [MBR] a284661a23637dcf4d23666f5d93ea1b [BSP] 7109e407d3d8c8ec4d782d0327811e08 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 595018 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt
  • @ Kim: welk codec-pack gebruik jij eigenlijk? En hoe lang zit je nog vast aan McAfee? @ Krikkson, start je eigen topic! Waarom: geen Windows is hetzelfde.
  • goeiemorge nou ik heb sinds kort een nieuwe laptop daar zat volgens mij mcafee by voor 60 dagen ongeveer gratis , en ik gebruik windows 7 home premium maar jij vroeg welk codec pack ik gebruik maar ik weet dat niet .. misschien kan je me vertellen waar ik dat ken zien ?
  • [b:cd76f867e5]C:\ProgramData\Premium\Codec\[/b:cd76f867e5] Ga naar [b:cd76f867e5][color=#0000FF:cd76f867e5]Start\Configuratiescherm[/color:cd76f867e5]\[color=#008000:cd76f867e5]Programma's en onderdelen[/color:cd76f867e5][/b:cd76f867e5] en controleer of jij daar "Premium" vind.
  • nee ik kon daar geen premium tussen vinden
  • We gaan uitgebreid kijken: [b:9a3b7d3f58]Welk programma[/b:9a3b7d3f58]: [color=#008000:9a3b7d3f58][b:9a3b7d3f58]OTL.com[/b:9a3b7d3f58][/color:9a3b7d3f58] [b:9a3b7d3f58]Waarvoor/waarom[/b:9a3b7d3f58]: multifunktioneel tool - analyse en fix [b:9a3b7d3f58]Moeilijkheidsgraad[/b:9a3b7d3f58]: geen. [b:9a3b7d3f58]Download[/b:9a3b7d3f58]: [url=http://oldtimer.geekstogo.com/OTL.com][b:9a3b7d3f58][color=red:9a3b7d3f58]OTL[/color:9a3b7d3f58][/b:9a3b7d3f58][/url] en plaats het bestand op het bureaublad. [b:9a3b7d3f58][color=#008000:9a3b7d3f58]OTL.com[/color:9a3b7d3f58] gebruiken[/b:9a3b7d3f58]: [list:9a3b7d3f58][*:9a3b7d3f58] [b:9a3b7d3f58][color=#0000FF:9a3b7d3f58]Sluit nu eerst alle nog openstaande programmavensters![/color:9a3b7d3f58][/b:9a3b7d3f58] [list:9a3b7d3f58][*:9a3b7d3f58][b:9a3b7d3f58][color=#0000FF:9a3b7d3f58]Windows 2000[/color:9a3b7d3f58][/b:9a3b7d3f58] en [color=#0000FF:9a3b7d3f58][b:9a3b7d3f58]Windows XP[/b:9a3b7d3f58][/color:9a3b7d3f58]: dubbelklik op [color=#008000:9a3b7d3f58][b:9a3b7d3f58]OTL[/b:9a3b7d3f58][/color:9a3b7d3f58]. [*:9a3b7d3f58][color=#0000FF:9a3b7d3f58][b:9a3b7d3f58]Windows Vista[/b:9a3b7d3f58][/color:9a3b7d3f58] en [color=#0000FF:9a3b7d3f58][b:9a3b7d3f58]Windows 7[/b:9a3b7d3f58][/color:9a3b7d3f58]: via rechtsklik op [color=#008000:9a3b7d3f58][b:9a3b7d3f58]OTL.[/b:9a3b7d3f58][/color:9a3b7d3f58] en kies voor "Als Administrator uitvoeren".[/list:u:9a3b7d3f58][/list:u:9a3b7d3f58] [list:9a3b7d3f58][*:9a3b7d3f58]Zet een vinkje bij [color=#0000FF:9a3b7d3f58][b:9a3b7d3f58]Scan All Users[/b:9a3b7d3f58][/color:9a3b7d3f58]. [*:9a3b7d3f58]Klik vervolgens op de knop [img:9a3b7d3f58]http://www.imgdumper.nl/uploads5/4f9112fd1172c/4f9112fd11340-OTL-3.png[/img:9a3b7d3f58]. [*:9a3b7d3f58]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:9a3b7d3f58]De scan zal niet heel erg lang duren. [list:9a3b7d3f58][*:9a3b7d3f58]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:9a3b7d3f58]OTL.Txt[/b:9a3b7d3f58] en [b:9a3b7d3f58]Extras.txt[/b:9a3b7d3f58]. [*:9a3b7d3f58]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:9a3b7d3f58] [*:9a3b7d3f58][color=#008000:9a3b7d3f58][b:9a3b7d3f58]Notabene:[/b:9a3b7d3f58][/color:9a3b7d3f58] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:9a3b7d3f58]
  • OTL logfile created on: 10/28/2012 8:34:04 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\auke kim stefan\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 5.86 Gb Total Physical Memory | 3.66 Gb Available Physical Memory | 62.46% Memory free 11.71 Gb Paging File | 9.13 Gb Available in Paging File | 78.02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.07 Gb Total Space | 516.23 Gb Free Space | 88.84% Space Free | Partition Type: NTFS Drive D: | 5.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: AUKEKIMSTEFAN | User Name: auke kim stefan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:0cf583b951]========== Processes (SafeList) ==========[/color:0cf583b951] PRC - [2012/10/28 08:33:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auke kim stefan\Desktop\OTL.com PRC - [2012/10/09 17:27:39 | 000,692,152 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe PRC - [2012/09/19 15:50:47 | 000,233,472 | ---- | M] () -- C:\ProgramData\Premium\Codec\Codec.exe PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/06/17 18:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe PRC - [2011/03/14 12:44:38 | 000,414,800 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011/03/14 12:44:38 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011/03/14 12:44:36 | 001,081,424 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2011/03/14 12:44:36 | 000,352,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2011/03/02 05:23:36 | 000,391,432 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe PRC - [2011/03/02 05:23:36 | 000,259,336 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe PRC - [2011/02/25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2011/02/22 18:02:16 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe PRC - [2011/02/22 18:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe PRC - [2011/02/19 00:21:22 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe PRC - [2011/02/18 16:20:54 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011/02/18 16:20:50 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2011/02/15 19:36:10 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2011/02/15 19:35:34 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe PRC - [2011/02/01 22:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011/02/01 22:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011/01/31 21:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2010/12/27 09:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe PRC - [2010/10/05 22:46:10 | 000,704,104 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe PRC - [2010/09/28 03:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe PRC - [2010/09/18 00:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010/09/18 00:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010/04/27 03:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010/01/30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2006/07/02 17:29:46 | 000,174,163 | ---- | M] () -- C:\Program Files (x86)\uTorrent\utorrent.exe [color=#E56717:0cf583b951]========== Modules (No Company Name) ==========[/color:0cf583b951] MOD - [2012/10/16 20:36:28 | 000,129,024 | ---- | M] () -- C:\ProgramData\Vaudix\507db73cc0ef3.ocx MOD - [2012/10/04 07:16:06 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll MOD - [2012/10/04 07:16:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/10/04 07:16:01 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012/10/04 07:16:01 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9c5c9e0b5972a39696939f7009df4a08\IAStorCommon.ni.dll MOD - [2012/10/04 07:15:59 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c4621632eccd0b813535a27e737a8a03\IAStorUtil.ni.dll MOD - [2012/10/04 07:15:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/10/04 07:15:50 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/10/04 07:15:45 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c764ad83cd3287fc59a3dc02e08ad1ea\System.Xml.ni.dll MOD - [2012/10/04 07:15:43 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/10/04 07:15:42 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/10/04 07:15:36 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/06/26 00:52:23 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2011/03/11 14:33:50 | 000,238,056 | ---- | M] () -- c:\Program Files\mcafee\msk\mskapbho.dll MOD - [2011/02/22 18:01:38 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll MOD - [2011/02/22 18:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe MOD - [2011/02/15 19:37:10 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll MOD - [2010/11/13 00:33:28 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2006/07/02 17:29:46 | 000,174,163 | ---- | M] () -- C:\Program Files (x86)\uTorrent\utorrent.exe [color=#E56717:0cf583b951]========== Services (SafeList) ==========[/color:0cf583b951] SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/09/10 16:47:50 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:52:28 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:49:24 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:47:42 | 000,237,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/28 17:41:00 | 000,799,848 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/01/31 21:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/12/17 00:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/11/29 23:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/10/09 17:27:58 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/09/06 02:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/06/26 00:35:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/06/17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService) SRV - [2011/03/14 12:44:36 | 000,352,336 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2011/03/03 03:32:32 | 000,076,448 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2011/03/02 05:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/02/25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2011/02/18 16:20:54 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011/02/15 19:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011/02/01 22:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011/02/01 22:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/12/27 09:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2010/09/28 02:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/30 00:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:0cf583b951]========== Driver Services (SafeList) ==========[/color:0cf583b951] DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:55:40 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:52:38 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:51:16 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:50:36 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:49:36 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:48:54 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/17 13:48:34 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/04/20 15:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/04/01 15:11:44 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/04/01 15:11:44 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/04/01 15:11:44 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/27 00:19:50 | 012,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/25 03:49:24 | 001,583,744 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/10 05:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/10 05:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/03 03:32:48 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/03 03:32:48 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/03 03:32:48 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/03 03:32:46 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/03 03:32:46 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/03 03:32:46 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/03/03 03:32:46 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/02/21 08:30:54 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/02/18 16:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/01/13 12:46:18 | 001,412,144 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2011/01/12 09:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/11/29 23:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/11/08 05:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/10/15 09:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/09/30 06:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/09/30 06:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2010/05/11 11:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:0cf583b951]64bit:[/b:0cf583b951] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717:0cf583b951]========== Standard Registry (SafeList) ==========[/color:0cf583b951] [color=#E56717:0cf583b951]========== Internet Explorer ==========[/color:0cf583b951] IE:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0Fzy0A0FtD0ByD0B0F0F0DtBtN0D0Tzu0CtBzyyBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1152357215 IE:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\URLSearchHook: {37e17185-b07a-47b3-bd86-c675e4e4b89a} - No CLSID value found IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\SearchScopes,DefaultScope = {049D3908-D026-421B-A737-7B02D10145E1} IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\SearchScopes\{049D3908-D026-421B-A737-7B02D10145E1}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415 IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717:0cf583b951]========== FireFox ==========[/color:0cf583b951] FF - prefs.js..extensions.enabledAddons: {33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1 FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0 FF - prefs.js..extensions.enabledAddons: {ad708c09-d51b-45b3-9d28-4eba2681febf}:10.10.27.6 FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0 FF - user.js - File not found FF:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/09/27 13:21:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/27 02:47:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/10/22 20:39:43 | 000,000,000 | ---D | M] [2012/10/19 11:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auke kim stefan\AppData\Roaming\mozilla\Extensions [2012/10/24 11:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\auke kim stefan\AppData\Roaming\mozilla\Firefox\Profiles\0nay9as8.default\extensions [2012/10/19 11:03:06 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\auke kim stefan\AppData\Roaming\mozilla\Firefox\Profiles\0nay9as8.default\extensions\{31d8407c-62e4-4125-a4a9-717efb1a56ae} [2012/10/16 22:16:49 | 000,000,000 | ---D | M] (Vaudix) -- C:\Users\auke kim stefan\AppData\Roaming\mozilla\Firefox\Profiles\0nay9as8.default\extensions\507db73cc0d6f@507db73cc0da8.com [2012/10/19 11:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions File not found (No name found) -- C:\PROGRAM FILES (X86)\IMESH APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION [2012/09/27 13:21:21 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR File not found (No name found) -- C:\USERS\AUKE KIM STEFAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0NAY9AS8.DEFAULT\EXTENSIONS\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} File not found (No name found) -- C:\USERS\AUKE KIM STEFAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0NAY9AS8.DEFAULT\EXTENSIONS\{AD708C09-D51B-45B3-9D28-4EBA2681FEBF} [2012/09/06 02:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll [2012/09/06 02:53:58 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/09/06 02:53:58 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml [2012/09/06 02:53:58 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml [2012/09/06 02:53:58 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b:0cf583b951]64bit:[/b:0cf583b951] - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found. O2:[b:0cf583b951]64bit:[/b:0cf583b951] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120927034708.dll (McAfee, Inc.) O2:[b:0cf583b951]64bit:[/b:0cf583b951] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Vaudix Class) - {1C24321E-DE31-E41F-2A91-6078296C3601} - C:\ProgramData\Vaudix\507db73cc0ef3.ocx () O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll () O2 - BHO: (Search-Results Toolbar) - {31d8407c-62e4-4125-a4a9-717efb1a56ae} - Reg Error: Value error. File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120927034708.dll (McAfee, Inc.) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O3:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {31d8407c-62e4-4125-a4a9-717efb1a56ae} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\Toolbar\WebBrowser: (no name) - {37E17185-B07A-47B3-BD86-C675E4E4B89A} - No CLSID value found. O4:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000..\Run: [µTorrent] C:\Program Files (x86)\uTorrent\utorrent.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:[b:0cf583b951]64bit:[/b:0cf583b951] - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe File not found O10:[b:0cf583b951]64bit:[/b:0cf583b951] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b:0cf583b951]64bit:[/b:0cf583b951] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1933CCC1-B4ED-4467-B6FA-E1E989136A27}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8671C6E9-4C9D-4E3C-B7C9-E33B0621E1EC}: DhcpNameServer = 150.200.3.2 O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Handler\livecall - No CLSID value found O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Handler\msnim - No CLSID value found O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Handler\skype4com - No CLSID value found O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies) O18:[b:0cf583b951]64bit:[/b:0cf583b951] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) O20:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b:0cf583b951]64bit:[/b:0cf583b951] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b:0cf583b951]64bit:[/b:0cf583b951] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/09/16 08:07:13 | 000,054,544 | R--- | M] (Electronic Arts) - D:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2011/09/16 05:58:13 | 000,000,049 | R--- | M] () - D:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{9d06efa4-9f7e-11e0-be79-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{9d06efa4-9f7e-11e0-be79-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2011/09/16 08:07:13 | 000,054,544 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\..comfile [open] -- "%1" %* O35:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:0cf583b951]64bit:[/b:0cf583b951] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717:0cf583b951]========== Files/Folders - Created Within 30 Days ==========[/color:0cf583b951] [2012/10/28 08:32:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\auke kim stefan\Desktop\OTL.com [2012/10/26 20:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2012/10/26 09:08:35 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{3FEF19B9-CA15-4CE0-B180-7A3A1265ACC5} [2012/10/25 17:30:11 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{AEF41FF1-61BA-449F-A85D-1A0597AFB8DF} [2012/10/25 17:09:32 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Documents\CyberLink [2012/10/25 17:09:27 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\Cyberlink [2012/10/25 17:09:18 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\PowerCinema [2012/10/25 17:05:10 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Desktop\RK_Quarantine [2012/10/24 20:47:36 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\Apple Computer [2012/10/24 20:47:36 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\Apple Computer [2012/10/24 20:47:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/10/24 20:47:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012/10/24 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/10/24 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/10/24 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/10/24 20:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012/10/24 20:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012/10/24 20:46:15 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\Apple [2012/10/24 20:46:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012/10/24 20:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012/10/24 20:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012/10/24 20:45:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012/10/24 20:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012/10/24 20:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012/10/24 17:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Business Edition v3.22.1800 Final Full [2012/10/24 17:56:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner Business Edition v3.22.1800 Final Full [2012/10/24 11:48:26 | 000,687,724 | R--- | C] (Swearware) -- C:\Users\auke kim stefan\Desktop\dds.com [2012/10/24 11:25:32 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{62DA554F-F74D-4450-9910-A66741899BA5} [2012/10/24 09:35:12 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair [2012/10/24 09:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair [2012/10/24 09:35:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Window Registry Repair [2012/10/24 09:28:08 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\Systweak [2012/10/24 09:28:07 | 000,017,080 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe [2012/10/24 09:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro [2012/10/24 09:28:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegClean Pro [2012/10/22 19:02:30 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys [2012/10/22 08:20:14 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{C6ED369E-7811-4464-AA98-883ED5CE13E3} [2012/10/21 09:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2012/10/21 09:07:29 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{737A090F-D8E9-4C85-AB2E-AEC762B263C4} [2012/10/20 15:21:04 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Documents\Electronic Arts [2012/10/20 09:22:59 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{CD760234-0ACB-4094-8B7E-D0BD66A2AA9E} [2012/10/19 18:13:59 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\Ahead [2012/10/19 16:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012/10/19 16:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012/10/19 16:20:36 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\Windows\SysWow64\TwnLib20.dll [2012/10/19 16:20:31 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\ImagX7.dll [2012/10/19 16:20:31 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\ImagXpr7.dll [2012/10/19 16:20:31 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\ImagXRA7.dll [2012/10/19 16:20:31 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\Windows\SysWow64\ImagXR7.dll [2012/10/19 16:20:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2012/10/19 16:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ahead [2012/10/19 12:26:49 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Documents\Downloads [2012/10/19 11:58:25 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\uTorrent [2012/10/19 11:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent [2012/10/19 11:58:23 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent [2012/10/19 11:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\µTorrent [2012/10/19 11:02:55 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\MusicNet [2012/10/19 11:02:53 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Documents\My Received Files [2012/10/19 11:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iMesh Applications [2012/10/19 11:00:17 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\PackageAware [2012/10/19 08:04:32 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{FCA073FC-5000-4FE8-B1BD-7A86BA85C21D} [2012/10/18 12:02:21 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Desktop\kim muziek [2012/10/18 07:04:55 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{ED20E30B-A008-4BDE-92AE-5354E347253C} [2012/10/17 16:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2012/10/17 16:14:56 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\Origin [2012/10/17 16:14:55 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\Origin [2012/10/17 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012/10/17 16:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012/10/17 16:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2012/10/17 16:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012/10/17 16:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2012/10/17 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE [2012/10/17 15:16:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2012/10/17 08:15:01 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{CD4E421F-7239-4A9B-ACDD-C43E18324176} [2012/10/16 21:03:30 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012/10/16 20:29:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium [2012/10/16 20:29:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro [2012/10/16 20:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Vaudix [2012/10/16 20:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vaudix [2012/10/16 20:21:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan [2012/10/16 20:21:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64 [2012/10/16 20:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan [2012/10/16 20:21:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0307020.005 [2012/10/16 20:21:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2012/10/16 20:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2012/10/16 20:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2012/10/16 20:21:07 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\Google [2012/10/16 13:37:04 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{DD376151-DF70-498F-842E-EB8155F74B53} [2012/10/16 08:18:19 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{C8B86756-999A-49E5-9503-3A8D33641D2C} [2012/10/15 08:15:44 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{E7C2DF17-DD5C-41DD-8666-15E444BD5457} [2012/10/15 08:15:44 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{8DD51C3B-41DA-4C26-83AA-A24D754AB378} [2012/10/15 08:15:30 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Tracing [2012/10/11 11:36:13 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Incomplete [2012/10/11 11:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012/10/11 11:35:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/10/11 11:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012/10/11 11:30:27 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\Shared [2012/10/11 11:30:27 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\LimeWire Music [2012/10/11 11:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\LimeWire Music [2012/10/05 20:48:00 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\PokerStars.EU [2012/10/05 20:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU [2012/10/05 20:47:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.EU [2012/10/05 20:42:42 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\PokerStars.NET [2012/10/05 20:42:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET [2012/10/05 14:27:31 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\CrashDumps [2012/10/03 15:48:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012/10/03 11:42:02 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\{A91D54BF-BA3D-4B4D-9038-5F138B25BB7C} [2012/10/03 11:41:50 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\Windows Live Writer [2012/10/03 11:41:50 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\Windows Live Writer [2012/10/03 07:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012/10/02 22:54:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012/10/01 15:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications [2012/10/01 10:02:39 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012/10/01 09:57:34 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\SoftGrid Client [2012/10/01 09:57:34 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Local\SoftGrid Client [2012/10/01 09:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Nederlands) [2012/10/01 09:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012/10/01 09:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012/10/01 09:56:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client [2012/10/01 09:56:31 | 000,000,000 | ---D | C] -- C:\Users\auke kim stefan\AppData\Roaming\TP [2012/09/29 03:47:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012/09/29 03:47:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [color=#E56717:0cf583b951]========== Files - Modified Within 30 Days ==========[/color:0cf583b951] [2012/10/28 08:33:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\auke kim stefan\Desktop\OTL.com [2012/10/28 08:33:02 | 001,550,774 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/10/28 08:33:02 | 000,702,008 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2012/10/28 08:33:02 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/10/28 08:33:02 | 000,133,750 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2012/10/28 08:33:02 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/10/28 08:30:49 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini [2012/10/28 08:30:40 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/10/27 22:02:25 | 000,000,468 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for auke kim stefan.job [2012/10/27 18:33:49 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job [2012/10/26 20:07:05 | 000,001,832 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk [2012/10/26 09:15:04 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/10/26 09:15:04 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/10/26 09:07:51 | 000,000,384 | -H-- | M] () -- C:\Windows\tasks\CodecUpdaterTask{1DE8CA6A-25B3-4612-9199-762CB917D8E6}.job [2012/10/26 09:07:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/10/26 09:07:41 | 420,368,383 | -HS- | M] () -- C:\hiberfil.sys [2012/10/25 17:28:37 | 000,001,700 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin [2012/10/24 20:47:34 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/10/24 17:56:38 | 000,002,422 | ---- | M] () -- C:\Users\auke kim stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\More New Software Only Here Full Version.lnk [2012/10/24 17:56:38 | 000,002,248 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner Business Edition v3.22.1800 Final Full.lnk [2012/10/24 11:48:28 | 000,687,724 | R--- | M] (Swearware) -- C:\Users\auke kim stefan\Desktop\dds.com [2012/10/24 11:24:23 | 000,000,304 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2012/10/24 09:35:12 | 000,001,039 | ---- | M] () -- C:\Users\auke kim stefan\Desktop\Free Window Registry Repair.lnk [2012/10/24 09:34:56 | 000,290,500 | ---- | M] () -- C:\Users\auke kim stefan\AppData\Local\funmoods-speeddial_sf.crx [2012/10/24 09:28:07 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\RegClean Pro.lnk [2012/10/23 20:09:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012/10/19 16:21:34 | 000,001,618 | ---- | M] () -- C:\Users\auke kim stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk [2012/10/19 16:21:34 | 000,001,594 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2012/10/19 11:58:59 | 000,000,951 | ---- | M] () -- C:\Users\auke kim stefan\Desktop\µTorrent.lnk [2012/10/19 11:03:18 | 000,004,608 | ---- | M] () -- C:\Users\auke kim stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/10/17 17:11:24 | 000,002,224 | ---- | M] () -- C:\Users\Public\Desktop\De Sims™ 3 Beestenbende.lnk [2012/10/17 16:44:25 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\De Sims™ 3 Luxe Accessoires.lnk [2012/10/17 16:18:34 | 000,002,322 | ---- | M] () -- C:\Users\Public\Desktop\De Sims™ 3 Buitenleven Accessoires.lnk [2012/10/17 16:14:44 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2012/10/17 15:36:13 | 000,002,080 | ---- | M] () -- C:\Users\Public\Desktop\De Sims™ 3.lnk [2012/10/16 20:21:40 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2012/10/11 11:30:54 | 000,000,009 | ---- | M] () -- C:\END [2012/10/05 20:48:00 | 000,001,116 | ---- | M] () -- C:\Users\auke kim stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStars.eu.lnk [2012/10/05 20:48:00 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk [2012/10/03 15:46:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012/10/03 07:03:17 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2012/10/03 07:03:17 | 000,002,098 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012/10/02 07:03:52 | 001,552,144 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/09/29 03:50:06 | 000,283,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [color=#E56717:0cf583b951]========== Files Created - No Company Name ==========[/color:0cf583b951] [2012/10/25 17:24:20 | 000,001,700 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin [2012/10/24 20:47:34 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/10/24 20:46:10 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012/10/24 17:56:38 | 000,002,422 | ---- | C] () -- C:\Users\auke kim stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\More New Software Only Here Full Version.lnk [2012/10/24 17:56:38 | 000,002,410 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More New Software Only Here Full Version.lnk [2012/10/24 17:56:38 | 000,002,248 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner Business Edition v3.22.1800 Final Full.lnk [2012/10/24 09:35:12 | 000,001,039 | ---- | C] () -- C:\Users\auke kim stefan\Desktop\Free Window Registry Repair.lnk [2012/10/24 09:34:58 | 000,290,500 | ---- | C] () -- C:\Users\auke kim stefan\AppData\Local\funmoods-speeddial_sf.crx [2012/10/24 09:28:12 | 000,000,304 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2012/10/24 09:28:12 | 000,000,296 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job [2012/10/24 09:28:07 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\RegClean Pro.lnk [2012/
  • [2012/10/16 20:21:40 | 000,001,347 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2012/10/16 20:21:36 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0307020.005\isolate.ini [2012/10/11 11:30:51 | 000,000,009 | ---- | C] () -- C:\END [2012/10/05 20:48:00 | 000,001,116 | ---- | C] () -- C:\Users\auke kim stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStars.eu.lnk [2012/10/05 20:48:00 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk [2012/10/03 15:52:21 | 000,091,943 | ---- | C] () -- C:\Users\auke kim stefan\Desktop\id 0010.jpg [2012/10/03 15:46:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012/10/01 09:57:06 | 001,552,144 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/01 15:13:56 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011/04/01 15:13:29 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/04/01 15:13:28 | 000,214,760 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/04/01 15:13:27 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011/04/01 15:13:26 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/04/01 15:13:25 | 013,355,008 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011/04/01 14:45:30 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717:26c92cd3f1]========== ZeroAccess Check ==========[/color:26c92cd3f1] [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717:26c92cd3f1]========== LOP Check ==========[/color:26c92cd3f1] [2012/10/11 20:50:11 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\LimeWire Music [2012/10/19 11:02:55 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\MusicNet [2012/10/17 16:14:55 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\Origin [2012/10/25 17:09:27 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\PowerCinema [2012/10/22 20:38:51 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\SoftGrid Client [2012/10/25 17:22:12 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\Systweak [2012/10/01 09:57:42 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\TP [2012/10/28 08:42:00 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\uTorrent [2012/10/03 11:44:03 | 000,000,000 | ---D | M] -- C:\Users\auke kim stefan\AppData\Roaming\Windows Live Writer [color=#E56717:26c92cd3f1]========== Purity Check ==========[/color:26c92cd3f1] < End of report >
  • sorry er miste een stukje tussen de 2 berichten van de log 2012/10/23 20:09:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012/10/19 16:21:34 | 000,001,618 | ---- | C] () -- C:\Users\auke kim stefan\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk [2012/10/19 16:21:34 | 000,001,594 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2012/10/19 11:58:59 | 000,000,951 | ---- | C] () -- C:\Users\auke kim stefan\Desktop\µTorrent.lnk [2012/10/19 11:03:16 | 000,004,608 | ---- | C] () -- C:\Users\auke kim stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/10/17 17:11:24 | 000,002,224 | ---- | C] () -- C:\Users\Public\Desktop\De Sims™ 3 Beestenbende.lnk [2012/10/17 16:44:25 | 000,002,242 | ---- | C] () -- C:\Users\Public\Desktop\De Sims™ 3 Luxe Accessoires.lnk [2012/10/17 16:18:34 | 000,002,322 | ---- | C] () -- C:\Users\Public\Desktop\De Sims™ 3 Buitenleven Accessoires.lnk [2012/10/17 16:14:44 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2012/10/17 15:36:13 | 000,002,080 | ---- | C] () -- C:\Users\Public\Desktop\De Sims™ 3.lnk [2012/10/16 20:29:53 | 000,000,384 | -H-- | C] () -- C:\Windows\tasks\CodecUpdaterTask{1DE8CA6A-25B3-4612-9199-762CB917D8E6}.job [2012/10/16 20:21:44 | 000,000,468 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for auke kim stefan.job
  • OTL Extras logfile created on: 10/28/2012 8:34:04 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\auke kim stefan\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 5.86 Gb Total Physical Memory | 3.66 Gb Available Physical Memory | 62.46% Memory free 11.71 Gb Paging File | 9.13 Gb Available in Paging File | 78.02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.07 Gb Total Space | 516.23 Gb Free Space | 88.84% Space Free | Partition Type: NTFS Drive D: | 5.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: AUKEKIMSTEFAN | User Name: auke kim stefan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:dfe624f949]========== Extra Registry (SafeList) ==========[/color:dfe624f949] [color=#E56717:dfe624f949]========== File Associations ==========[/color:dfe624f949] [b:dfe624f949]64bit:[/b:dfe624f949] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3127137148-2063120421-2372182248-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717:dfe624f949]========== Shell Spawning ==========[/color:dfe624f949] [b:dfe624f949]64bit:[/b:dfe624f949] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717:dfe624f949]========== Security Center Settings ==========[/color:dfe624f949] [b:dfe624f949]64bit:[/b:dfe624f949] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b:dfe624f949]64bit:[/b:dfe624f949] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b:dfe624f949]64bit:[/b:dfe624f949] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b:dfe624f949]64bit:[/b:dfe624f949] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717:dfe624f949]========== Firewall Settings ==========[/color:dfe624f949] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717:dfe624f949]========== Authorized Applications List ==========[/color:dfe624f949] [color=#E56717:dfe624f949]========== Vista Active Open Ports Exception List ==========[/color:dfe624f949] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{09F81E2B-730F-4053-8D86-D04B931C55B0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1AD2FE0C-C241-4E05-AF7B-FC7E25A7B8B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{347C07D9-C712-42BD-BA3C-36C0C91CB55F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{366A72F0-A4E4-4D91-9C55-7784B7DA5707}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3C5EB5D7-B2C0-4349-B090-58B029264096}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{55DF7AD5-819E-4ECE-ABC5-10EB41D80C21}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{578A1940-DAFE-42C0-AEC4-96EEF52BC60D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{57B7F315-ED86-45D9-B79F-4C02DA3FCB70}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6CE73E73-1E0C-4670-A5C9-265C4FA2C1B6}" = rport=139 | protocol=6 | dir=out | app=system | "{6EC6D0FE-4698-4A9E-880F-C43B4116F72D}" = lport=137 | protocol=17 | dir=in | app=system | "{71A54C0C-51A2-4C26-B16A-CA24918BFEA0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{93F08D5F-CBEE-481F-BC9C-6F90A71B81BA}" = lport=10243 | protocol=6 | dir=in | app=system | "{AE82B5B3-6DE3-4825-B11D-74389A4CEDBA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{B0015E61-3993-438B-B0B7-A6FEE7848A18}" = lport=138 | protocol=17 | dir=in | app=system | "{BBD1FBC3-23E7-4E31-A615-D78F93BE314A}" = lport=445 | protocol=6 | dir=in | app=system | "{BE5179B8-0D2B-488C-9F48-BA74EAEB01A3}" = rport=445 | protocol=6 | dir=out | app=system | "{BFB4C684-DA12-4C68-A1E4-A6ED93B26A41}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C3BFFEEB-2AEE-4EA9-A9A3-B039D68BB1E9}" = lport=139 | protocol=6 | dir=in | app=system | "{DD398207-87F8-4AD9-959B-3D0EB9BFC1F8}" = rport=10243 | protocol=6 | dir=out | app=system | "{E57A0E99-AD3C-438A-95DE-D62252DDDD3B}" = lport=2869 | protocol=6 | dir=in | app=system | "{ED2B8B1F-BE46-4642-8DC8-5FCDFAF39F91}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F2C71EBF-7C53-496F-94A8-9811EA6723F8}" = rport=137 | protocol=17 | dir=out | app=system | "{F58BEC6C-0360-4BB3-9626-83384EF98373}" = rport=138 | protocol=17 | dir=out | app=system | [color=#E56717:dfe624f949]========== Vista Active Application Exception List ==========[/color:dfe624f949] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06F48F87-0115-4B52-8A89-01746FD1C179}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{09DC236E-C76E-47C4-BCEA-77D410302C3F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{15EE1AED-A4EF-44AE-A0F8-E61BD4E53D0D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{1CDC14CC-CCDF-409F-BDC5-E48B65427C4E}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe | "{1D094E16-ED38-4B89-96E7-3CFA0BD31E43}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe | "{1FEBC03C-A4B9-437C-8040-D25D54FDBDEB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{208BBA29-005B-4470-90A1-D0C3B8B25087}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2B2872E5-B45E-461D-BB47-478DEECB58D6}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe | "{2D940864-1C93-41B0-9F7A-D79E4EEA87BA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3267B84C-013F-438B-9DB0-C2B1E32C5043}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{35781DCE-BD32-44BE-AD65-EEAB1BFB4B1D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3715FBFB-4A31-4C4F-9B97-EF86A9524A50}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{38E72B73-96F6-4A8F-A97B-8CB2B01AF439}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{3BD33EC7-8F45-40EA-AE00-D53239596BF5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3CD836C0-78D3-4959-BCF5-A4C00165AD70}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{3FF71C03-262D-4BF9-9441-23C61FC3965A}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe | "{4499AF09-05AA-4140-BC6E-20455C25E2ED}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{4A5FAF2E-DFDB-43AD-94A2-EB2BFDB63ED0}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{51A87F49-0767-4E48-8369-FE5CD74B0E46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{53B5B8D4-53A5-4C71-B71B-4D365D2884E4}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe | "{5C56D019-642F-4E81-A3C3-D1EF7ED79A25}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6487CC03-51EA-40B5-8364-D4E1DC3BE2E5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{74B06594-9A5D-4605-89E1-B53AC0CEFE52}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{81334AE0-7A0E-40E2-85B6-CBD896DB68EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{83558086-592B-45B8-9C20-EFDAD290D106}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{890EDAB2-C11C-4E11-AB83-D9F48B502809}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8AC6344B-B1E7-4709-8942-9D9C3B12BC46}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{8FF411B6-FFA7-4F87-AB9B-E3593463210B}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe | "{91B94588-4B42-443F-96C3-11BC97502085}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B45B8A31-48F9-41E8-938E-53D4393BA794}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe | "{B530BDA4-AA72-4D48-9953-4E725A330461}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B74845CA-0D84-4567-BC91-138454D28364}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C32904CB-EC64-4671-BD9A-163D0CA422B7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C8EE491B-3F4F-4754-8442-C208822C48C4}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe | "{CBEE4766-08AE-4F8F-9AAE-8C822307319D}" = protocol=6 | dir=out | app=system | "{CF5CC0D8-EA5B-489B-AEF0-5304AE042784}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{DA48BE66-F862-452A-8F0D-93ED398A84E3}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{E21762CA-C654-4CDB-A031-065ECC8803DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E8EDA248-1EE7-40C8-BC28-7317B33CAB67}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{EA184EEE-CE2D-4D4F-BBDC-1600281773F0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{F093EC50-9475-4A26-9ACA-7418428A3C95}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{F2A7E1EA-010E-4D0C-B797-3BEA380ED206}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{5EA25397-0C7C-4C27-8B50-666E53E34926}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "UDP Query User{D2784941-CEEE-4310-A44D-1525750DD2C5}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | [color=#E56717:dfe624f949]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:dfe624f949] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes "{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64) "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources "{90140000-006D-0413-1000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources "{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources "{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0 "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "CNXT_AUDIO_HDA" = Conexant HD Audio "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM "{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials "{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common "{0785A0B6-07DF-43CF-B147-E1EB4CEA0345}" = Windows Live Messenger "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3 "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{117B6BF6-82C3-420C-B284-9247C8568E53}" = De Sims™ 3 Buitenleven Accessoires "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = MediaEspresso "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker "{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger "{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4 "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5D90ABE5-8A35-4947-8269-6F40BCE47A95}" = Windows Live Messenger "{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{681002C6-5019-81A2-7871-A43754F71E56}" = Vaudix "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger "{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = De Sims™ 3 Luxe Accessoires "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Po¨ta Windows Live "{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources "{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}" = Flip Words "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}" = Bejeweled 2 Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112623650}" = Belles Beauty Boutique "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117897550}" = 1912 Titanic Mystery "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117932650}" = Sprill and Ritchie "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118399487}" = Farm Frenzy 3 Ice Age "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery "{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources "{90140011-0066-0413-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Nederlands "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common "{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources "{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = De Sims™ 3 "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C12631C6-804D-4B32-B0DD-8A496462F106}" = De Sims™ 3 Beestenbende "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C97623E2-0614-4845-B199-8E8BEC8E131C}_is1" = Acer GameZone Console "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F13587F7-AA4C-4C2E-AE7D-F33F3CCE57A9}" = Windows Live Messenger "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}" = Acer USB Charge Manager "{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCBC19F7-E068-4B7A-ACBB-CE9CCEB4B21F}" = Windows Live Messenger "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "CCleaner Business Edition v3.22.1800 Final Full" = CCleaner Business Edition v3.22.1800 Final Full "Free Window Registry Repair" = Free Window Registry Repair "Identity Card" = Identity Card "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager "InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "LManager" = Launch Manager "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox 15.0.1 (x86 nl)" = Mozilla Firefox 15.0.1 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSC" = McAfee Internet Security Suite "NeroMultiInstaller!UninstallKey" = Nero Suite "NSS" = Norton Security Scan "Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010 "Origin" = Origin "PokerStars.eu" = PokerStars.eu "RegClean Pro_is1" = RegClean Pro "uTorrent" = µTorrent "WinLiveSuite" = Windows Live Essentials [color=#E56717:dfe624f949]========== Last 20 Event Log Errors ==========[/color:dfe624f949] [ Application Events ] Error - 10/18/2012 3:46:06 PM | Computer Name = aukekimstefan | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: iexplore.exe, versie: 9.0.8112.16450, tijdstempel: 0x503723f6 Naam van module met fout: 507db73cc0ef3.ocx, versie: 1.0.0.7, tijdstempel: 0x50647ac2 Uitzonderingscode: 0xc0000005 Foutoffset: 0x000059ae Id van proces met fout: 0x1644 Starttijd van toepassing met fout: 0x01cdad692f361c1a Pad naar toepassing met fout: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pad naar module met fout: C:\ProgramData\Vaudix\507db73cc0ef3.ocx Rapport-id: 74667fbe-195c-11e2-9609-b870f4a46fc0 Error - 10/18/2012 3:46:10 PM | Computer Name = aukekimstefan | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: iexplore.exe, versie: 9.0.8112.16450, tijdstempel: 0x503723f6 Naam van module met fout: 507db73cc0ef3.ocx, versie: 1.0.0.7, tijdstempel: 0x50647ac2 Uitzonderingscode: 0xc0000005 Foutoffset: 0x000059ae Id van proces met fout: 0x1900 Starttijd van toepassing met fout: 0x01cdad6938663beb Pad naar toepassing met fout: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pad naar module met fout: C:\ProgramData\Vaudix\507db73cc0ef3.ocx Rapport-id: 768a2b13-195c-11e2-9609-b870f4a46fc0 Error - 10/19/2012 3:04:22 AM | Computer Name = aukekimstefan | Source = WinMgmt | ID = 10 Description = Error - 10/19/2012 3:27:56 AM | Computer Name = aukekimstefan | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 10/19/2012 6:03:14 AM | Computer Name = aukekimstefan | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: cmd.exe, versie: 6.1.7601.17514, tijdstempel: 0x4ce798e5 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel: 0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x000000000009970a Id van proces met fout: 0xffc Starttijd van toepassing met fout: 0x01cdade0f3484415 Pad naar toepassing met fout: C:\Windows\system32\cmd.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 31cb0ace-19d4-11e2-b6e6-b870f4a46fc0 Error - 10/19/2012 7:30:43 AM | Computer Name = aukekimstefan | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: iexplore.exe, versie: 9.0.8112.16450, tijdstempel: 0x503723f6 Naam van module met fout: AcroIEHelper.dll_unloaded, versie: 0.0.0.0, tijdstempel: 0x49a847f1 Uitzonderingscode: 0xc0000005 Foutoffset: 0x7085556c Id van proces met fout: 0x170 Starttijd van toepassing met fout: 0x01cdade946d8675d Pad naar toepassing met fout: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pad naar module met fout: AcroIEHelper.dll Rapport-id: 6ab7612c-19e0-11e2-b6e6-b870f4a46fc0 Error - 10/19/2012 8:34:30 AM | Computer Name = aukekimstefan | Source = SideBySide | ID = 16842815 Description = Kan activeringscontext voor 'c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand 'c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel 3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR van kenmerk version in element assemblyIdentity is ongeldig. Error - 10/19/2012 1:14:56 PM | Computer Name = aukekimstefan | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: nero.exe, versie: 6.6.0.14, tijdstempel: 0x429306e2 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0x4000001e Foutoffset: 0x72e2c9f1 Id van proces met fout: 0x1ca0 Starttijd van toepassing met fout: 0x01cdae1d3c49d795 Pad naar toepassing met fout: C:\Program Files (x86)\Ahead\nero\nero.exe Pad naar module met fout: unknown Rapport-id: 80979798-1a10-11e2-b6e6-b870f4a46fc0 Error - 10/19/2012 1:15:17 PM | Computer Name = aukekimstefan | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: nero.exe, versie: 6.6.0.14, tijdstempel: 0x429306e2 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0xc0000005 Foutoffset: 0x72e2c9f1 Id van proces met fout: 0x1e70 Starttijd van toepassing met fout: 0x01cdae1d47f5368c Pad naar toepassing met fout: C:\Program Files (x86)\Ahead\nero\nero.exe Pad naar module met fout: unknown Rapport-id: 8d38244c-1a10-11e2-b6e6-b870f4a46fc0 Error - 10/19/2012 1:25:31 PM | Computer Name = aukekimstefan | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 10/2/2012 12:40:32 PM | Computer Name = aukekimstefan | Source = bowser | ID = 8003 Description = Error - 10/3/2012 2:03:05 AM | Computer Name = aukekimstefan | Source = DCOM | ID = 10010 Description = Error - 10/3/2012 2:03:46 AM | Computer Name = aukekimstefan | Source = DCOM | ID = 10010 Description = Error - 10/9/2012 1:59:09 AM | Computer Name = aukekimstefan | Source = DCOM | ID = 10010 Description = Error - 10/18/2012 6:56:31 AM | Computer Name = aukekimstefan | Source = Disk | ID = 262155 Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1. Error - 10/18/2012 6:56:32 AM | Computer Name = aukekimstefan | Source = Disk | ID = 262155 Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1. Error - 10/18/2012 6:56:32 AM | Computer Name = aukekimstefan | Source = Disk | ID = 262155 Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1. Error - 10/18/2012 7:00:22 AM | Computer Name = aukekimstefan | Source = Disk | ID = 262155 Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1. Error - 10/18/2012 7:00:53 AM | Computer Name = aukekimstefan | Source = Disk | ID = 262155 Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1. Error - 10/19/2012 1:24:32 PM | Computer Name = aukekimstefan | Source = EventLog | ID = 6008 Description = De vorige afsluiting van het systeem om 19:22:47 op ?19-?10-?2012 is onverwacht gebeurd. < End of report >
  • Zitten jullie met z'n drieën in één account? Zoja dan kan het zijn dat de linkerhand niet weet waar de rechterhand mee bezig is. Ik laat nu OTL definief die obscure register opschoner verwijderen! En gebruik verder ook geen registeropschoontools meer, het enigste wat je er wel mee bereikt is dat Windows steeds langer over het opstarten gaat doen! [b:dc9db3349a]Sluit voordat [color=#008000:dc9db3349a]OTL[/color:dc9db3349a] de fix laat doen, eerst alle andere openstaande vensters![/b:dc9db3349a] [list:dc9db3349a][*:dc9db3349a]Dubblklik op [img:dc9db3349a]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:dc9db3349a] [*:dc9db3349a]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het kader onder [img:dc9db3349a]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:dc9db3349a] [b:dc9db3349a][color=#0000FF:dc9db3349a] :OTL PRC - [2012/09/19 15:50:47 | 000,233,472 | ---- | M] () -- C:\ProgramData\Premium\Codec\Codec.exe IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1Qzu0E0CyDyD0Fzy0A0FtD0ByD0B0F0F0DtBtN0D0Tzu0CtBzyyBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1152357215 IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\URLSearchHook: {37e17185-b07a-47b3-bd86-c675e4e4b89a} - No CLSID value found IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\SearchScopes,DefaultScope = {049D3908-D026-421B-A737-7B02D10145E1} IE - HKU\S-1-5-21-3127137148-2063120421-2372182248-1000\..\SearchScopes\{049D3908-D026-421B-A737-7B02D10145E1}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415 O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {31d8407c-62e4-4125-a4a9-717efb1a56ae} - Reg Error: Value error. File not found :Services :Reg [-HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [-HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [-HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [-HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [-HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] :Files ipconfig /flushdns /c C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro C:\Program Files (x86)\RegClean Pro C:\Users\auke kim stefan\Desktop\Free Window Registry Repair.lnk C:\Windows\tasks\RegClean Pro_UPDATES.job C:\Windows\tasks\RegClean Pro_DEFAULT.job C:\Users\Public\Desktop\RegClean Pro.lnk C:\ProgramData\FullRemove.exe :Commands [purity] [emptytemp] [resethosts] [emptyjava] [emptyflash] [createrestorepoint] [reboot][/color:dc9db3349a][/b:dc9db3349a] [*:dc9db3349a]Klik daarna bovenaan op [img:dc9db3349a]http://www.imgdumper.nl/uploads5/4f911cee9de47/4f911cee9da59-OTL-4.png[/img:dc9db3349a] [*:dc9db3349a]Laat het programma ongestoord zijn werk doen. [*:dc9db3349a][color=#FF0000:dc9db3349a][b:dc9db3349a]OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.[/b:dc9db3349a][/color:dc9db3349a] [*:dc9db3349a]Klik op [b:dc9db3349a]OK[/b:dc9db3349a] [*:dc9db3349a]Na het opnieuw opstarten wordt enkel een nieuw log geopend. [*:dc9db3349a]Post via kopiëren en plakken de inhoud van dat OTL-scanlog.[/list:u:dc9db3349a]
  • nee ik heb maar 1 account gemaakt,heb alleen drie namen gebruikt,maar geen 3 aparte accounts .
  • All processes killed ========== OTL ========== No active process named Codec.exe was found! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-3127137148-2063120421-2372182248-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{37e17185-b07a-47b3-bd86-c675e4e4b89a} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37e17185-b07a-47b3-bd86-c675e4e4b89a}\ not found. HKEY_USERS\S-1-5-21-3127137148-2063120421-2372182248-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-3127137148-2063120421-2372182248-1000\Software\Microsoft\Internet Explorer\SearchScopes\{049D3908-D026-421B-A737-7B02D10145E1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{049D3908-D026-421B-A737-7B02D10145E1}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{31d8407c-62e4-4125-a4a9-717efb1a56ae} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31d8407c-62e4-4125-a4a9-717efb1a56ae}\ deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== 64bit-Registry key HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\ not found. Registry key HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\ not found. 64bit-Registry delete failed. HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\ scheduled to be deleted on reboot. HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"" | C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type. Unable to set value : HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"ThreadingModel" | Apartment /E! Registry delete failed. HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\ scheduled to be deleted on reboot. HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"" | %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type. Unable to set value : HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\\"ThreadingModel" | Apartment /E! 64bit-Registry delete failed. HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32\ scheduled to be deleted on reboot. HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32\\"" | C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) /E :invalid edit format. Invalid data type. HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32\\"ThreadingModel" | Both /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32\ deleted successfully. ========== FILES ========== [color=#A23BEC:ac4d7bee3c]< ipconfig /flushdns /c >[/color:ac4d7bee3c] Windows IP-configuratie De DNS-omzettingscache is leeggemaakt. C:\Users\auke kim stefan\Desktop\cmd.bat deleted successfully. C:\Users\auke kim stefan\Desktop\cmd.txt deleted successfully. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro folder moved successfully. C:\Program Files (x86)\RegClean Pro folder moved successfully. C:\Users\auke kim stefan\Desktop\Free Window Registry Repair.lnk moved successfully. C:\Windows\tasks\RegClean Pro_UPDATES.job moved successfully. C:\Windows\tasks\RegClean Pro_DEFAULT.job moved successfully. C:\Users\Public\Desktop\RegClean Pro.lnk moved successfully. C:\ProgramData\FullRemove.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: auke kim stefan ->Temp folder emptied: 5495896 bytes ->Temporary Internet Files folder emptied: 334747967 bytes ->Java cache emptied: 8751 bytes ->FireFox cache emptied: 60416208 bytes ->Flash cache emptied: 4882 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 321 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 423474 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50428 bytes RecycleBin emptied: 2398 bytes Total Files Cleaned = 383.00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYJAVA] User: All Users User: auke kim stefan ->Java cache emptied: 0 bytes User: Default User: Default User User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: auke kim stefan ->Flash cache emptied: 0 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 10292012_144901 Files\Folders moved on Reboot... C:\Users\auke kim stefan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\auke kim stefan\AppData\Local\Temp\MMDUtl.log moved successfully. File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot. File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... 64bit-Registry delete failed. HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\ scheduled to be deleted on reboot. Registry delete failed. HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32\ scheduled to be deleted on reboot. 64bit-Registry delete failed. HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32\ scheduled to be deleted on reboot.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.