Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Messenger met Adobe probleem

None
17 antwoorden
  • Tegenwoordig moet ik na opstarten laptop Messenger uitzetten via taakbeheer want dat progsel reageert nergens op.
    tevens krijg ik al weken een popup dat ik flashplayer met installeren…..
    Dat heb ik intussen 13 maal gedaan , incluis zowel volledige Adobe en Live toestanden verwijderen en meeast recente versies op mn lappie zetten.
    Woie heeft er een idee om dit toch wel irritante gebeuren op te lossen??

    Maar vast Combofix gedraaid
    ComboFix 13-01-03.01 - HP-G6 03-01-2013 8:29.2.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.4044.2541 [GMT 1:00]
    Gestart vanuit: c:\users\HP-G6\Desktop\ComboFix.exe
    AV: Basis *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
    SP: Basis *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-03 to 2013-01-03 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-03 07:33 . 2013-01-03 07:33 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-12-21 20:48 . 2012-12-21 20:48 ——– d—–w- C:\MSNCleaner
    2012-12-21 10:22 . 2012-12-16 17:11 46080 —-a-w- c:\windows\system32\atmlib.dll
    2012-12-21 10:22 . 2012-12-16 14:45 367616 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-21 10:22 . 2012-12-16 14:13 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-21 10:22 . 2012-12-16 14:13 295424 —-a-w- c:\windows\SysWow64\atmfd.dll
    2012-12-21 07:24 . 2012-12-21 07:24 ——– d—–w- c:\users\HP-G6\AppData\Roaming\Malwarebytes
    2012-12-21 07:23 . 2012-12-21 07:23 ——– d—–w- c:\programdata\Malwarebytes
    2012-12-21 07:23 . 2012-12-21 07:23 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-12-21 07:23 . 2012-09-29 18:54 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-17 17:32 . 2012-12-17 17:32 ——– d—–w- c:\users\HP-G6\AppData\Roaming\dvdcss
    2012-12-17 08:31 . 2011-02-19 12:05 1139200 —-a-w- c:\windows\system32\FntCache.dll
    2012-12-17 08:31 . 2011-02-19 12:04 902656 —-a-w- c:\windows\system32\d2d1.dll
    2012-12-17 08:31 . 2011-02-19 06:30 739840 —-a-w- c:\windows\SysWow64\d2d1.dll
    2012-12-12 06:36 . 2012-11-09 05:45 2048 —-a-w- c:\windows\system32\tzres.dll
    2012-12-12 06:36 . 2012-11-09 04:42 2048 —-a-w- c:\windows\SysWow64\tzres.dll
    2012-12-12 06:34 . 2012-10-04 17:38 3072 —ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2012-12-10 07:56 . 2012-12-10 07:56 ——– d—–w- c:\windows\PCHEALTH
    2012-12-10 07:55 . 2012-12-10 07:56 ——– d—–w- c:\program files (x86)\Windows Live
    2012-12-09 09:25 . 2012-12-30 11:01 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-09 09:25 . 2012-12-30 11:01 697272 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-08 10:36 . 2012-12-08 10:36 ——– d—–w- c:\programdata\McAfee
    2012-12-08 08:47 . 2012-12-08 08:47 ——– d—–w- C:\ATISupport
    2012-12-08 08:42 . 2012-12-08 08:42 ——– dc-h–w- c:\programdata\{4E78170A-6049-4586-A083-3AECE1A687E4}
    2012-12-08 08:42 . 2012-12-08 08:42 ——– d—–w- c:\program files\WinSysClean X2
    2012-12-08 08:42 . 2004-11-13 01:29 939368 —-a-w- c:\windows\SysWow64\flash.ocx
    2012-12-08 08:38 . 2012-12-08 08:38 ——– d—–w- c:\users\HP-G6\AppData\Local\PackageAware
    2012-12-07 09:57 . 2009-07-14 01:40 84992 —-a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
    2012-12-05 11:49 . 2013-01-03 06:43 ——– d—–w- c:\users\HP-G6\AppData\Roaming\FAHClient
    2012-12-05 11:49 . 2012-12-05 11:50 ——– d—–w- c:\program files (x86)\FAHClient
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-12 22:47 . 2012-11-21 13:37 67413224 —-a-w- c:\windows\system32\MRT.exe
    2012-11-21 18:59 . 2012-11-21 18:59 53248 —-a-r- c:\users\HP-G6\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2012-11-21 18:59 . 2012-11-21 18:48 18960 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
    2012-11-21 14:55 . 2012-11-21 14:56 95208 —-a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2012-11-21 14:55 . 2012-11-21 14:56 746984 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2012-11-21 14:55 . 2012-11-21 14:56 821736 —-a-w- c:\windows\SysWow64
    pDeployJava1.dll
    2012-11-21 13:43 . 2012-11-21 13:43 74752 —-a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2012-11-21 13:43 . 2012-11-21 13:43 161792 —-a-w- c:\windows\SysWow64\msls31.dll
    2012-11-21 13:43 . 2012-11-21 13:43 86528 —-a-w- c:\windows\SysWow64\iesysprep.dll
    2012-11-21 13:43 . 2012-11-21 13:43 76800 —-a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2012-11-21 13:43 . 2012-11-21 13:43 74752 —-a-w- c:\windows\SysWow64\iesetup.dll
    2012-11-21 13:43 . 2012-11-21 13:43 63488 —-a-w- c:\windows\SysWow64\tdc.ocx
    2012-11-21 13:43 . 2012-11-21 13:43 48640 —-a-w- c:\windows\SysWow64\mshtmler.dll
    2012-11-21 13:43 . 2012-11-21 13:43 367104 —-a-w- c:\windows\SysWow64\html.iec
    2012-11-21 13:43 . 2012-11-21 13:43 23552 —-a-w- c:\windows\SysWow64\licmgr10.dll
    2012-11-21 13:43 . 2012-11-21 13:43 152064 —-a-w- c:\windows\SysWow64\wextract.exe
    2012-11-21 13:43 . 2012-11-21 13:43 150528 —-a-w- c:\windows\SysWow64\iexpress.exe
    2012-11-21 13:43 . 2012-11-21 13:43 110592 —-a-w- c:\windows\SysWow64\IEAdvpack.dll
    2012-11-21 13:43 . 2012-11-21 13:43 35840 —-a-w- c:\windows\SysWow64\imgutil.dll
    2012-11-21 13:43 . 2012-11-21 13:43 11776 —-a-w- c:\windows\SysWow64\mshta.exe
    2012-11-21 13:43 . 2012-11-21 13:43 101888 —-a-w- c:\windows\SysWow64\admparse.dll
    2012-11-21 13:43 . 2012-11-21 13:43 89088 —-a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2012-11-21 13:43 . 2012-11-21 13:43 222208 —-a-w- c:\windows\system32\msls31.dll
    2012-11-21 13:43 . 2012-11-21 13:43 197120 —-a-w- c:\windows\system32\msrating.dll
    2012-11-21 13:43 . 2012-11-21 13:43 65024 —-a-w- c:\windows\system32\pngfilt.dll
    2012-11-21 13:43 . 2012-11-21 13:43 267776 —-a-w- c:\windows\system32\ieaksie.dll
    2012-11-21 13:43 . 2012-11-21 13:43 163840 —-a-w- c:\windows\system32\ieakui.dll
    2012-11-21 13:43 . 2012-11-21 13:43 149504 —-a-w- c:\windows\system32\occache.dll
    2012-11-21 13:43 . 2012-11-21 13:43 12288 —-a-w- c:\windows\system32\mshta.exe
    2012-11-21 13:43 . 2012-11-21 13:43 114176 —-a-w- c:\windows\system32\admparse.dll
    2012-11-21 13:43 . 2012-11-21 13:43 49664 —-a-w- c:\windows\system32\imgutil.dll
    2012-11-21 13:43 . 2012-11-21 13:43 145920 —-a-w- c:\windows\system32\iepeers.dll
    2012-11-21 13:43 . 2012-11-21 13:43 91648 —-a-w- c:\windows\system32\SetIEInstalledDate.exe
    2012-11-21 13:43 . 2012-11-21 13:43 82432 —-a-w- c:\windows\system32\icardie.dll
    2012-11-21 13:43 . 2012-11-21 13:43 76800 —-a-w- c:\windows\system32\tdc.ocx
    2012-11-21 13:43 . 2012-11-21 13:43 55296 —-a-w- c:\windows\system32\msfeedsbs.dll
    2012-11-21 13:43 . 2012-11-21 13:43 534528 —-a-w- c:\windows\system32\ieapfltr.dll
    2012-11-21 13:43 . 2012-11-21 13:43 48640 —-a-w- c:\windows\system32\mshtmler.dll
    2012-11-21 13:43 . 2012-11-21 13:43 452608 —-a-w- c:\windows\system32\dxtmsft.dll
    2012-11-21 13:43 . 2012-11-21 13:43 448512 —-a-w- c:\windows\system32\html.iec
    2012-11-21 13:43 . 2012-11-21 13:43 3695416 —-a-w- c:\windows\system32\ieapfltr.dat
    2012-11-21 13:43 . 2012-11-21 13:43 282112 —-a-w- c:\windows\system32\dxtrans.dll
    2012-11-21 13:43 . 2012-11-21 13:43 160256 —-a-w- c:\windows\system32\ieakeng.dll
    2012-11-21 13:43 . 2012-11-21 13:43 135168 —-a-w- c:\windows\system32\IEAdvpack.dll
    2012-11-21 13:43 . 2012-11-21 13:43 111616 —-a-w- c:\windows\system32\iesysprep.dll
    2012-11-21 13:43 . 2012-11-21 13:43 10752 —-a-w- c:\windows\system32\msfeedssync.exe
    2012-11-21 13:43 . 2012-11-21 13:43 89088 —-a-w- c:\windows\system32\ie4uinit.exe
    2012-11-21 13:43 . 2012-11-21 13:43 85504 —-a-w- c:\windows\system32\iesetup.dll
    2012-11-21 13:43 . 2012-11-21 13:43 403248 —-a-w- c:\windows\system32\iedkcs32.dll
    2012-11-21 13:43 . 2012-11-21 13:43 39936 —-a-w- c:\windows\system32\iernonce.dll
    2012-11-21 13:43 . 2012-11-21 13:43 30720 —-a-w- c:\windows\system32\licmgr10.dll
    2012-11-21 13:43 . 2012-11-21 13:43 249344 —-a-w- c:\windows\system32\webcheck.dll
    2012-11-21 13:43 . 2012-11-21 13:43 165888 —-a-w- c:\windows\system32\iexpress.exe
    2012-11-21 13:43 . 2012-11-21 13:43 160256 —-a-w- c:\windows\system32\wextract.exe
    2012-11-21 13:43 . 2012-11-21 13:43 103936 —-a-w- c:\windows\system32\inseng.dll
    2012-11-21 12:51 . 2012-11-21 12:51 56016 —-a-w- c:\windows\system32\drivers\fsbts.sys
    2012-11-21 12:44 . 2012-11-21 12:44 42672 —-a-w- c:\windows\SysWow64\drivers\fsbts.sys
    2012-10-26 17:46 . 2012-11-21 18:48 9888912 —-a-w- c:\windows\SysWow64\RtsPStorIcon.dll
    2012-10-26 17:46 . 2012-11-21 18:48 343696 —-a-w- c:\windows\system32\drivers\RtsPStor.sys
    2012-10-22 16:40 . 2012-11-21 14:14 277024 —-a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
    2012-10-22 16:40 . 2012-11-21 14:14 116224 —-a-w- c:\windows\system32\igfxCoIn_v2875.dll
    2012-10-22 16:40 . 2012-11-21 14:14 272928 —-a-w- c:\windows\system32\igvpkrng600.bin
    2012-10-22 16:40 . 2012-11-21 14:14 524800 —-a-w- c:\windows\system32\iglhsip64.dll
    2012-10-22 16:40 . 2012-11-21 14:14 519680 —-a-w- c:\windows\SysWow64\iglhsip32.dll
    2012-10-22 16:40 . 2012-11-21 14:14 216064 —-a-w- c:\windows\system32\iglhcp64.dll
    2012-10-22 16:40 . 2012-11-21 14:14 180224 —-a-w- c:\windows\SysWow64\iglhcp32.dll
    2012-10-22 16:40 . 2012-11-21 14:14 171040 —-a-w- c:\windows\system32\igfxtray.exe
    2012-10-22 16:40 . 2012-11-21 14:14 513056 —-a-w- c:\windows\system32\igfxsrvc.exe
    2012-10-22 16:40 . 2012-11-21 14:14 410624 —-a-w- c:\windows\system32\igfxTMM.dll
    2012-10-22 16:40 . 2012-11-21 14:14 437760 —-a-w- c:\windows\system32\igfxrtrk.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 437760 —-a-w- c:\windows\system32\igfxrsve.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 437248 —-a-w- c:\windows\system32\igfxrtha.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438784 —-a-w- c:\windows\system32\igfxrsky.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 437760 —-a-w- c:\windows\system32\igfxrslv.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 439296 —-a-w- c:\windows\system32\igfxrrus.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 439296 —-a-w- c:\windows\system32\igfxrrom.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438784 —-a-w- c:\windows\system32\igfxrptg.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 437760 —-a-w- c:\windows\system32\igfxrptb.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438784 —-a-w- c:\windows\system32\igfxrplk.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 437760 —-a-w- c:\windows\system32\igfxrnor.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438784 —-a-w- c:\windows\system32\igfxrnld.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 431104 —-a-w- c:\windows\system32\igfxrkor.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 432128 —-a-w- c:\windows\system32\igfxrjpn.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438784 —-a-w- c:\windows\system32\igfxrita.lrc
    2012-10-22 16:40 . 2011-04-05 01:29 63488 —-a-w- c:\windows\system32\igfxsrvc.dll
    2012-10-22 16:40 . 2012-11-21 14:14 438272 —-a-w- c:\windows\system32\igfxrhun.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438784 —-a-w- c:\windows\system32\igfxrhrv.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 435712 —-a-w- c:\windows\system32\igfxrheb.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 439808 —-a-w- c:\windows\system32\igfxrfra.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438272 —-a-w- c:\windows\system32\igfxrfin.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 440320 —-a-w- c:\windows\system32\igfxrell.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 439808 —-a-w- c:\windows\system32\igfxresn.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438784 —-a-w- c:\windows\system32\igfxrdeu.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 286208 —-a-w- c:\windows\system32\igfxrenu.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 438272 —-a-w- c:\windows\system32\igfxrcsy.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 437248 —-a-w- c:\windows\system32\igfxrdan.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 429056 —-a-w- c:\windows\system32\igfxrcht.lrc
    2012-10-22 16:40 . 2012-11-21 14:14 428544 —-a-w- c:\windows\system32\igfxrchs.lrc
    2012-10-22 16:40 . 2011-04-05 01:28 9007616 —-a-w- c:\windows\system32\igfxress.dll
    2012-10-22 16:40 . 2012-11-21 14:14 435712 —-a-w- c:\windows\system32\igfxrara.lrc
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-11-21 16:23 220632 —-a-w- c:\users\HP-G6\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-11-21 16:23 220632 —-a-w- c:\users\HP-G6\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-11-21 16:23 220632 —-a-w- c:\users\HP-G6\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 —-a-w- c:\users\HP-G6\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 —-a-w- c:\users\HP-G6\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 —-a-w- c:\users\HP-G6\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
    "DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-12-20 11325456]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "F-Secure Hoster (45123)"="c:\program files (x86)\Internetbeveiliging\fshoster32.exe" [2012-08-27 167632]
    "F-Secure Manager"="c:\program files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" [2012-07-03 310992]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
    "HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264]
    .
    c:\users\HP-G6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\HP-G6\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-29 28539392]
    FAHControl.lnk - c:\program files (x86)\FAHClient\FAHControl.exe [2012-10-4 1525760]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "AntiVirusOverride"=dword:00000001
    "FirewallDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    "FirewallOverride"=dword:00000001
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
    R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-08-10 551040]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
    R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2012-09-12 35112]
    R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-21 1255736]
    S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2012-11-21 56016]
    S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Internetbeveiliging\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2012-11-21 62232]
    S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2012-07-03 16920]
    S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\Internetbeveiliging\fshoster32.exe [2012-08-27 167632]
    S2 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe [2012-05-25 61152]
    S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]
    S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
    S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2011-11-11 126520]
    S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
    S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2012-11-21 199736]
    S3 fsni;fsni;c:\program files (x86)\Internetbeveiliging\apps\CCF_Scanning\fsni64.sys [2012-11-22 78904]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
    S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2012-09-18 78648]
    S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2012-09-18 15160]
    S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-01 18832]
    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2012-10-26 343696]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
    S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-10-17 44344]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-09 11:01]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-11-21 16:23 244696 —-a-w- c:\users\HP-G6\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-11-21 16:23 244696 —-a-w- c:\users\HP-G6\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-11-21 16:23 244696 —-a-w- c:\users\HP-G6\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\HP-G6\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\HP-G6\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\HP-G6\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 —-a-w- c:\users\HP-G6\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-22 171040]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-22 399392]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-22 441888]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-19 1664000]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
    .
    ——- Bijkomende Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com
    mStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    mWindow Title =
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 192.168.1.1
    FF - ProfilePath - c:\users\HP-G6\AppData\Roaming\Mozilla\Firefox\Profiles\ykkzt56j.default\
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/
    FF - ExtSQL: 2012-11-21 19:58; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Wow6432Node-HKCU-Run-DriverMax_RESTART - (no file)
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]
    "ImagePath"="\"c:\program files (x86)\Internetbeveiliging\fshoster32.exe\" -hosterid:0"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
    @="?????????????????? v1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
    @="?????????????????? v2"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected]
    @Denied: ) (Everyone)
    "AgentIdentifier"="91d071f7-f030-4c43-8c8c-12067195cdc9"
    "AuthorizationCode"="unM30L7ZwjzS07-8DzmUXvoeLcqL7rkNM7Y4pU1hlpfcALailsDgXw"
    "45123_AgentIdentifier"="91d071f7-f030-4c43-8c8c-12067195cdc9"
    "45123_AuthorizationCode"="unM30L7ZwjzS07-8DzmUXvoeLcqL7rkNM7Y4pU1hlpfcALailsDgXw"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-01-03 08:35:13
    ComboFix-quarantined-files.txt 2013-01-03 07:35
    ComboFix2.txt 2012-12-21 10:57
    .
    Pre-Run: 83.404.234.752 bytes beschikbaar
    Post-Run: 83.234.557.952 bytes beschikbaar
    .
    - - End Of File - - EDEDF99AFB3BF58138B87DD5D913B111
  • Doe het volgende:

    [b:e3f736e0ab]Welk programma[/b:e3f736e0ab]: [b:e3f736e0ab]OTL.exe[/b:e3f736e0ab][/color:e3f736e0ab]
    [b:e3f736e0ab]Waarvoor/waarom[/b:e3f736e0ab]: multifunktioneel tool - analyse en fix
    [b:e3f736e0ab]Moeilijkheidsgraad[/b:e3f736e0ab]: geen.
    [b:e3f736e0ab]Download[/b:e3f736e0ab]: [b:e3f736e0ab]OTL.exe[/color:e3f736e0ab][/b:e3f736e0ab] en plaats het bestand op het bureaublad.
    [b:e3f736e0ab]Sluit voordat OTL.exe[/color:e3f736e0ab] gaat scannen, eerst alle andere openstaande vensters![/b:e3f736e0ab]

    [b:e3f736e0ab]OTL.exe[/color:e3f736e0ab] gebruiken[/b:e3f736e0ab]:
    [list:e3f736e0ab][*:e3f736e0ab] [b:e3f736e0ab]Sluit nu eerst alle nog openstaande programmavensters![/color:e3f736e0ab][/b:e3f736e0ab]
    [list:e3f736e0ab][*:e3f736e0ab][b:e3f736e0ab]Windows 2000[/color:e3f736e0ab][/b:e3f736e0ab] en [b:e3f736e0ab]Windows XP[/b:e3f736e0ab][/color:e3f736e0ab]: dubbelklik op [b:e3f736e0ab]OTL.exe[/b:e3f736e0ab][/color:e3f736e0ab].
    [*:e3f736e0ab][b:e3f736e0ab]Windows Vista[/b:e3f736e0ab][/color:e3f736e0ab], [b:e3f736e0ab]Windows 7[/b:e3f736e0ab][/color:e3f736e0ab] en [b:e3f736e0ab]Windows 8[/b:e3f736e0ab][/color:e3f736e0ab]: via rechtsklik op [b:e3f736e0ab]OTL.exe[/b:e3f736e0ab][/color:e3f736e0ab] en kies voor "Als Administrator uitvoeren".[/list:u:e3f736e0ab][/list:u:e3f736e0ab]

    [list:e3f736e0ab][*:e3f736e0ab]Zet een vinkje bij [b:e3f736e0ab]Scan All Users[/b:e3f736e0ab][/color:e3f736e0ab], [b:e3f736e0ab]LOP Check[/b:e3f736e0ab][/color:e3f736e0ab] en bij [b:e3f736e0ab]PURITY Check[/b:e3f736e0ab][/color:e3f736e0ab].

    [*:e3f736e0ab]Kopieer en plak ondervermelde (vetgedrukte, blauwe tekst) in het kader onder [img:e3f736e0ab]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:e3f736e0ab]

    [b:e3f736e0ab]netsvcs
    BASESERVICES
    DRIVES
    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.sys /90
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    %USERPROFILE%\..|smtmp;true;true;true /FP
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command
    s
    hklm\software\clients\startmenuinternet|command /64
    s
    CREATERESTOREPOINT[/color:e3f736e0ab][/b:e3f736e0ab]

    [*:e3f736e0ab]Klik vervolgens op de knop [img:e3f736e0ab]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:e3f736e0ab].
    [*:e3f736e0ab]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
    [*:e3f736e0ab]De scan zal niet heel erg lang duren.
    [list:e3f736e0ab][*:e3f736e0ab]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:e3f736e0ab]OTL.Txt[/b:e3f736e0ab] en [b:e3f736e0ab]Extras.txt[/b:e3f736e0ab].
    [*:e3f736e0ab]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:e3f736e0ab]
    [*:e3f736e0ab][b:e3f736e0ab]Notabene:[/b:e3f736e0ab][/color:e3f736e0ab] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:e3f736e0ab]
  • OTL logfile created on: 3-1-2013 16:17:33 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HP-G6\Desktop
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,95 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 60,31% Memory free
    7,90 Gb Paging File | 6,11 Gb Available in Paging File | 77,36% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 112,24 Gb Total Space | 77,40 Gb Free Space | 68,96% Space Free | Partition Type: NTFS
    Drive D: | 353,32 Gb Total Space | 326,58 Gb Free Space | 92,43% Space Free | Partition Type: NTFS
    Drive E: | 15,02 Gb Total Space | 11,92 Gb Free Space | 79,38% Space Free | Partition Type: FAT32

    Computer Name: HP-G6-PC | User Name: HP-G6 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:6a02c61a1d]

    PRC - [2013-01-03 16:14:15 | 000,602,112 | —- | M] (OldTimer Tools) – C:\Users\HP-G6\Desktop\OTL.com
    PRC - [2012-12-30 12:01:42 | 001,807,800 | —- | M] (Adobe Systems, Inc.) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
    PRC - [2012-12-29 00:02:24 | 028,539,392 | —- | M] (Dropbox, Inc.) – C:\Users\HP-G6\AppData\Roaming\Dropbox\bin\Dropbox.exe
    PRC - [2012-12-20 13:16:10 | 011,325,456 | —- | M] (Innovative Solutions) – C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
    PRC - [2012-12-13 12:19:10 | 002,217,944 | —- | M] (Auslogics) – C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
    PRC - [2012-12-05 09:30:08 | 000,916,960 | —- | M] (Mozilla Corporation) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2012-11-21 13:48:45 | 001,015,352 | —- | M] (F-Secure Corporation) – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe
    PRC - [2012-11-21 13:48:45 | 000,609,848 | —- | M] (F-Secure Corporation) – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
    PRC - [2012-10-23 10:47:48 | 007,859,112 | —- | M] (TeamViewer GmbH) – C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
    PRC - [2012-10-23 10:47:48 | 002,848,168 | —- | M] (TeamViewer GmbH) – C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    PRC - [2012-10-23 10:40:39 | 000,106,408 | —- | M] (TeamViewer GmbH) – C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
    PRC - [2012-09-23 20:43:34 | 000,065,192 | —- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012-08-27 16:06:56 | 000,167,632 | —- | M] (F-Secure Corporation) – C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
    PRC - [2012-08-10 15:48:50 | 000,197,536 | —- | M] (Hewlett-Packard Company) – C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    PRC - [2012-07-03 17:40:00 | 000,310,992 | —- | M] (F-Secure Corporation) – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
    PRC - [2012-07-03 17:40:00 | 000,212,688 | —- | M] (F-Secure Corporation) – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
    PRC - [2012-05-25 12:00:44 | 000,061,152 | —- | M] (F-Secure Corporation) – C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
    PRC - [2011-04-08 13:50:02 | 000,542,264 | —- | M] (Google) – C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
    PRC - [2009-06-24 10:57:04 | 000,136,704 | —- | M] (HP) – C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
    PRC - [2005-07-15 22:48:33 | 000,479,232 | —- | M] (Google Inc.) – C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe


    ========== Modules (No Company Name) ==========[/color:6a02c61a1d]

    MOD - [2012-12-30 12:01:42 | 014,586,296 | —- | M] () – C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
    MOD - [2012-12-20 13:16:18 | 000,009,240 | —- | M] () – C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
    MOD - [2012-12-05 09:30:06 | 002,397,152 | —- | M] () – C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2012-11-21 13:42:22 | 010,706,624 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtWebKit4.dll
    MOD - [2012-11-21 13:42:22 | 008,347,328 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtGui4.dll
    MOD - [2012-11-21 13:42:22 | 003,051,200 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXmlPatterns4.dll
    MOD - [2012-11-21 13:42:22 | 002,256,576 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCore4.dll
    MOD - [2012-11-21 13:42:22 | 001,076,928 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtCLucene4.dll
    MOD - [2012-11-21 13:42:22 | 000,986,816 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtNetwork4.dll
    MOD - [2012-11-21 13:42:22 | 000,622,272 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtSql4.dll
    MOD - [2012-11-21 13:42:22 | 000,450,240 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtHelp4.dll
    MOD - [2012-11-21 13:42:22 | 000,372,416 | —- | M] () – C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.2.680_none_a025cb6556b2730a\QtXml4.dll
    MOD - [2012-08-27 16:06:54 | 000,241,360 | —- | M] () – C:\Program Files (x86)\Internetbeveiliging\imageformats\qmng4.dll
    MOD - [2012-08-27 16:06:54 | 000,143,056 | —- | M] () – C:\Program Files (x86)\Internetbeveiliging\imageformats\qjpeg4.dll
    MOD - [2012-08-27 16:06:54 | 000,036,048 | —- | M] () – C:\Program Files (x86)\Internetbeveiliging\imageformats\qico4.dll
    MOD - [2012-08-27 16:06:54 | 000,034,000 | —- | M] () – C:\Program Files (x86)\Internetbeveiliging\imageformats\qgif4.dll
    MOD - [2012-07-03 17:39:54 | 000,086,016 | —- | M] () – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\FSGUI\strres.eng
    MOD - [2012-07-03 17:39:54 | 000,049,152 | —- | M] () – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\FSGUI\fsavures.eng
    MOD - [2011-03-17 00:11:16 | 004,297,568 | —- | M] () – C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


    ========== Services (SafeList) ==========[/color:6a02c61a1d]

    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-10-01 08:22:52 | 000,359,224 | —- | M] (Logitech, Inc.) [On_Demand | Stopped] – C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe – (LBTServ)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-19 21:45:20 | 000,323,072 | —- | M] (IDT, Inc.) [Auto | Running] – C:\Program Files\IDT\WDM\stacsv64.exe – (STacSV)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-11-11 11:08:32 | 000,126,520 | R— | M] (HP) [Auto | Running] – C:\Windows\SysNative\HPSIsvc.exe – (HPSIService)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:27 | 001,011,712 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:40:01 | 000,193,536 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\appmgmts.dll – (AppMgmt)
    SRV - [2012-12-30 12:01:42 | 000,250,808 | —- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe – (AdobeFlashPlayerUpdateSvc)
    SRV - [2012-12-05 09:30:07 | 000,115,168 | —- | M] (Mozilla Foundation) [On_Demand | Stopped] – C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe – (MozillaMaintenance)
    SRV - [2012-11-09 11:21:24 | 000,160,944 | R— | M] (Skype Technologies) [Auto | Stopped] – C:\Program Files (x86)\Skype\Updater\Updater.exe – (SkypeUpdate)
    SRV - [2012-10-23 10:47:48 | 002,848,168 | —- | M] (TeamViewer GmbH) [Auto | Running] – C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe – (TeamViewer7)
    SRV - [2012-10-22 17:40:30 | 000,277,024 | —- | M] (Intel Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\IntelCpHeciSvc.exe – (cphs)
    SRV - [2012-09-27 11:55:16 | 000,086,528 | —- | M] (Hewlett-Packard Company) [Auto | Running] – C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe – (HP Support Assistant Service)
    SRV - [2012-09-23 20:43:34 | 000,065,192 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
    SRV - [2012-08-27 16:06:56 | 000,167,632 | —- | M] (F-Secure Corporation) [Auto | Running] – C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe – (fshoster)
    SRV - [2012-08-10 15:48:50 | 000,197,536 | —- | M] (Hewlett-Packard Company) [Auto | Running] – C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe – (HPDrvMntSvc.exe)
    SRV - [2012-07-03 17:40:00 | 000,212,688 | —- | M] (F-Secure Corporation) [On_Demand | Running] – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE – (FSMA)
    SRV - [2012-05-25 12:00:44 | 000,061,152 | —- | M] (F-Secure Corporation) [Auto | Running] – C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe – (FSORSPClient)
    SRV - [2010-03-18 13:16:28 | 000,130,384 | —- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe – (clr_optimization_v4.0.30319_32)
    SRV - [2009-06-24 10:57:04 | 000,136,704 | —- | M] (HP) [Auto | Running] – C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe – (HP LaserJet Service)
    SRV - [2009-06-10 22:23:09 | 000,066,384 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========[/color:6a02c61a1d]

    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-11-21 13:51:33 | 000,056,016 | —- | M] () [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\fsbts.sys – (fsbts)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-10-26 18:46:14 | 000,343,696 | —- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\RtsPStor.sys – (RSPCIESTOR)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-10-22 17:40:12 | 005,332,896 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\igdkmd64.sys – (igfx)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-10-18 00:19:22 | 000,044,344 | —- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Smb_driver_Intel.sys – (SmbDrvI)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-09-18 11:32:32 | 000,078,648 | —- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LEqdUsb.sys – (LEqdUsb)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-09-18 10:32:32 | 000,075,064 | —- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LHidFilt.Sys – (LHidFilt)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-09-18 10:32:32 | 000,061,240 | —- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LMouFilt.Sys – (LMouFilt)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-09-18 10:32:32 | 000,015,160 | —- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\LHidEqd.sys – (LHidEqd)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-09-12 12:36:37 | 000,035,112 | —- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\teamviewervpn.sys – (teamviewervpn)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-23 15:12:16 | 000,029,696 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\terminpt.sys – (terminpt)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-23 15:10:20 | 000,019,456 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\rdpvideominiport.sys – (RdpVideoMiniport)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-23 15:08:26 | 000,030,208 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbGD.sys – (TsUsbGD)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-23 15:07:35 | 000,057,856 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (TsUsbFlt)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-19 21:45:20 | 000,542,208 | —- | M] (IDT, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\stwrt64.sys – (STHDA)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-10 12:10:38 | 000,551,040 | —- | M] (Atheros) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\btfilter.sys – (BtFilter)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-08-01 16:01:14 | 000,018,832 | —- | M] (PenMount) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\pmkbdfltr.sys – (pmkbdfltr)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-07-13 08:26:32 | 000,062,784 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\HECIx64.sys – (MEIx64)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-06-20 09:42:44 | 003,678,720 | —- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\athrx.sys – (athr)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-06-19 07:40:50 | 000,342,528 | —- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\IntcDAud.sys – (IntcDAud)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-03-01 07:46:16 | 000,023,408 | —- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\Windows\SysNative\drivers\fs_rec.sys – (Fs_Rec)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-10-14 04:37:44 | 000,396,848 | —- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\SynTP.sys – (SynTP)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-08-23 21:57:24 | 000,565,352 | —- | M] (Realtek ) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Rt64win7.sys – (RTL8167)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-03-11 07:41:12 | 000,107,904 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-03-11 07:41:12 | 000,027,008 | —- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:48 | 000,117,248 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\tsusbhub.sys – (tsusbhub)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:48 | 000,088,960 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\Synth3dVsc.sys – (Synth3dVsc)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:48 | 000,071,168 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\dmvsc.sys – (dmvsc)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:47 | 000,078,720 | —- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:52:20 | 000,194,128 | —- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:48:04 | 000,065,600 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2.sys – (LSI_SAS2)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:45:55 | 000,024,656 | —- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 01:39:20 | 000,023,040 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\WSDPrint.sys – (WSDPrintDevice)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-06-10 21:34:33 | 003,286,016 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-06-10 21:34:28 | 000,468,480 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-06-10 21:34:23 | 000,270,848 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\b57nd60a.sys – (b57nd60a)
    DRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-06-10 21:31:59 | 000,031,232 | —- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hcw85cir.sys – (hcw85cir)
    DRV - [2012-11-22 16:11:34 | 000,078,904 | —- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] – C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Scanning\fsni64.sys – (fsni)
    DRV - [2012-11-21 13:49:15 | 000,199,736 | —- | M] () [Kernel | On_Demand | Running] – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys – (F-Secure Gatekeeper)
    DRV - [2012-11-21 13:48:45 | 000,062,232 | —- | M] (F-Secure Corporation) [Kernel | System | Running] – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\HIPS\drivers\fshs.sys – (F-Secure HIPS)
    DRV - [2012-11-21 13:44:12 | 000,042,672 | —- | M] () [Kernel | Boot | Running] – C:\Windows\SysWOW64\drivers\fsbts.sys – (fsbts)
    DRV - [2012-07-03 17:39:48 | 000,016,920 | —- | M] () [Kernel | System | Running] – C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys – (fsvista)
    DRV - [2009-07-14 02:19:10 | 000,019,008 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\wimmount.sys – (WIMMount)


    ========== Standard Registry (SafeList) ==========[/color:6a02c61a1d]


    ========== Internet Explorer ==========[/color:6a02c61a1d]

    IE:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL
    IE - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 66 5B 9C 68 DD CD 01 [binary data]
    IE - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========[/color:6a02c61a1d]

    FF - prefs.js..browser.startup.homepage: "https://www.google.nl/"
    FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
    FF - user.js - File not found

    FF:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
    FF:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64
    pDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2
    pjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC
    pvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012-11-21 19:58:58 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26 14:27:28 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-05 09:30:08 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-05 09:30:08 | 000,000,000 | —D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2012-11-21 14:31:12 | 000,000,000 | —D | M] (No name found) – C:\Users\HP-G6\AppData\Roaming\mozilla\Extensions
    [2012-12-05 09:29:54 | 000,000,000 | —D | M] (No name found) – C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012-11-21 19:58:58 | 000,000,000 | —D | M] (Logitech SetPoint) – C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT
    [2012-12-05 09:30:08 | 000,262,112 | —- | M] (Mozilla Foundation) – C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012-11-20 07:57:51 | 000,002,465 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012-11-20 07:57:51 | 000,002,616 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
    [2012-11-20 07:57:51 | 000,004,771 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
    [2012-11-20 07:57:51 | 000,001,262 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

    O1 HOSTS File: ([2012-12-21 11:53:43 | 000,000,027 | —- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
    O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    O4:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
    O4:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
    O4 - HKLM..\Run: [F-Secure Hoster (45123)] C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe (F-Secure Corporation)
    O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
    O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
    O4 - HKU\S-1-5-21-923864647-1305126636-2454660077-1000..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
    O4 - Startup: C:\Users\HP-G6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\HP-G6\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O4 - Startup: C:\Users\HP-G6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FAHControl.lnk = C:\Program Files (x86)\FAHClient\FAHControl.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-923864647-1305126636-2454660077-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
    O13 - gopher Prefix: missing
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (GMNRev Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{616F5338-B9C3-4E47-A766-AF5E6757E852}: DhcpNameServer = 212.54.40.25 212.54.35.25 192.168.1.1
    O18:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - Protocol\Handler\livecall - No CLSID value found
    O18:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - Protocol\Handler\ms-help - No CLSID value found
    O18:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - Protocol\Handler\msnim - No CLSID value found
    O18:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - Protocol\Handler\skype4com - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O20:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
    O21:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\..comfile [open] – "%1" %*
    O35:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\..exefile [open] – "%1" %*
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O37:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\…com [@ = ComFile] – "%1" %*
    O37:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - HKLM\…exe [@ = exefile] – "%1" %*
    O37 - HKLM\…com [@ = ComFile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    NetSvcs:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========[/color:6a02c61a1d]

    [2013-01-03 16:14:29 | 000,602,112 | —- | C] (OldTimer Tools) – C:\Users\HP-G6\Desktop\OTL.com
    [2013-01-03 10:27:32 | 000,000,000 | —D | C] – C:\Windows\MiniDump
    [2013-01-03 08:41:08 | 000,000,000 | -HSD | C] – C:\$RECYCLE.BIN
    [2013-01-03 08:35:14 | 000,000,000 | —D | C] – C:\Windows\temp
    [2013-01-03 08:27:52 | 000,000,000 | —D | C] – C:\ComboFix
    [2013-01-03 08:23:39 | 005,018,375 | R— | C] (Swearware) – C:\Users\HP-G6\Desktop\ComboFix.exe
    [2012-12-22 21:35:06 | 000,000,000 | —D | C] – C:\Users\HP-G6\Documents\Andijkwedstrijden
    [2012-12-21 21:48:06 | 000,000,000 | —D | C] – C:\MSNCleaner
    [2012-12-21 11:47:36 | 000,518,144 | —- | C] (SteelWerX) – C:\Windows\SWREG.exe
    [2012-12-21 11:47:36 | 000,406,528 | —- | C] (SteelWerX) – C:\Windows\SWSC.exe
    [2012-12-21 11:47:36 | 000,060,416 | —- | C] (NirSoft) – C:\Windows\NIRCMD.exe
    [2012-12-21 11:45:40 | 000,000,000 | —D | C] – C:\Qoobox
    [2012-12-21 11:45:22 | 000,000,000 | —D | C] – C:\Windows\erdnt
    [2012-12-21 11:22:51 | 000,367,616 | —- | C] (Adobe Systems Incorporated) – C:\Windows\SysNative\atmfd.dll
    [2012-12-21 11:22:51 | 000,046,080 | —- | C] (Adobe Systems) – C:\Windows\SysNative\atmlib.dll
    [2012-12-21 11:22:51 | 000,034,304 | —- | C] (Adobe Systems) – C:\Windows\SysWow64\atmlib.dll
    [2012-12-21 11:22:50 | 000,295,424 | —- | C] (Adobe Systems Incorporated) – C:\Windows\SysWow64\atmfd.dll
    [2012-12-21 08:24:07 | 000,000,000 | —D | C] – C:\Users\HP-G6\AppData\Roaming\Malwarebytes
    [2012-12-21 08:23:53 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012-12-21 08:23:50 | 000,000,000 | —D | C] – C:\ProgramData\Malwarebytes
    [2012-12-21 08:23:46 | 000,025,928 | —- | C] (Malwarebytes Corporation) – C:\Windows\SysNative\drivers\mbam.sys
    [2012-12-21 08:23:46 | 000,000,000 | —D | C] – C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012-12-20 07:01:24 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
    [2012-12-17 18:32:38 | 000,000,000 | —D | C] – C:\Users\HP-G6\AppData\Roaming\dvdcss
    [2012-12-17 09:31:21 | 000,902,656 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\d2d1.dll
    [2012-12-12 23:45:18 | 000,248,320 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\ieui.dll
    [2012-12-12 23:45:18 | 000,176,640 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\ieui.dll
    [2012-12-12 23:45:18 | 000,173,056 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\ieUnatt.exe
    [2012-12-12 23:45:18 | 000,142,848 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\ieUnatt.exe
    [2012-12-12 23:45:18 | 000,096,768 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\mshtmled.dll
    [2012-12-12 23:45:18 | 000,073,216 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\mshtmled.dll
    [2012-12-12 23:45:17 | 001,427,968 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\inetcpl.cpl
    [2012-12-12 23:45:17 | 000,237,056 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\url.dll
    [2012-12-12 23:45:17 | 000,231,936 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\url.dll
    [2012-12-12 23:45:16 | 002,312,704 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\jscript9.dll
    [2012-12-12 23:45:16 | 001,494,528 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\inetcpl.cpl
    [2012-12-12 23:45:16 | 000,729,088 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\msfeeds.dll
    [2012-12-12 23:45:15 | 000,816,640 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\jscript.dll
    [2012-12-12 23:45:15 | 000,717,824 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\jscript.dll
    [2012-12-12 23:45:15 | 000,599,040 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\vbscript.dll
    [2012-12-12 07:35:33 | 000,424,960 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\KernelBase.dll
    [2012-12-12 07:35:32 | 001,161,216 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\kernel32.dll
    [2012-12-12 07:35:31 | 000,338,432 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\conhost.exe
    [2012-12-12 07:35:31 | 000,215,040 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\winsrv.dll
    [2012-12-12 07:35:27 | 000,362,496 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\wow64win.dll
    [2012-12-12 07:35:27 | 000,243,200 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\wow64.dll
    [2012-12-12 07:35:27 | 000,025,600 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\setup16.exe
    [2012-12-12 07:35:26 | 000,016,384 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative
    tvdm64.dll
    [2012-12-12 07:35:26 | 000,014,336 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64
    tvdm64.dll
    [2012-12-12 07:35:26 | 000,013,312 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\wow64cpu.dll
    [2012-12-12 07:35:26 | 000,007,680 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\instnm.exe
    [2012-12-12 07:35:26 | 000,005,120 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\wow32.dll
    [2012-12-12 07:35:26 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012-12-12 07:35:26 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2012-12-12 07:35:25 | 000,006,144 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2012-12-12 07:35:25 | 000,005,120 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2012-12-12 07:35:25 | 000,005,120 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2012-12-12 07:35:25 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2012-12-12 07:35:24 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2012-12-12 07:35:24 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012-12-12 07:35:24 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2012-12-12 07:35:24 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2012-12-12 07:35:23 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2012-12-12 07:35:22 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2012-12-12 07:35:21 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2012-12-12 07:35:20 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012-12-12 07:35:20 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012-12-12 07:35:20 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2012-12-12 07:35:19 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2012-12-12 07:35:19 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012-12-12 07:35:19 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012-12-12 07:35:19 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012-12-12 07:35:19 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2012-12-12 07:35:18 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012-12-12 07:35:15 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2012-12-12 07:35:11 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2012-12-12 07:35:10 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2012-12-12 07:35:08 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2012-12-12 07:35:07 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2012-12-12 07:35:06 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2012-12-12 07:35:06 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012-12-12 07:35:05 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012-12-12 07:35:03 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2012-12-12 07:35:02 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2012-12-12 07:35:02 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2012-12-12 07:34:59 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2012-12-12 07:34:54 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2012-12-12 07:34:53 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2012-12-12 07:34:53 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2012-12-12 07:34:53 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2012-12-12 07:34:53 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2012-12-12 07:34:51 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2012-12-12 07:34:49 | 000,006,144 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2012-12-12 07:34:48 | 000,003,584 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2012-12-12 07:34:46 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2012-12-12 07:34:45 | 000,004,608 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2012-12-12 07:34:44 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2012-12-12 07:34:43 | 000,004,096 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2012-12-12 07:34:40 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2012-12-12 07:34:38 | 000,003,072 | -H– | C] (Microsoft Corporation) – C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2012-12-12 07:34:30 | 000,002,048 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\user.exe
    [2012-12-12 07:34:09 | 000,478,208 | —- | C] (Microsoft Corporation) – C:\Windows\SysNative\dpnet.dll
    [2012-12-12 07:34:09 | 000,376,832 | —- | C] (Microsoft Corporation) – C:\Windows\SysWow64\dpnet.dll
    [2012-12-10 08:56:11 | 000,000,000 | —D | C] – C:\Windows\PCHEALTH
    [2012-12-10 08:55:51 | 000,000,000 | —D | C] – C:\Program Files (x86)\Windows Live
    [2012-12-09 10:25:22 | 000,697,272 | —- | C] (Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012-12-09 10:25:22 | 000,073,656 | —- | C] (Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012-12-08 11:36:33 | 000,000,000 | —D | C] – C:\ProgramData\McAfee
    [2012-12-08 09:47:54 | 000,000,000 | —D | C] – C:\ATISupport
    [2012-12-08 09:42:25 | 000,000,000 | -H-D | C] – C:\ProgramData\{4E78170A-6049-4586-A083-3AECE1A687E4}
    [2012-12-08 09:42:17 | 000,000,000 | —D | C] – C:\Program Files\WinSysClean X2
    [2012-12-08 09:42:17 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Systems
    [2012-12-08 09:42:14 | 000,939,368 | —- | C] (Macromedia, Inc.) – C:\Windows\SysWow64\flash.ocx
    [2012-12-08 09:38:34 | 000,000,000 | —D | C] – C:\Users\HP-G6\AppData\Local\PackageAware
    [2012-12-05 12:50:08 | 000,000,000 | —D | C] – C:\Users\HP-G6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FAHClient
    [2012-12-05 12:49:53 | 000,000,000 | —D | C] – C:\Users\HP-G6\AppData\Roaming\FAHClient
    [2012-12-05 12:49:52 | 000,000,000 | —D | C] – C:\Program Files (x86)\FAHClient
    [2012-12-05 09:29:54 | 000,000,000 | —D | C] – C:\Program Files (x86)\Mozilla Firefox

    ========== Files - Modified Within 30 Days ==========[/color:6a02c61a1d]

    [2013-01-03 16:21:00 | 000,000,940 | —- | M] () – C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013-01-03 16:14:15 | 000,602,112 | —- | M] (OldTimer Tools) – C:\Users\HP-G6\Desktop\OTL.com
    [2013-01-03 12:20:02 | 001,549,262 | —- | M] () – C:\Windows\SysNative\PerfStringBackup.INI
    [2013-01-03 12:20:02 | 000,701,564 | —- | M] () – C:\Windows\SysNative\perfh013.dat
    [2013-01-03 12:20:02 | 000,616,008 | —- | M] () – C:\Windows\SysNative\perfh009.dat
    [2013-01-03 12:20:02 | 000,133,564 | —- | M] () – C:\Windows\SysNative\perfc013.dat
    [2013-01-03 12:20:02 | 000,106,388 | —- | M] () – C:\Windows\SysNative\perfc009.dat
    [2013-01-03 10:37:10 | 000,020,480 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013-01-03 10:37:10 | 000,020,480 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013-01-03 10:29:33 | 000,067,584 | –S- | M] () – C:\Windows\bootstat.dat
    [2013-01-03 10:29:27 | 3180,220,416 | -HS- | M] () – C:\hiberfil.sys
    [2013-01-03 08:23:47 | 005,018,375 | R— | M] (Swearware) – C:\Users\HP-G6\Desktop\ComboFix.exe
    [2012-12-31 07:31:12 | 000,001,049 | —- | M] () – C:\Users\HP-G6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    [2012-12-30 12:01:42 | 000,697,272 | —- | M] (Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012-12-30 12:01:42 | 000,073,656 | —- | M] (Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012-12-27 09:58:15 | 007,099,376 | —- | M] () – C:\Users\HP-G6\Documents\hirlam_27122012_095807.nc
    [2012-12-21 12:58:24 | 007,099,376 | —- | M] () – C:\Users\HP-G6\Documents\hirlam_21122012_125816.nc
    [2012-12-21 11:53:43 | 000,000,027 | —- | M] () – C:\Windows\SysNative\drivers\etc\hosts
    [2012-12-21 11:25:38 | 000,416,688 | —- | M] () – C:\Windows\SysNative\FNTCACHE.DAT
    [2012-12-20 19:35:04 | 008,231,024 | —- | M] () – C:\Users\HP-G6\Desktop\WinGPS 5 Voyager gebruikershandleiding.pdf
    [2012-12-20 07:01:24 | 000,001,299 | —- | M] () – C:\Users\HP-G6\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
    [2012-12-18 14:25:00 | 000,683,004 | —- | M] () – C:\Users\HP-G6\Documents\anjo 2013.jpg
    [2012-12-16 18:11:22 | 000,046,080 | —- | M] (Adobe Systems) – C:\Windows\SysNative\atmlib.dll
    [2012-12-16 15:45:03 | 000,367,616 | —- | M] (Adobe Systems Incorporated) – C:\Windows\SysNative\atmfd.dll
    [2012-12-16 15:13:28 | 000,295,424 | —- | M] (Adobe Systems Incorporated) – C:\Windows\SysWow64\atmfd.dll
    [2012-12-16 15:13:20 | 000,034,304 | —- | M] (Adobe Systems) – C:\Windows\SysWow64\atmlib.dll
    [2012-12-14 22:52:44 | 007,099,376 | —- | M] () – C:\Users\HP-G6\Documents\hirlam_14122012_225236.nc
    [2012-12-14 22:51:27 | 010,942,080 | —- | M] () – C:\Users\HP-G6\Documents\yrno_neurope_14122012_225115.grb
    [2012-12-14 10:36:07 | 007,099,376 | —- | M] () – C:\Users\HP-G6\Documents\hirlam_14122012_103558.nc
    [2012-12-05 12:50:09 | 000,001,994 | —- | M] () – C:\Users\HP-G6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FAHControl.lnk

    ========== Files Created - No Company Name ==========[/color:6a02c61a1d]

    [2012-12-27 09:58:11 | 007,099,376 | —- | C] () – C:\Users\HP-G6\Documents\hirlam_27122012_095807.nc
    [2012-12-21 12:58:21 | 007,099,376 | —- | C] () – C:\Users\HP-G6\Documents\hirlam_21122012_125816.nc
    [2012-12-21 11:47:36 | 000,256,000 | —- | C] () – C:\Windows\PEV.exe
    [2012-12-21 11:47:36 | 000,208,896 | —- | C] () – C:\Windows\MBR.exe
    [2012-12-21 11:47:36 | 000,098,816 | —- | C] () – C:\Windows\sed.exe
    [2012-12-21 11:47:36 | 000,080,412 | —- | C] () – C:\Windows\grep.exe
    [2012-12-21 11:47:36 | 000,068,096 | —- | C] () – C:\Windows\zip.exe
    [2012-12-20 19:35:03 | 008,231,024 | —- | C] () – C:\Users\HP-G6\Desktop\WinGPS 5 Voyager gebruikershandleiding.pdf
    [2012-12-20 07:01:24 | 000,001,299 | —- | C] () – C:\Users\HP-G6\Application Data\Microsoft\Internet Explorer\Quick Launch\Auslogics BoostSpeed.lnk
    [2012-12-18 14:25:00 | 000,683,004 | —- | C] () – C:\Users\HP-G6\Documents\anjo 2013.jpg
    [2012-12-17 18:13:28 | 000,000,940 | —- | C] () – C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012-12-14 22:52:39 | 007,099,376 | —- | C] () – C:\Users\HP-G6\Documents\hirlam_14122012_225236.nc
    [2012-12-14 22:51:15 | 010,942,080 | —- | C] () – C:\Users\HP-G6\Documents\yrno_neurope_14122012_225115.grb
    [2012-12-14 10:36:02 | 007,099,376 | —- | C] () – C:\Users\HP-G6\Documents\hirlam_14122012_103558.nc
    [2012-12-10 08:56:51 | 000,002,522 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    [2012-12-05 12:50:09 | 000,001,994 | —- | C] () – C:\Users\HP-G6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FAHControl.lnk
    [2012-11-21 15:14:44 | 000,272,928 | —- | C] () – C:\Windows\SysWow64\igvpkrng600.bin
    [2012-11-21 15:13:54 | 000,064,512 | —- | C] () – C:\Windows\SysWow64\igdde32.dll
    [2012-11-21 15:13:48 | 000,963,452 | —- | C] () – C:\Windows\SysWow64\igcodeckrng600.bin
    [2012-11-21 13:44:12 | 000,042,672 | —- | C] () – C:\Windows\SysWow64\drivers\fsbts.sys
    [2012-11-21 13:43:57 | 000,019,684 | —- | C] () – C:\Windows\prodsett_copy.ini
    [2011-04-05 03:07:02 | 000,145,804 | —- | C] () – C:\Windows\SysWow64\igcompkrng600.bin
    [2011-04-05 03:07:00 | 000,963,116 | —- | C] () – C:\Windows\SysWow64\igkrng600.bin
    [2011-04-05 03:07:00 | 000,216,876 | —- | C] () – C:\Windows\SysWow64\igfcg600m.bin

    ========== ZeroAccess Check ==========[/color:6a02c61a1d]

    [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () – C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll – [2012-06-09 06:43:10 | 014,172,672 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll – [2012-06-09 05:41:00 | 012,873,728 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll – [2009-07-14 02:40:51 | 000,909,312 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll – [2010-11-21 04:24:25 | 000,606,208 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll – [2009-07-14 02:41:56 | 000,505,856 | —- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========[/color:6a02c61a1d]


    ========== Purity Check ==========[/color:6a02c61a1d]



    ========== Custom Scans ==========[/color:6a02c61a1d]

    ========== Base Services ==========[/color:6a02c61a1d]
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:40:01 | 000,072,192 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\aelupsvc.dll – (AeLookupSvc)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:08 | 000,070,656 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\appinfo.dll – (Appinfo)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:38:55 | 000,079,360 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\alg.exe – (ALG)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:51 | 000,849,920 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\qmgr.dll – (BITS)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:00 | 000,705,024 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\BFE.DLL – (BFE)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-11-17 07:33:55 | 000,031,232 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\lsass.exe – (KeyIso)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:40:50 | 000,402,944 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\es.dll – (EventSystem)
    SRV - [2009-07-14 02:15:19 | 000,271,360 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\es.dll – (EventSystem)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-07-04 23:13:27 | 000,136,704 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\browser.dll – (Browser)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-06-02 06:41:28 | 000,184,320 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\cryptsvc.dll – (CryptSvc)
    SRV - [2012-06-02 05:36:29 | 000,140,288 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\cryptsvc.dll – (CryptSvc)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:01 | 000,512,000 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\rpcss.dll – (DcomLaunch)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:00 | 000,317,952 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\dhcpcore.dll – (Dhcp)
    SRV - [2010-11-21 04:24:09 | 000,254,464 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\dhcpcore.dll – (Dhcp)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-03-03 07:24:16 | 000,183,296 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\dnsrslvr.dll – (Dnscache)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:40:35 | 000,111,104 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\eapsvc.dll – (EapHost)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:00 | 000,038,912 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\hidserv.dll – (hidserv)
    SRV - [2009-07-14 02:15:24 | 000,049,152 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWOW64\hidserv.dll – (hidserv)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:10 | 000,359,424 | —- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\SysNative\ipnathlp.dll – (SharedAccess)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:48 | 000,501,248 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\IPSECSVC.DLL – (PolicyAgent)
    No service found with a name of MsMpSvc
    No service found with a name of NisSrv
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:54 | 000,524,288 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\swprv.dll – (swprv)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:26 | 000,067,584 | —- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\SysNative\mmcss.dll – (MMCSS)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:52 | 000,360,448 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative
    etman.dll – (Netman)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:52 | 000,459,776 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative
    etprofm.dll – (netprofm)
    SRV - [2009-07-14 02:16:03 | 000,360,448 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysWOW64
    etprofm.dll – (netprofm)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-10-03 18:44:21 | 000,303,104 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative
    lasvc.dll – (NlaSvc)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:53 | 000,025,600 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative
    sisvc.dll – (nsi)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-05-24 12:42:55 | 000,404,480 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\umpnpmgr.dll – (PlugPlay)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-02-11 07:36:02 | 000,559,104 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\spoolsv.exe – (Spooler)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-11-17 07:33:55 | 000,031,232 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\lsass.exe – (ProtectedStorage)
    No service found with a name of EMDMgmt
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:53 | 000,099,328 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\rasauto.dll – (RasAuto)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:17 | 000,344,064 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\rasmans.dll – (RasMan)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:01 | 000,512,000 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\rpcss.dll – (RpcSs)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:16 | 000,030,720 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\seclogon.dll – (seclogon)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2011-11-17 07:33:55 | 000,031,232 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\lsass.exe – (SamSs)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:58 | 000,097,280 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wscsvc.dll – (wscsvc)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:48 | 000,236,032 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\srvsvc.dll – (LanmanServer)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:55 | 000,370,688 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\shsvcs.dll – (ShellHWDetection)
    SRV - [2010-11-21 04:24:03 | 000,328,192 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysWOW64\shsvcs.dll – (ShellHWDetection)
    No service found with a name of slsvc
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:16 | 001,110,016 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\schedsvc.dll – (Schedule)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:32 | 000,316,928 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysNative\tapisrv.dll – (TapiSrv)
    SRV - [2010-11-21 04:24:00 | 000,242,176 | —- | M] (Microsoft Corporation) [On_Demand | Running] – C:\Windows\SysWOW64\tapisrv.dll – (TapiSrv)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:55 | 000,044,544 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\themeservice.dll – (Themes)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-05-01 06:40:20 | 000,209,920 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\profsvc.dll – (ProfSvc)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:55 | 001,600,512 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\VSSVC.exe – (VSS)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:32 | 000,679,424 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\audiosrv.dll – (AudioSrv)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:32 | 000,679,424 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\audiosrv.dll – (AudioEndpointBuilder)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:25:06 | 000,170,496 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\sdrsvc.dll – (SDRSVC)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:27 | 001,011,712 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:23:55 | 001,646,080 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wevtsvc.dll – (eventlog)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:28 | 000,828,416 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\MPSSVC.dll – (MpsSvc)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:48 | 000,580,096 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wiaservc.dll – (stisvc)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2010-11-21 04:24:15 | 000,128,000 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\msiexec.exe – (msiserver)
    SRV - [2010-11-21 04:24:28 | 000,073,216 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysWow64\msiexec.exe – (msiserver)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2009-07-14 02:41:56 | 000,242,688 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\SysNative\wbem\WMIsvc.dll – (Winmgmt)
    SRV:[b:6a02c61a1d]64bit:[/b:6a02c61a1d] - [2012-06-02 23:19:43 | 002,428,952 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\W
  • OTL Extras logfile created on: 3-1-2013 16:17:33 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HP-G6\Desktop
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    3,95 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 60,31% Memory free
    7,90 Gb Paging File | 6,11 Gb Available in Paging File | 77,36% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 112,24 Gb Total Space | 77,40 Gb Free Space | 68,96% Space Free | Partition Type: NTFS
    Drive D: | 353,32 Gb Total Space | 326,58 Gb Free Space | 92,43% Space Free | Partition Type: NTFS
    Drive E: | 15,02 Gb Total Space | 11,92 Gb Free Space | 79,38% Space Free | Partition Type: FAT32

    Computer Name: HP-G6-PC | User Name: HP-G6 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:335f3c797b]


    ========== File Associations ==========[/color:335f3c797b]

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] – C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] – C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm [@ = Reg Error: Key error.] – Reg Error: Key error. File not found
    .cpl [@ = cplfile] – C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] – C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-923864647-1305126636-2454660077-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] – C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========[/color:335f3c797b]

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    htmlfile [open] – "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] – "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] – rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] – "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [MediaMonkey.1Play] – "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.2PlayNext] – "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.3Enqueue] – "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
    Directory [PlayWithVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    htmlfile [open] – "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] – "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] – "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [MediaMonkey.1Play] – "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.2PlayNext] – "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
    Directory [MediaMonkey.3Enqueue] – "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
    Directory [PlayWithVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========[/color:335f3c797b]

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "AntiVirusDisableNotify" = 1
    "AntiVirusOverride" = 1
    "FirewallDisableNotify" = 1
    "UpdatesDisableNotify" = 1
    "FirewallOverride" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========[/color:335f3c797b]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========[/color:335f3c797b]

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [b:335f3c797b]64bit:[/b:335f3c797b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========[/color:335f3c797b]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========[/color:335f3c797b]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{03D330CB-A241-4847-9CE5-2C41AC8FE234}" = lport=137 | protocol=17 | dir=in | app=system |
    "{09695DB4-C122-4331-B763-50F208A724B9}" = lport=445 | protocol=6 | dir=in | app=system |
    "{0CDA78C8-18B0-47DF-9A3F-8CC96B5D2402}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{112D0D8F-65EC-45B5-8D81-ADEB0294D185}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{2D511813-A9DD-45E0-95FD-1B9FE8B5C6A5}" = lport=80 | protocol=6 | dir=in | name=http |
    "{3293F0A1-E94D-4CB6-88D7-9A6F228C40A1}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{49F0DFE6-D297-417B-9FDD-874B6925B143}" = lport=161 | protocol=6 | dir=in | name=advanced tcp/ip snmp port |
    "{4E1D0558-B20F-4F52-A663-7FF7B8E55488}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{52BF9818-20F6-4652-953A-9258F4317C74}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{57FD877B-A819-40AB-A128-94AD1B250846}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{610CF358-D46F-4672-8009-64A0BE96C4EA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{625EA310-1FAD-4008-85CB-64D8C3B513D1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{67DA512B-DE28-4F6C-8182-3A55FE6C054C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{7C0D8F6D-6877-4F5F-BA29-EDBADE689CAA}" = lport=138 | protocol=17 | dir=in | app=system |
    "{82857DC5-2137-473F-B165-4A59C64CA910}" = lport=9100 | protocol=6 | dir=in | name=advanced tcp/ip printer port |
    "{8608F3C1-CA82-4F4F-A856-5BEBCB8864FC}" = rport=137 | protocol=17 | dir=out | app=system |
    "{888700EE-65E9-4879-B8FE-2045218A830D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{938AB2E3-CAF7-4047-B610-87C56EC0A8DD}" = rport=445 | protocol=6 | dir=out | app=system |
    "{A11EE45A-F125-45C7-8202-7716F6A1A6D1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{B8C49382-0E54-48B9-8938-A439E99A03D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{B904AB01-3241-45C0-8A96-43FF17CC6CD7}" = lport=139 | protocol=6 | dir=in | app=system |
    "{CD21D96E-FED6-45DF-9AF0-B85052AECBE3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{CD864D41-117A-435F-8A7A-7BFC91F87E4D}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{CFA4688A-FFD6-4670-89DE-64E5DBE103F1}" = rport=139 | protocol=6 | dir=out | app=system |
    "{D178FD0C-4DBC-4035-B669-2AE2101B81CD}" = lport=427 | protocol=6 | dir=in | name=advanced tcp/ip slp port |
    "{D4CE9E54-10A3-4BF0-A471-7FC7AA247A5F}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{ED053EC8-F3CF-402C-BFE4-4CF016C53DEF}" = rport=138 | protocol=17 | dir=out | app=system |
    "{F537BD53-8ADE-4E12-89AE-19FF16E27459}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

    ========== Vista Active Application Exception List ==========[/color:335f3c797b]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00839B74-0B7A-467F-B3C7-4D0B2C5073F1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{0699B1E1-97A7-4D53-AF3E-B0DDAC1A9EB2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{06F60588-AF61-4385-A9C7-623CAD2CF821}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{0D83E55A-57C5-4344-9A28-842041C821ED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{1EF9BD9E-01F1-4CA5-9B9D-F06E29A15484}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{23977FDF-91AA-40EA-82D5-4531A051D905}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2BF71242-50FF-4D89-AA13-A5360668154E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{3112B739-0B23-45F2-A2E1-999CF54537BE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{333487D7-D044-4452-A254-874D2C2E5FA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{347BCD6F-3201-4A23-B4F3-DAB2505014CF}" = protocol=17 | dir=in | app=c:\users\hp-g6\appdata\roaming\dropbox\bin\dropbox.exe |
    "{3B775AD7-C12D-400E-B925-4B8D0B790EAE}" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey.exe |
    "{522EA2E9-3A51-44FF-A3B3-1712CF063674}" = dir=in | app=c:\users\hp-g6\appdata\local\microsoft\skydrive\skydrive.exe |
    "{53AB3695-47D8-4F10-A99A-E5EFEEC79C71}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{5D0A6E7C-909E-4104-89AC-FC4E9781C647}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{6212EC04-D9FE-42F1-B535-9D0EDFE0266B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{6D54E6DD-3447-424C-8490-868203B885BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{7B13231A-EEE7-412F-ACDA-CD7DDDE3BF92}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{8A18D815-B8F0-4F15-9088-7ECB613B8631}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{8B256748-FB28-4A41-BAC8-59492CB4F11C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "{8D522731-684C-4EBA-9A58-27BC276FA02B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{900451C5-C495-4206-9F92-BDDBFA0F64B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{94192597-FBBF-4BF8-BBEC-146E366C2FA5}" = protocol=6 | dir=out | app=system |
    "{97C7474A-88F3-423B-8E7A-67A491118DFF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{9E8B3C55-A67B-4F4D-81CE-8FC70429063C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{A9CA053E-30EE-46CA-A203-2AE59609C5FD}" = protocol=6 | dir=in | app=c:\users\hp-g6\appdata\roaming\dropbox\bin\dropbox.exe |
    "{AB23255F-2A04-47EA-8332-FDB976822049}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{ADE830EB-BD89-4A93-B75F-42758BA4D401}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{B3F88596-6431-4410-940D-574E41FD7BDE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{B5077E0A-CB67-4768-BB8E-2FD19F19DCEF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{BF2999FB-4A1F-4FD4-B3CB-1EC883D8465F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C57CC77D-CCBC-4280-B12D-C89A53EEDF1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C9A0F44F-5C6D-4B64-A9C5-0C26D4668F65}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{F7BB60A2-00D3-47C2-A68A-AE88E0A04D7B}" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey.exe |
    "{F8C386F7-E7FA-46D6-9D94-F8F7A5EDBF21}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{FAB2EFDA-9367-4616-9F87-DEC18F1DF504}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "TCP Query User{1A24F00E-C0A1-4E0A-97AE-D78B1F6A5E1A}C:\program files (x86)\fahclient\fahclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fahclient\fahclient.exe |
    "TCP Query User{603C0396-A2EB-43A5-90D9-9ADCBBA98AE8}C:\users\hp-g6\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\hp-g6\appdata\roaming\dropbox\bin\dropbox.exe |
    "TCP Query User{83DB9FA4-EADF-4672-81FC-D8D5008798CE}C:\program files (x86)\fahclient\fahclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fahclient\fahclient.exe |
    "UDP Query User{54B3718C-85D8-42CF-B13E-DDCDCE732EE2}C:\users\hp-g6\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\hp-g6\appdata\roaming\dropbox\bin\dropbox.exe |
    "UDP Query User{E5A670BF-0E50-4676-86B0-3CC3DACBE28E}C:\program files (x86)\fahclient\fahclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fahclient\fahclient.exe |
    "UDP Query User{F96D2E9B-7703-496F-8F49-7F874F79D0AD}C:\program files (x86)\fahclient\fahclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fahclient\fahclient.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:335f3c797b]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{C5089197-5B15-44AD-B0FC-2E94EE9ECB63}" = WinSysClean X2
    "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
    "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
    "sp6" = Logitech SetPoint 6.51
    "SynTPDeinstKey" = Synaptics TouchPad Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
    "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
    "{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
    "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
    "{47746266-C19F-40B4-9355-C60A285C2A7D}" = F-Secure Network CCF 1.02.115
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4AA2A466-8031-403A-8236-5301B4E391FB}" = Windows Live UX Platform Language Pack
    "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
    "{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection
    "{58860C2E-A94A-49B0-9A0F-A0A83ABA5B2B}" = F-Secure CCF Scanning 1.14.155.6945 (release)
    "{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 12.62.109.0 (release)
    "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
    "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
    "{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
    "{743FD554-A73F-4FE8-BE7B-C283D16297F9}" = Photo Common
    "{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
    "{7FECD05A-0927-471D-AEF8-6D657D6577F0}" = Ziggo Internetbeveiliging
    "{83C9377F-5ED1-4AD8-B113-7C876AEAF3AB}" = Windows Live Messenger
    "{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
    "{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
    "{90140000-0015-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
    "{90140000-0016-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
    "{90140000-0018-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
    "{90140000-0019-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
    "{90140000-001A-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
    "{90140000-001B-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
    "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
    "{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0413-1000-0000000FF1CE}_Office14.PROPLUSR_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
    "{90140000-002C-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010
    "{90140000-0044-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
    "{90140000-006E-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
    "{90140000-00A1-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010
    "{90140000-00BA-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
    "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI - Nederlands
    "{B7F31B9C-8775-4500-8E9D-6ABE9AE17CF4}" = Windows Live Essentials
    "{B8728345-7ABB-4F32-AFA9-CB98BE498514} WinGPS 5 Voyager_is1" = WinGPS 5 Voyager
    "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
    "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
    "{D36E76E0-3030-494D-8FFA-C128416BFA9D} DKW Manager_is1" = DKW Manager
    "{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
    "{D5433428-5FC1-4A5F-9184-C4CD13BE6EF7} WinGPS 5 Navigator_is1" = WinGPS 5 Navigator
    "{DC213574-F9C7-4A65-BE84-20F4079BD1C3}" = Online Safety 2.63.170.284
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
    "{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
    "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
    "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
    "Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "DMX5_is1" = DriverMax 6
    "FAHClient" = FAHClient
    "F-Secure ServiceEnabler 45123" = Ziggo Internetbeveiliging
    "Google Calendar Sync" = Google Calendar Sync
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000
    "MediaMonkey_is1" = MediaMonkey 4.0
    "Mozilla Firefox 17.0.1 (x86 nl)" = Mozilla Firefox 17.0.1 (x86 nl)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
    "PIXresizer_is1" = PIXresizer
    "TeamViewer 7" = TeamViewer 7
    "VLC media player" = VLC media player 2.0.4
    "WinLiveSuite" = Windows Live Essentials
    "WinSysClean X2" = WinSysClean X2

    ========== HKEY_USERS Uninstall List ==========[/color:335f3c797b]

    [HKEY_USERS\S-1-5-21-923864647-1305126636-2454660077-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox
    "SkyDriveSetup.exe" = Microsoft SkyDrive

    ========== Last 20 Event Log Errors ==========[/color:335f3c797b]

    [ Application Events ]
    Error - 29-12-2012 2:30:13 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 30-12-2012 3:27:19 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 31-12-2012 2:29:43 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 31-12-2012 13:36:30 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 1-1-2013 3:59:09 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 1-1-2013 13:43:56 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 2-1-2013 2:21:32 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 3-1-2013 2:43:10 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 3-1-2013 3:39:59 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 3-1-2013 5:31:21 | Computer Name = HP-G6-PC | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 2-1-2013 17:47:36 | Computer Name = HP-G6-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.

    Error - 3-1-2013 2:41:21 | Computer Name = HP-G6-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.

    Error - 3-1-2013 2:42:32 | Computer Name = HP-G6-PC | Source = DCOM | ID = 10016
    Description =

    Error - 3-1-2013 3:31:52 | Computer Name = HP-G6-PC | Source = Service Control Manager | ID = 7030
    Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
    Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
    toegestaan. Deze service werkt mogelijk niet juist.

    Error - 3-1-2013 3:33:43 | Computer Name = HP-G6-PC | Source = Service Control Manager | ID = 7030
    Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
    Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
    toegestaan. Deze service werkt mogelijk niet juist.

    Error - 3-1-2013 3:38:16 | Computer Name = HP-G6-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.

    Error - 3-1-2013 3:39:28 | Computer Name = HP-G6-PC | Source = DCOM | ID = 10016
    Description =

    Error - 3-1-2013 4:28:38 | Computer Name = HP-G6-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.

    Error - 3-1-2013 5:29:37 | Computer Name = HP-G6-PC | Source = BTHUSB | ID = 327697
    Description = Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden
    en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.

    Error - 3-1-2013 5:30:49 | Computer Name = HP-G6-PC | Source = DCOM | ID = 10016
    Description =


    < End of report >
  • OTL.exe werd geblokkeerd door of Fsecure,óf wat anders, kreeg 403 meldingen, dus via de OldTimersite een OTL.com opgehaald en gebruikt
  • [b:6f1f219b60]Sluit voordat OTL[/color:6f1f219b60] de fix gaat doen, eerst alle andere openstaande vensters![/b:6f1f219b60]
    [list:6f1f219b60][*:6f1f219b60][b:6f1f219b60]Windows 2000[/color:6f1f219b60][/b:6f1f219b60] en [b:6f1f219b60]Windows XP[/b:6f1f219b60][/color:6f1f219b60]: dubbelklik op [b:6f1f219b60]OTL.exe[/b:6f1f219b60][/color:6f1f219b60].
    [*:6f1f219b60][b:6f1f219b60]Windows Vista[/b:6f1f219b60][/color:6f1f219b60], [b:6f1f219b60]Windows 7[/b:6f1f219b60][/color:6f1f219b60] en [b:6f1f219b60]Windows 8[/b:6f1f219b60][/color:6f1f219b60]: via rechtsklik op [b:6f1f219b60]OTL.exe[/b:6f1f219b60][/color:6f1f219b60] en kies voor "Als Administrator uitvoeren".
    [list:6f1f219b60][*:6f1f219b60][b:6f1f219b60]Kopieer en plak de volgende (vetgedrukte,[/color:6f1f219b60] blauwe tekst[/color:6f1f219b60]) in het kader onder [/color:6f1f219b60][/b:6f1f219b60][img:6f1f219b60]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:6f1f219b60][/list:u:6f1f219b60][/list:u:6f1f219b60]

    [b:6f1f219b60]
    :OTL
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found


    :Services


    :Reg


    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [emptyjava]
    [emptyflash]
    [createrestorepoint]
    [reboot][/color:6f1f219b60][/b:6f1f219b60]


    [list:6f1f219b60][*:6f1f219b60]Klik daarna bovenaan op [img:6f1f219b60]http://www.imgdumper.nl/uploads5/4f911cee9de47/4f911cee9da59-OTL-4.png[/img:6f1f219b60]
    [*:6f1f219b60]Laat het programma ongestoord zijn werk doen.
    [*:6f1f219b60][b:6f1f219b60]OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.[/b:6f1f219b60][/color:6f1f219b60]
    [*:6f1f219b60]Klik op [b:6f1f219b60]OK[/b:6f1f219b60]
    [*:6f1f219b60]Na het opnieuw opstarten wordt enkel een nieuw log geopend.
    [*:6f1f219b60]Post via kopiëren en plakken de inhoud van dat OTL-scanlog.[/list:u:6f1f219b60]
  • All processes killed
    ========== OTL ==========
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
    File Protocol\Handler\livecall - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
    File Protocol\Handler\ms-help - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
    File Protocol\Handler\msnim - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
    File Protocol\Handler\skype4com - No CLSID value found not found.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    < ipconfig /flushdns /c >[/color:6dd5edee11]
    Windows IP-configuratie
    De DNS-omzettingscache is leeggemaakt.
    C:\Users\HP-G6\Desktop\cmd.bat deleted successfully.
    C:\Users\HP-G6\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: HP-G6
    ->Temp folder emptied: 31520 bytes
    ->Temporary Internet Files folder emptied: 1271277 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 98645380 bytes
    ->Flash cache emptied: 1159 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 14216805 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36098961 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 143,00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYJAVA]

    User: All Users

    User: Default

    User: Default User

    User: HP-G6
    ->Java cache emptied: 0 bytes

    User: Public

    Total Java Files Cleaned = 0,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: HP-G6
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0,00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.69.0 log created on 01032013_202001

    Files\Folders moved on Reboot…
    C:\Users\HP-G6\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files…

    Registry entries deleted on Reboot…
  • Is er enige verbetering bemerkbaar?
  • Messenger blijft bij opstarten die achterlijke meldinbg geven dat ik flashplayer moet updaten, maar laat zich in elk geval zover temmen dat ik m weer kan minimaliseren.
    Ga nu in configscherm flashplayer nogmaals verwijderen en opnieuw opstarten nadat ik winsyscleaner heb laten lopen….
  • Doe volgende test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:d865256c73]Security Check[/color:d865256c73][/b:d865256c73].
    [list:d865256c73][*:d865256c73] Klik/dubbelklik op [b:d865256c73]SecurityCheck.exe[/b:d865256c73] en let op de instrukties in het zwarte venster.
    [*:d865256c73] Een Kladblok document genaamd [b:d865256c73]checkup.txt[/b:d865256c73] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:d865256c73] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:d865256c73]
    Post de inhoud van [b:d865256c73]checkup.txt [/b:d865256c73]in je volgende post.
  • Results of screen317's Security Check version 0.99.56
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:a6868dc39c][u:a6868dc39c]``````````````Antivirus/Firewall Check:``````````````[/b:a6868dc39c][/u:a6868dc39c]
    Basis
    Antivirus up to date!
    [b:a6868dc39c][u:a6868dc39c]`````````Anti-malware/Other Utilities Check:`````````[/b:a6868dc39c][/u:a6868dc39c]
    Malwarebytes Anti-Malware versie 1.65.1.1000
    Java 7 Update 9
    Adobe Reader XI
    Mozilla Firefox (17.0.1)
    [b:a6868dc39c][u:a6868dc39c]````````Process Check: objlist.exe by Laurent````````[/b:a6868dc39c][/u:a6868dc39c]
    Internetbeveiliging apps ComputerSecurity Anti-Virus\FSGK32.EXE
    Internetbeveiliging apps ComputerSecurity Anti-Virus\fssm32.exe
    [b:a6868dc39c][u:a6868dc39c]`````````````````System Health check`````````````````[/b:a6868dc39c][/u:a6868dc39c]
    Total Fragmentation on Drive C: 0%
    [b:a6868dc39c][u:a6868dc39c]````````````````````End of Log``````````````````````[/b:a6868dc39c][/u:a6868dc39c]
  • Geen Flashplayer dus.

    Ga met Internet Explorer naar http://get.adobe.com/nl/flashplayer/ om de nieuwste Adobe Flash Player 11.5.502.135 te laten installeren;
    wil je de [b:e022fca7e9]Gratis Google Toolbar (optioneel) (2,12 MB)[/b:e022fca7e9] of [b:e022fca7e9]Gratis! McAfee Security Scan Plus (optioneel) (0.98 MB)[/b:e022fca7e9] niet erbij hebben, haal dan eerst het vinkje weg!
  • Had via een van mn andere vaste forums ( www.zeilersforum.nl ) al het verzoek gekregen om die te installeren. Gedaan en daar draait alles goed.
    Zla zo PC opnieuw opstarten en kijken wat er gebeurd.
  • nNa reboot lijkt alles weer feilloos te werken.
    Abraham, bedankt, en ik hoop dat je dit werk nog heel lang wilt en kunt volhouden, beste wensen :lol:
  • Dit werk wil ik nog lang volhouden, desnoods ook via mijn eigen forum (toekomst)!

    [b:b88cd99837]Stap •1•[/b:b88cd99837][/color:b88cd99837]
    Start OTL en klik dan op de knop [b:b88cd99837]CleanUp[/b:b88cd99837].
    [list:b88cd99837][*:b88cd99837]OTL zal ondrzoeken of er nog een tool of log opgeruimd moet worden.
    [*:b88cd99837]Na een reboot is dan OTL ook opgeruimd.[/list:u:b88cd99837]

    ComboFix moet dan ook geheel verwijderd zijn!
  • Helaas, na een reboot begint t gezeur weer. :evil:

    Maar goed , heb geruchten gehoord dat je MSN gekoppeld gaat worden aan Skype, zal daar eens naar kijken, gaat Messenger in de bittenbak.
  • Dat zijn geen geruchten hoor, maar MSN-messenger gaat inderdaad naar Skype.

    Kijk desnoods hier: http://www.amsn-project.net/

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.