Vraag & Antwoord

Beveiliging & privacy

meegelifte ongewenste software bij Ceystaldisk info

32 antwoorden
  • Toevallig al vóór ik dit draadje las: http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=220658 met een advies van A54 voor een andere vraagsteller had ik op een laptop- die ik ter inspectie had - die Crystaldisk geinstalleerd (alles blauw, dat wel), maar er bleken toch spelletjes mee-geïnstalleerd te zijn, wargame of zo. Die waren bij geïnstalleerde software niet te vinden, maar hadden zich wel genesteld in startmenu etc. Hoe kan ik die met zekerheid verwijderen?
  • Weet je wel heel zeker dat die games via het tool zijn meegelift?
  • nou, ik heb een aantal basis-zaken moeten installeren op die laptop (de vorige eigenaar wist van niks zoals dat heet), zoals Avast, Foxit, ZA bijvoorbeeld. geheel zeker ben ik achteraf niet meer waar het door kwam. Je ziet in het voorbijgaan iets van aan- of uitvinken, en je maakt kennelijk een verkeerde keus waar zij op hopen, ondanks het feit dat je alert bent.
  • ff terinzage hij heeft wel vermoedelijk de spelletjes in gestaleerd. Want ik heb het progamma ook op mijn laptop geinstalleerd. en zie deze afbeelding wat ik heb gemaakt. [img][URL=http://s210.photobucket.com/user/koper2008/media/Allerlei%20foto/700_zps63a41e96.png.html][img:6223958b5f]http://i210.photobucket.com/albums/bb290/koper2008/Allerlei%20foto/700_zps63a41e96.png[/img:6223958b5f][/URL][/img] Dus vermoedelijk niet uit gevinkt.
  • Bedankt voor de info. CrystalDisk was een poosje zonder meelifters, maar dat is dus weer veranderd. Ik zal mijn canned daarom aanpassen.
  • Je ziet dan uitvinken steeds vaker... het betreft dan een niet akkoord wat mee geïnstalleerd wordt... en niet het gewenste programma. Het lijkt misschien wat misleidend om het zo te doen, maar als je goed leest zie je het toch... Ik vind de tekst van het plaatje zelfs heel duidelijk dat het expliciet om het erbij installeren van dat spul gaat....
  • Dat hangt af van de download locatie. Ikzelf heb CrystalDiskInfo gedownload vanaf de hyperlink op [url=http://tweakers.net/meuktracker/30514/crystaldiskinfo-560.html]tweakers.net.[/url] De download daar heeft CrystalDiskInfo5_6_2.zip. Als je die uitpakt verschijnt er een map met de naam CrystalDiskInfo5_6_2 met daarin onder andere het uitvoerende programma DiskInfo.exe. Die heeft dus geen installatieprocedure en ook geen meeliftende programma's.
  • Dat is al een tijdje zo bij crystal diskinfo, meestal wordt het bagger programma tune utilities mee geleverd, maar als je gewoon goed leest en niet als een dolle op de volgende of akkoord klikt dan wordt het dus niet mee geïnstalleerd. Verder staan er op de site verschillende downloads en als je goed kijkt staar er dus ook een tussen met candy (Ads) http://crystalmark.info/download/index-e.html
  • [quote:2b036251de="jolo"]Dat hangt af van de download locatie. Ikzelf heb CrystalDiskInfo gedownload vanaf de hyperlink op [url=http://tweakers.net/meuktracker/30514/crystaldiskinfo-560.html]tweakers.net.[/url] De download daar heeft CrystalDiskInfo5_6_2.zip. Als je die uitpakt verschijnt er een map met de naam CrystalDiskInfo5_6_2 met daarin onder andere het uitvoerende programma DiskInfo.exe. Die heeft dus geen installatieprocedure en ook geen meeliftende programma's.[/quote:2b036251de] @ Jolo, hier haal ik het programma ook vandaan zonder allerlei andere rotzooi ...
  • Ik ben voor de zekerheid naar http://crystalmark.info/software/CrystalDiskInfo/index-e.html gegaan en heb via de linker downloadknop CDInfo gedownload en opnieuw geïnstalleerd. Op geen enkele wijze was er sprake van meeliftende software, noch is er niks extra's in mijn Windows geïnstalleerd. Mogelijk dat wanneer je de zogeheten Shizuku Edition download, dat er dan meelifters zijn.
  • ik had in mijn eigen pc de exe opgeslagen, en die gebruikt voor die laptop. Blijft dus nog mijn vraag hoe ik e.e.a. kan controleren op restanten. Ook is er zoiets als Poikki meegekomen, en dat heeft iets te maken met apps kunnen downloaden (heb ik niet nodig) en dat was ook niet te de-installeren. Wel heb ik in het register alles waar poikki in stond weg gehaald.Op die laptop (niet mijn eigendom) probeer ik alleen het allernoodzakelijkste te installeren en/of te controleren zoals die crystaldisk info.
  • Wat mij betreft doe je het volgende: [b:46f42fdf1c]Welk programma[/b:46f42fdf1c]:[b:46f42fdf1c] [img:46f42fdf1c]http://www.imgdumper.nl/uploads7/51e2929f3b16a/51e2929f3a9a0-OTL_Canned_definitief.png[/img:46f42fdf1c][/b:46f42fdf1c][color=#008000:46f42fdf1c][b:46f42fdf1c] OTL.exe[/b:46f42fdf1c][/color:46f42fdf1c] [b:46f42fdf1c]Waarvoor/waarom[/b:46f42fdf1c]: multifunktioneel tool - analyse en fix [b:46f42fdf1c]Moeilijkheidsgraad[/b:46f42fdf1c]: geen. [b:46f42fdf1c]Download[/b:46f42fdf1c]: [url=http://oldtimer.geekstogo.com/OTL.exe][b:46f42fdf1c][color=red:46f42fdf1c]OTL.exe[/color:46f42fdf1c][/b:46f42fdf1c][/url] en plaats het bestand op het bureaublad. [b:46f42fdf1c]Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters![/b:46f42fdf1c] [b:46f42fdf1c]OTL.exe gebruiken[/b:46f42fdf1c]: [list:46f42fdf1c][list:46f42fdf1c][*:46f42fdf1c][b:46f42fdf1c][color=#0000FF:46f42fdf1c]Windows 2000[/color:46f42fdf1c][/b:46f42fdf1c] en [color=#0000FF:46f42fdf1c][b:46f42fdf1c]Windows XP[/b:46f42fdf1c][/color:46f42fdf1c]: dubbelklik op [color=#008000:46f42fdf1c][b:46f42fdf1c]OTL.exe[/b:46f42fdf1c][/color:46f42fdf1c]. [*:46f42fdf1c][color=#0000FF:46f42fdf1c][b:46f42fdf1c]Windows Vista[/b:46f42fdf1c][/color:46f42fdf1c], [color=#0000FF:46f42fdf1c][b:46f42fdf1c]Windows 7[/b:46f42fdf1c][/color:46f42fdf1c] en [color=#0000FF:46f42fdf1c][b:46f42fdf1c]Windows 8[/b:46f42fdf1c][/color:46f42fdf1c]: via rechtsklik op [color=#008000:46f42fdf1c][b:46f42fdf1c]OTL.exe[/b:46f42fdf1c][/color:46f42fdf1c] en kies voor "Als Administrator uitvoeren".[/list:u:46f42fdf1c][/list:u:46f42fdf1c] [list:46f42fdf1c][*:46f42fdf1c]Zet een vinkje bij [b:46f42fdf1c]Scan All Users[/b:46f42fdf1c], [b:46f42fdf1c]LOP Check[/b:46f42fdf1c] en bij [b:46f42fdf1c]PURITY Check[/b:46f42fdf1c]. [*:46f42fdf1c]Kopieer onderstaande in de Code-kader staande tekst en plak deze in het kader onder [img:46f42fdf1c]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:46f42fdf1c] [code:1:46f42fdf1c] services.* explorer.exe winlogon.exe Userinit.exe svchost.exe netsvcs BASESERVICES DRIVES msconfig %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\system32\*.exe /lockedfiles %PROGRAMFILES%\* [/code:1:46f42fdf1c] [*:46f42fdf1c]Klik vervolgens op de knop [img:46f42fdf1c]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:46f42fdf1c]. [*:46f42fdf1c]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:46f42fdf1c]De scan zal niet heel erg lang duren. [list:46f42fdf1c][*:46f42fdf1c]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:46f42fdf1c]OTL.Txt[/b:46f42fdf1c] en [b:46f42fdf1c]Extras.txt[/b:46f42fdf1c]. [*:46f42fdf1c]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:46f42fdf1c][/list:u:46f42fdf1c] [color=#008000:46f42fdf1c][b:46f42fdf1c]Notabene:[/b:46f42fdf1c][/color:46f42fdf1c] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.
  • dat is een snelle reactie, alvast veel dank. Dat wordt vanavond niks meer, maar stellig morgen 15 juli! fjs
  • OTL logfile created on: 7/15/2013 11:32:17 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mw. v. d. Velden\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3.68 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 62.89% Memory free 7.35 Gb Paging File | 5.76 Gb Available in Paging File | 78.33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284.99 Gb Total Space | 249.53 Gb Free Space | 87.56% Space Free | Partition Type: NTFS Computer Name: PROBUS | User Name: Mw. v. d. Velden | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:9df5a9e1e0]========== Processes (SafeList) ==========[/color:9df5a9e1e0] PRC - [2013/07/15 11:30:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mw. v. d. Velden\Desktop\OTL.exe PRC - [2013/07/10 19:12:50 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe PRC - [2013/07/10 19:10:31 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/10/09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2012/10/09 14:41:08 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe PRC - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2011/04/19 09:01:34 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011/04/19 09:01:34 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011/04/19 09:01:32 | 000,353,872 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010/09/16 03:13:16 | 002,538,520 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/09/16 03:13:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/01/30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2007/08/20 10:42:23 | 000,495,616 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [color=#E56717:9df5a9e1e0]========== Modules (No Company Name) ==========[/color:9df5a9e1e0] MOD - [2013/07/10 19:12:48 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll MOD - [2013/07/10 19:10:19 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll [color=#E56717:9df5a9e1e0]========== Services (SafeList) ==========[/color:9df5a9e1e0] SRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2012/08/30 13:05:28 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc) SRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2011/05/11 00:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2013/07/10 19:15:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/10 19:10:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/10/09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2012/01/12 11:53:52 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/04/19 09:01:32 | 000,353,872 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010/09/16 03:13:16 | 002,538,520 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/09/16 03:13:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:9df5a9e1e0]========== Driver Services (SafeList) ==========[/color:9df5a9e1e0] DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/07/13 10:10:23 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/07/13 10:10:22 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/07/13 10:10:22 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/05/09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/05/09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/05/09 10:59:07 | 000,059,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/05/09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/05/09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2012/08/30 13:05:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2011/07/14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2011/07/14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2011/06/10 05:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2011/06/02 05:37:32 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2011/05/07 17:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2011/03/28 05:44:46 | 001,417,776 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2010/12/01 10:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2010/11/05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2010/02/26 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717:9df5a9e1e0]========== Standard Registry (SafeList) ==========[/color:9df5a9e1e0] [color=#E56717:9df5a9e1e0]========== Internet Explorer ==========[/color:9df5a9e1e0] IE:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ IE - HKCU\..\SearchScopes,DefaultScope = {50AB47A0-5864-440E-B606-C8F15DD958EF} IE - HKCU\..\SearchScopes\{50AB47A0-5864-440E-B606-C8F15DD958EF}: "URL" = http://search.zonealarm.com/search?Source=Browser&oemCode=ZLN118835168773031-1001&toolbarId=base&affiliateId=1001&Lan=en&utid=fc36c0440000000000006427375e535f&q={searchTerms}&r=279 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:9df5a9e1e0]========== FireFox ==========[/color:9df5a9e1e0] FF - prefs.js..browser.startup.homepage: "www.google.nl" FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013/07/10 09:14:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013/07/10 09:14:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/07/13 10:09:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/10 19:07:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mw. v. d. Velden\AppData\Roaming\mozilla\Extensions [2013/07/10 19:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/07/10 19:10:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/07/10 19:10:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/07/13 10:09:56 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [color=#E56717:9df5a9e1e0]========== Chrome ==========[/color:9df5a9e1e0] O1 HOSTS File: ([2013/07/10 09:09:11 | 000,000,099 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\zonealarmTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc) O4 - HKCU..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254 195.121.1.34 195.121.1.66 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{789589ED-BF42-4ABC-8CDD-E7D4D68DEAE0}: DhcpNameServer = 192.168.2.254 195.121.1.34 195.121.1.66 O18:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - Protocol\Handler\msdaipp - No CLSID value found O18:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - Protocol\Handler\mso-offdap11 - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - Protocol\Filter\text/xml - No CLSID value found O20:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\..comfile [open] -- "%1" %* O35:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b:9df5a9e1e0]64bit:[/b:9df5a9e1e0] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe - (Acer Incorporated) MsConfig:64bit - StartUpReg: [b:9df5a9e1e0]LManager[/b:9df5a9e1e0] - hkey= - key= - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) MsConfig:64bit - StartUpReg: [b:9df5a9e1e0]Power Management[/b:9df5a9e1e0] - hkey= - key= - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) MsConfig:64bit - StartUpReg: [b:9df5a9e1e0]SynTPEnh[/b:9df5a9e1e0] - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) MsConfig:64bit - State: "startup" - Reg Error: Key error. MsConfig:64bit - State: "bootini" - Reg Error: Key error. [color=#E56717:9df5a9e1e0]========== Files/Folders - Created Within 30 Days ==========[/color:9df5a9e1e0] [2013/07/15 11:30:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mw. v. d. Velden\Desktop\OTL.exe [2013/07/15 11:01:14 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\CrossLoop [2013/07/13 11:22:51 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Pokki [2013/07/13 11:03:05 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\OpenCandy [2013/07/13 10:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2013/07/13 10:25:10 | 000,000,000 | ---D | C] -- C:\Diversen voor Probus [2013/07/13 10:10:19 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Google [2013/07/13 10:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013/07/13 10:10:13 | 001,030,952 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/07/13 10:10:13 | 000,378,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/07/13 10:10:13 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013/07/13 10:10:13 | 000,059,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2013/07/13 10:10:13 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013/07/13 10:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013/07/13 10:10:12 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013/07/13 10:10:12 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/07/13 10:09:40 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013/07/13 10:09:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/07/13 09:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013/07/10 20:28:13 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013/07/10 19:12:57 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Macromedia [2013/07/10 19:12:50 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/07/10 19:12:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013/07/10 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Adobe [2013/07/10 19:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/07/10 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\Mozilla [2013/07/10 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Mozilla [2013/07/10 19:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013/07/10 19:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013/07/10 13:49:22 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\Documents\PrintScreen Files [2013/07/10 13:49:22 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadwin Systems [2013/07/10 13:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin Systems [2013/07/10 13:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gadwin Systems [2013/07/10 12:06:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013/07/10 12:05:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/07/10 12:05:10 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/07/10 12:05:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/07/10 12:05:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/07/10 12:05:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/07/10 12:05:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/07/10 12:05:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/07/10 12:05:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/07/10 12:05:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/07/10 12:05:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/07/10 12:05:08 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/07/10 12:05:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/07/10 12:05:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/07/10 12:05:06 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/07/10 12:05:05 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/07/10 11:48:56 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2013/07/10 11:48:56 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2013/07/10 11:48:56 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2013/07/10 11:48:55 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2013/07/10 11:48:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/07/10 11:46:15 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/07/10 11:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2013/07/10 11:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2013/07/10 09:14:33 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\Documents\ForceField Shared Files [2013/07/10 09:14:32 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\CheckPoint [2013/07/10 09:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2013/07/10 09:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2013/07/10 09:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD [2013/07/10 09:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint [2013/07/10 09:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2013/07/10 09:11:20 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\Documents\Add-in Express [2013/07/10 09:10:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2013/07/10 09:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013/07/10 09:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2013/07/10 09:09:10 | 001,459,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LegitCheckControl.dll [2013/07/10 09:09:10 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OGACheckControl.dll [2013/07/10 08:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013/07/10 08:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013/07/10 08:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013/07/10 08:03:03 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013/07/09 20:27:42 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\ElevatedDiagnostics [2013/07/09 20:16:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/07/09 20:14:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/07/09 19:58:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/07/09 19:58:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/07/09 19:58:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/07/09 19:58:28 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/07/09 19:58:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/07/09 19:47:50 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\Malwarebytes [2013/07/09 19:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/07/09 19:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/07/09 19:47:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/07/09 19:47:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/07/09 19:47:24 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Programs [2013/07/09 19:43:37 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\vlc [2013/07/09 19:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013/07/09 19:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013/07/09 16:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\FastStone [2013/07/09 16:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer [2013/07/09 16:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Image Viewer [2013/07/09 16:07:11 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/07/09 16:07:10 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/07/09 16:07:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/07/09 16:07:10 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/07/09 16:07:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/07/09 16:07:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/07/09 16:07:10 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/07/09 16:07:10 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/07/09 16:07:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/07/09 16:07:10 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/07/09 16:07:09 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/07/09 16:07:09 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/07/09 16:07:09 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/07/09 16:07:09 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/07/09 16:07:09 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/07/09 16:07:09 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/07/09 16:07:09 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/07/09 16:07:09 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/07/09 16:07:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/07/09 16:07:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/07/09 16:07:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/07/09 16:07:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/07/09 16:07:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/07/09 16:07:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/07/09 16:07:08 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/07/09 16:07:08 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/07/09 16:07:08 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/07/09 16:07:08 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/07/09 16:07:08 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/07/09 16:07:08 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/07/09 16:07:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/07/09 16:07:08 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/07/09 16:07:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/07/09 16:07:07 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/07/09 16:07:07 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/07/09 16:07:07 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/07/09 16:07:07 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/07/09 16:07:07 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/07/09 16:07:07 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/07/09 16:07:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/07/09 16:07:07 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/07/09 16:07:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/07/09 16:07:07 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/07/09 16:07:07 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/07/09 16:07:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/07/09 16:07:07 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/07/09 16:07:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/07/09 16:07:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/07/09 16:07:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/07/09 16:07:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/07/09 16:07:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/07/09 16:07:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/07/09 16:07:06 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/07/09 16:05:59 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/07/09 16:05:59 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/07/09 16:05:59 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/07/09 16:05:59 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/07/09 16:05:59 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/07/09 16:05:59 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/07/09 16:05:59 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/07/09 16:05:59 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/07/09 16:05:59 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/07/09 16:05:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/07/09 16:05:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/07/09 16:05:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/07/09 16:05:59 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/07/09 16:05:59 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/07/09 16:05:58 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/07/09 16:05:58 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/07/09 16:05:58 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/07/09 16:05:58 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/07/09 16:05:58 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/07/09 16:05:58 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/07/09 16:05:58 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/07/09 16:05:58 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/07/09 16:05:58 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/07/09 16:05:58 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/07/09 16:05:58 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/07/09 16:05:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/07/09 16:05:58 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/07/09 16:05:58 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/07/09 15:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013/06/28 16:09:01 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/06/28 16:09:01 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/06/28 16:08:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013/06/28 16:08:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013/06/28 16:08:54 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe [2013/06/28 16:08:54 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe [2013/06/28 16:08:53 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013/06/28 16:08:53 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013/06/28 16:08:53 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2013/06/28 16:08:53 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll [2013/06/28 16:08:48 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/06/28 16:08:48 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [color=#E56717:9df5a9e1e0]========== Files - Modified Within 30 Days ==========[/color:9df5a9e1e0] [2013/07/15 11:30:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mw. v. d. Velden\Desktop\OTL.exe [2013/07/15 11:15:02 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/07/15 10:53:19 | 001,549,498 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/07/15 10:53:19 | 000,701,798 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2013/07/15 10:53:19 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/07/15 10:53:19 | 000,133,798 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2013/07/15 10:53:19 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/07/15 10:46:37 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/07/15 10:46:37 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/07/15 10:39:09 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2013/07/15 10:39:05 | 2960,412,672 | -HS- | M] () -- C:\hiberfil.sys [2013/07/13 10:36:32 | 000,000,402 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Desktop\USB slot of SD kaartje links.lnk [2013/07/13 10:10:23 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/07/13 10:10:23 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum [2013/07/13 10:10:23 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum [2013/07/13 10:10:22 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/07/13 10:10:22 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/07/13 10:10:22 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum [2013/07/13 10:10:12 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/07/10 19:15:27 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/07/10 19:15:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/07/10 19:07:20 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/07/10 14:05:11 | 000,001,141 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk [2013/07/10 14:04:30 | 000,002,737 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Desktop\Outlook.lnk [2013/07/10 13:33:56 | 000,289,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/07/10 11:25:53 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV9Acer.dll [2013/07/10 09:15:10 | 000,415,877 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2013/07/10 09:13:35 | 000,000,126 | ---- | M] () -- C:\user.js [2013/07/10 09:09:11 | 000,000,099 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/07/10 08:18:23 | 000,000,020 | ---- | M] () -- C:\Windows\8û` [2013/07/10 08:08:25 | 000,002,701 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Desktop\Word 2003.lnk [2013/07/10 08:08:19 | 000,002,675 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Desktop\PowerPoint 2003.lnk [2013/07/10 08:08:11 | 000,002,687 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Desktop\Excel 2003.lnk [2013/07/10 08:07:18 | 000,000,392 | ---- | M] () -- C:\Windows\ODBC.INI [2013/07/09 21:30:04 | 000,000,546 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job [2013/07/09 16:21:59 | 000,000,336 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Desktop\Cd-station zit rechts.lnk [2013/07/09 16:07:11 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/07/09 16:07:10 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/07/09 16:07:10 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/07/09 16:07:10 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/07/09 16:07:10 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/07/09 16:07:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/07/09 16:07:10 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/07/09 16:07:10 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/07/09 16:07:10 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/07/09 16:07:10 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/07/09 16:07:10 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/07/09 16:07:09 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/07/09 16:07:09 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/07/09 16:07:09 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/07/09 16:07:09 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/07/09 16:07:09 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/07/09 16:07:09 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/07/09 16:07:09 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/07/09 16:07:09 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/07/09 16:07:09 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/07/09 16:07:09 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/07/09 16:07:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/07/09 16:07:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/07/09 16:07:09 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/07/09 16:07:09 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/07/09 16:07:08 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/07/09 16:07:08 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/07/09 16:07:08 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/07/09 16:07:08 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/07/09 16:07:08 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/07/09 16:07:08 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/07/09 16:07:08 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/07/09 16:07:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/07/09 16:07:08 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/07/09 16:07:07 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/07/09 16:07:07 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/07/09 16:07:07 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/07/09 16:07:07 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/07/09 16:07:07 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/07/09 16:07:07 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/07/09 16:07:07 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/07/09 16:07:07 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/07/09 16:07:07 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/07/09 16:07:07 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/07/09 16:07:07 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/07/09 16:07:07 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/07/09 16:07:07 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/07/09 16:07:07 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/07/09 16:07:07 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/07/09 16:07:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/07/09 16:07:07 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/07/09 16:07:07 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/07/09 16:07:07 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/07/09 16:07:07 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/07/09 16:07:06 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/07/09 16:05:59 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/07/09 16:05:59 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/07/09 16:05:59 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/07/09 16:05:59 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/07/09 16:05:59 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/07/09 16:05:59 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/07/09 16:05:59 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/07/09 16:05:59 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/07/09 16:05:59 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/07/09 16:05:59 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/07/09 16:05:59 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/07/09 16:05:59 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/07/09 16:05:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/07/09 16:05:59 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/07/09 16:05:59 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/07/09 16:05:58 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/07/09 16:05:58 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/07/09 16:05:58 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/07/09 16:05:58 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/07/09 16:05:58 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/07/09 16:05:58 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/07/09 16:05:58 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/07/09 16:05:58 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/07/09 16:05:58 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/07/09 16:05:58 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/07/09 16:05:58 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/07/09 16:05:58 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/07/09 16:05:58 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/07/09 15:19:52 | 000,001,429 | ---- | M] () -- C:\Users\Mw. v. d. Velden\Desktop\Internet Explorer.lnk [color=#E56717:9df5a9e1e0]========== Files Created - No Company Name ==========[/color:9df5a9e1e0] [2013/07/13 10:36:32 | 000,000,402 | ---- | C] () -- C:\Users\Mw. v. d. Velden\Desktop\USB slot of SD kaartje links.lnk [2013/07/13 10:10:23 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum [2013/07/13 10:10:23 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum [2013/07/13 10:10:23 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum [2013/07/13 10:10:12 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/07/13 10:10:12 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013/07/13 10:10:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2013/07/10 19:12:50 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/07/10 19:07:20 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/07/10 19:07:19 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/07/10 14:05:11 | 000,001,141 | ---- | C] () -- C:\Users\Mw. v. d. Velden\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk [2013/07/10 14:04:30 | 000,002,737 | ---- | C] () -- C:\Users\Mw. v. d. Velden\Desktop\Outlook.lnk [2013/07/10 09:14:35 | 000,415,877 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2013/07/10 09:13:35 | 000,000,126 | ---- | C] () -- C:\user.js [2013/07/10 09:09:10 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe [2013/07/10 09:09:10 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll [2013/07/10 09:09:10 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\OGAVerify.exe [2013/07/10 09:09:10 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\OGAExec.exe [2013/07/10 09:09:10 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\OGAAddin.dll [2013/07/10 08:18:22 | 000,000,020 | ---- | C] () -- C:\Windows\8û` [2013/07/10 08:08:25 | 000,002,701 | ---- | C] () -- C:\Users\Mw. v. d. Velden\Desktop\Word 2003.lnk [2013/07/10 08:08:19 | 000,002,675 | ---- | C] () -- C:\Users\Mw. v. d. Velden\Desktop\PowerPoint 2003.lnk [2013/07/10 08:08:11 | 000,002,687 | ---- | C] () -- C:\Users\Mw. v. d. Velden\Desktop\Excel 2003.lnk [2013/07/10 08:07:18 | 000,000,392 | ---- | C] () -- C:\Windows\ODBC.INI [2013/07/09 20:25:58 | 000,000,546 | ---- | C] () -- C:\Windows\tasks\One-Click Tweak.job [2013/07/09 19:58:48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/07/09 19:58:48 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/07/09 19:58:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/07/09 19:58:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/07/09 19:58:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
  • Ik mis het een en ander...
  • sorry, maar ik heb echt beide txt-bestanden gekopiëerd en geplakt en opgestuurd vanaf die andere laptop. Wàt ben ik vergeten te doen?
  • Log 1 is incompleet en log 2 mist.
  • ah, dat komt omdat ik vanuit die andere laptop deed, dat ging kennelijk niet goed. Komt opnieuw. met excuses. fjs
  • ik zie in mijn pc nagemeten 22 A4tjes met teksten van die logjes. Is dat niet bij iedereen zo?[/b]
  • mijn eerste lees-lessen zijn nog van vóór de oorlog. Heb alles nog eens goed gelezen en aangevinkt zoals je zei. Er komt nu maar één log, en die plaats ik dan toch maar: OTL logfile created on: 7/15/2013 1:20:53 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mw. v. d. Velden\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000409 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3.68 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 58.59% Memory free 7.35 Gb Paging File | 5.70 Gb Available in Paging File | 77.55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284.99 Gb Total Space | 249.53 Gb Free Space | 87.56% Space Free | Partition Type: NTFS Computer Name: PROBUS | User Name: Mw. v. d. Velden | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:b770bc2792]========== Processes (SafeList) ==========[/color:b770bc2792] PRC - [2013/07/15 13:09:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mw. v. d. Velden\Desktop\OTL.exe PRC - [2013/07/10 19:12:50 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe PRC - [2013/07/10 19:10:31 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/10/09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2012/10/09 14:41:08 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe PRC - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2011/04/19 09:01:34 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2011/04/19 09:01:34 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2011/04/19 09:01:32 | 000,353,872 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010/09/16 03:13:16 | 002,538,520 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/09/16 03:13:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/01/30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2007/08/20 10:42:23 | 000,495,616 | ---- | M] (Gadwin Systems, Inc) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [color=#E56717:b770bc2792]========== Modules (No Company Name) ==========[/color:b770bc2792] MOD - [2013/07/10 19:12:48 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll MOD - [2013/07/10 19:10:19 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll [color=#E56717:b770bc2792]========== Services (SafeList) ==========[/color:b770bc2792] SRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2012/08/30 13:05:28 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc) SRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2012/04/05 15:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2011/05/11 00:01:08 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2013/07/10 19:15:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/10 19:10:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/10/09 15:10:52 | 002,447,440 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2012/01/12 11:53:52 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/04/19 09:01:32 | 000,353,872 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010/09/16 03:13:16 | 002,538,520 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/09/16 03:13:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:b770bc2792]========== Driver Services (SafeList) ==========[/color:b770bc2792] DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/07/13 10:10:23 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/07/13 10:10:22 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/07/13 10:10:22 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/05/09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/05/09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/05/09 10:59:07 | 000,059,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/05/09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/05/09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2012/08/30 13:05:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2011/07/14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2011/07/14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2011/06/10 05:16:08 | 012,230,912 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2011/06/02 05:37:32 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2011/05/07 17:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2011/03/28 05:44:46 | 001,417,776 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2010/12/01 10:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2010/11/05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2010/02/26 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:b770bc2792]64bit:[/b:b770bc2792] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717:b770bc2792]========== Standard Registry (All) ==========[/color:b770bc2792] [color=#E56717:b770bc2792]========== Internet Explorer ==========[/color:b770bc2792] IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ IE - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\..\SearchScopes,DefaultScope = {50AB47A0-5864-440E-B606-C8F15DD958EF} IE - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\..\SearchScopes\{50AB47A0-5864-440E-B606-C8F15DD958EF}: "URL" = http://search.zonealarm.com/search?Source=Browser&oemCode=ZLN118835168773031-1001&toolbarId=base&affiliateId=1001&Lan=en&utid=fc36c0440000000000006427375e535f&q={searchTerms}&r=279 IE - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:b770bc2792]========== FireFox ==========[/color:b770bc2792] FF - prefs.js..browser.startup.homepage: "www.google.nl" FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013/07/10 09:14:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013/07/10 09:14:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/07/13 10:09:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/10 19:07:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mw. v. d. Velden\AppData\Roaming\mozilla\Extensions [2013/07/10 19:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/07/10 19:10:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/07/10 19:10:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/07/10 19:10:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/07/13 10:09:56 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [color=#E56717:b770bc2792]========== Chrome ==========[/color:b770bc2792] O1 HOSTS File: ([2013/07/10 09:09:11 | 000,000,099 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2:[b:b770bc2792]64bit:[/b:b770bc2792] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b:b770bc2792]64bit:[/b:b770bc2792] - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\zonealarmTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc) O4 - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\LaunchDeskband.dll",RunLaunchDeskband File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\S-1-5-21-2070480859-3511905070-4285670219-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 O8:[b:b770bc2792]64bit:[/b:b770bc2792] - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254 195.121.1.34 195.121.1.66 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{789589ED-BF42-4ABC-8CDD-E7D4D68DEAE0}: DhcpNameServer = 192.168.2.254 195.121.1.34 195.121.1.66 O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\http\0x00000001 - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\http\oledb - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\https\0x00000001 - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\https\oledb - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\msdaipp - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:b770bc2792]64bit:[/b:b770bc2792] - Protocol\Filter\text/xml - No CLSID value found O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b:b770bc2792]64bit:[/b:b770bc2792] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b:b770bc2792]64bit:[/b:b770bc2792] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:[b:b770bc2792]64bit:[/b:b770bc2792] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:[b:b770bc2792]64bit:[/b:b770bc2792] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:[b:b770bc2792]64bit:[/b:b770bc2792] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:[b:b770bc2792]64bit:[/b:b770bc2792] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:[b:b770bc2792]64bit:[/b:b770bc2792] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:[b:b770bc2792]64bit:[/b:b770bc2792] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:[b:b770bc2792]64bit:[/b:b770bc2792] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\..comfile [open] -- "%1" %* O35:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b:b770bc2792]64bit:[/b:b770bc2792] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717:b770bc2792]========== Files/Folders - Created Within 30 Days ==========[/color:b770bc2792] [2013/07/15 13:09:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mw. v. d. Velden\Desktop\OTL(1).exe [2013/07/15 13:08:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mw. v. d. Velden\Desktop\OTL.exe [2013/07/15 11:01:14 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\CrossLoop [2013/07/13 11:22:51 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Pokki [2013/07/13 11:03:05 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\OpenCandy [2013/07/13 10:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2013/07/13 10:25:10 | 000,000,000 | ---D | C] -- C:\Diversen voor Probus [2013/07/13 10:10:19 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Google [2013/07/13 10:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013/07/13 10:10:13 | 001,030,952 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/07/13 10:10:13 | 000,378,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/07/13 10:10:13 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013/07/13 10:10:13 | 000,059,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2013/07/13 10:10:13 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013/07/13 10:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013/07/13 10:10:12 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013/07/13 10:10:12 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/07/13 10:09:40 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013/07/13 10:09:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/07/13 09:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013/07/10 20:28:13 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013/07/10 19:12:57 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Macromedia [2013/07/10 19:12:50 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/07/10 19:12:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013/07/10 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Adobe [2013/07/10 19:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/07/10 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\Mozilla [2013/07/10 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Mozilla [2013/07/10 19:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013/07/10 19:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013/07/10 13:49:22 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\Documents\PrintScreen Files [2013/07/10 13:49:22 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadwin Systems [2013/07/10 13:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin Systems [2013/07/10 13:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gadwin Systems [2013/07/10 12:06:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013/07/10 12:05:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/07/10 12:05:10 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/07/10 12:05:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/07/10 12:05:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/07/10 12:05:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/07/10 12:05:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/07/10 12:05:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/07/10 12:05:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/07/10 12:05:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/07/10 12:05:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/07/10 12:05:08 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/07/10 12:05:07 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/07/10 12:05:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/07/10 12:05:06 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/07/10 12:05:05 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/07/10 11:48:56 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2013/07/10 11:48:56 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2013/07/10 11:48:56 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2013/07/10 11:48:55 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2013/07/10 11:48:30 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/07/10 11:46:15 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/07/10 11:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2013/07/10 11:17:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2013/07/10 09:14:33 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\Documents\ForceField Shared Files [2013/07/10 09:14:32 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\CheckPoint [2013/07/10 09:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2013/07/10 09:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2013/07/10 09:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD [2013/07/10 09:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint [2013/07/10 09:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2013/07/10 09:11:20 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\Documents\Add-in Express [2013/07/10 09:10:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2013/07/10 09:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013/07/10 09:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2013/07/10 09:09:10 | 001,459,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LegitCheckControl.dll [2013/07/10 09:09:10 | 000,667,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OGACheckControl.dll [2013/07/10 08:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013/07/10 08:06:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013/07/10 08:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013/07/10 08:03:03 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013/07/09 20:27:42 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\ElevatedDiagnostics [2013/07/09 20:16:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/07/09 20:14:07 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/07/09 19:58:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/07/09 19:58:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/07/09 19:58:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/07/09 19:58:28 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/07/09 19:58:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/07/09 19:47:50 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\Malwarebytes [2013/07/09 19:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/07/09 19:47:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/07/09 19:47:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/07/09 19:47:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/07/09 19:47:24 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Local\Programs [2013/07/09 19:43:37 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\vlc [2013/07/09 19:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013/07/09 19:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013/07/09 16:17:27 | 000,000,000 | ---D | C] -- C:\Users\Mw. v. d. Velden\AppData\Roaming\FastStone [2013/07/09 16:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer [2013/07/09 16:16:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Image Viewer [2013/07/09 16:07:11 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/07/09 16:07:10 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/07/09 16:07:10 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/07/09 16:07:10 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/07/09 16:07:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/07/09 16:07:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/07/09 16:07:10 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/07/09 16:07:10 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/07/09 16:07:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/07/09 16:07:10 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/07/09 16:07:09 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/07/09 16:07:09 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/07/09 16:07:09 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/07/09 16:07:09 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/07/09 16:07:09 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/07/09 16:07:09 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/07/09 16:07:09 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/07/09 16:07:09 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/07/09 16:07:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/07/09 16:07:09 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/07/09 16:07:09 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/07/09 16:07:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/07/09 16:07:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/07/09 16:07:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/07/09 16:07:08 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/07/09 16:07:08 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/07/09 16:07:08 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/07/09 16:07:08 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/07/09 16:07:08 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/07/09 16:07:08 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/07/09 16:07:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/07/09 16:07:08 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/07/09 16:07:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/07/09 16:07:07 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/07/09 16:07:07 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/07/09 16:07:07 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/07/09 16:07:07 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/07/09 16:07:07 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/07/09 16:07:07 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/07/09 16:07:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/07/09 16:07:07 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/07/09 16:07:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/07/09 16:07:07 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/07/09 16:07:07 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/07/09 16:07:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/07/09 16:07:07 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/07/09 16:07:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/07/09 16:07:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/07/09 16:07:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/07/09 16:07:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/07/09 16:07:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/07/09 16:07:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/07/09 16:07:06 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/07/09 16:05:59 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/07/09 16:05:59 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/07/09 16:05:59 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/07/09 16:05:59 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/07/09 16:05:59 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/07/09 16:05:59 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/07/09 16:05:59 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/07/09 16:05:59 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/07/09 16:05:59 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/07/09 16:05:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/07/09 16:05:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/07/09 16:05:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/07/09 16:05:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/07/09 16:05:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advap

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.