Archief - Pc loopt regelmatig vast :s

Beste,

Ik heb dus een probleem met mijn pc: Pc loop meestal vast als er een usb aan de pc wordt gekoppeld. bv ust van opslagapparaat, usb van fototoestel, gsm. Dan blijft alles hangen en kan ik niets meer doen... Pc herstart ik dan op en na de 2de keer kan ik terug verder. Tijdje geleden had ik ook veel beveiligingupdates gedaan van microsoft. En pc liep altijd vast na het opstarten. Toen alles terug verwijdert en terug geintalleerd. Nu werkt voorlopig alles terug normaal. Soms als ik internet open blijft ook alles vast hangen Dit is met momenten, zoals wij bv een goede of een slechte dag zouden hebben. Heeft mijn pc daar iets meer last van dan ik.

Ik probeer ook zoveel mogelijk programma's opstartvertragend in te stellen. (weet ook niet of dit iets zou helpen?)

Ik hoop dat er iemand mij kan helpen?
Alvast vriendelijk bedankt
Mathias

Hier heb ik een logje:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:38, on 23/03/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19190)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Mathias\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mathias\Desktop\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ad708c09-d51b-45b3-9d28-4eba2681febf} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.0.13\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: (no name) - {ad708c09-d51b-45b3-9d28-4eba2681febf} - (no file)
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coIEPlg.dll
O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 11994 bytes

Start HijackThis op en kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

R3 - URLSearchHook: (no name) - {ad708c09-d51b-45b3-9d28-4eba2681febf} - (no file)

O2 - BHO: (no name) - {ad708c09-d51b-45b3-9d28-4eba2681febf} - (no file)
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file)

O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)


Sluit alle vensters behalve HijackThis
Klik op 'Fix checked' om de items te verwijderen.

Download OTL naar je Bureaublad

• Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
• Zet een vinkje bij Scan All Users.
• Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
  • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
  • Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

Deel 1

OTL logfile created on: 24/03/2012 22:04:16 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Mathias\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,40% Memory free
6,19 Gb Paging File | 4,87 Gb Available in Paging File | 78,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 104,21 Gb Free Space | 72,34% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 88,78 Gb Free Space | 64,57% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_MATHIAS | User Name: Mathias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/24 22:03:48 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.com
PRC - [2012/01/23 05:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012/01/23 05:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/06/16 14:21:06 | 001,500,160 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2011/06/15 15:45:23 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Mathias\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2011/06/08 13:49:48 | 000,159,744 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2011/06/08 12:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.2.0.13\ccsvchst.exe
PRC - [2011/03/21 12:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2010/11/27 00:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/11/27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/08/05 07:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/08/05 07:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009/08/21 19:49:12 | 003,485,696 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009/08/21 19:49:02 | 003,520,512 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
PRC - [2009/04/16 16:56:36 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/07/29 17:52:50 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/20 17:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/06/30 16:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2008/06/16 10:58:38 | 000,809,480 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/06/02 09:25:40 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/05/26 04:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2008/05/07 09:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/30 19:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/04/30 19:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/11 04:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/02 22:01:05 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/04/07 15:43:24 | 008,191,488 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2011/04/07 15:43:22 | 002,296,320 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2011/02/22 19:13:22 | 000,022,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011/02/22 19:12:54 | 000,196,608 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011/02/22 16:39:06 | 000,276,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2011/02/22 16:07:20 | 000,339,968 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2008/07/29 17:52:38 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008/06/30 16:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2003/06/07 06:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/01/23 05:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2010/11/27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/08/05 07:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2009/08/21 19:49:02 | 003,520,512 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009/04/16 16:56:36 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/07/29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/06/02 09:25:40 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/05/26 04:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008/04/30 19:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/04/30 19:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 04:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/12/06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/03/06 16:04:10 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120323.002\IDSvix86.sys -- (IDSVix86)
DRV - [2012/03/02 19:58:02 | 000,820,856 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120302.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/02/16 22:14:21 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120323.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/02/16 22:14:21 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/02/16 22:14:21 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/16 22:14:21 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120323.023\NAVENG.SYS -- (NAVENG)
DRV - [2012/01/11 22:38:37 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/16 18:22:25 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/05/18 09:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/05/18 09:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/05/18 09:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/05/18 09:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/05/18 09:09:48 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/05/18 09:09:48 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011/04/21 02:37:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\symtdiv.sys -- (SYMTDIv)
DRV - [2011/03/31 04:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\srtsp.sys -- (SRTSP)
DRV - [2011/03/31 04:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/15 03:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\symefa.sys -- (SymEFA)
DRV - [2011/01/27 07:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\symds.sys -- (SymDS)
DRV - [2010/11/16 02:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\ironx86.sys -- (SymIRON)
DRV - [2009/09/13 13:17:21 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2009/08/21 19:48:57 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2009/08/05 06:18:22 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008/12/05 11:24:00 | 007,538,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/09/24 22:39:48 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/18 15:05:10 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008/05/26 04:44:14 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008/05/07 11:47:36 | 000,085,136 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/04/27 23:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Stuurprogramma voor Intel(R)
DRV - [2008/02/29 08:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/12/18 16:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007/01/26 07:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2006/11/02 14:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Analysis of program downloads scanned for viruses and spyware.
IE - HKLM\..\URLSearchHook: {ad708c09-d51b-45b3-9d28-4eba2681febf} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {DDA26198-C09D-40E0-A378-C980DAA7044C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrerource?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrerource?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415
IE - HKLM\..\SearchScopes\{DDA26198-C09D-40E0-A378-C980DAA7044C}: "URL" = Analysis of program downloads scanned for viruses and spyware.


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Analysis of program downloads scanned for viruses and spyware.
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrerource?}
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{5B291E6C-9A74-4034-971B-A4B007A0B315}: "URL" = http://radiobar.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrerource?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_nlBE341&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=rmv9DC5WNV7qgUOyOSOvVEoXc5A?q={searchTerms}
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1269415
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{B9DC8AEE-61F5-4892-BB2C-24F0AC536F03}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrerource?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_nl
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\SearchScopes\{DDA26198-C09D-40E0-A378-C980DAA7044C}: "URL" = Analysis of program downloads scanned for viruses and spyware.
IE - HKU\S-1-5-21-702161605-438085461-1128871654-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

Deel 2


FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/10 17:12:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_6_3 [2012/03/24 21:55:40 | 000,000,000 | ---D | M]

[2012/03/04 12:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Extensions
[2012/03/04 12:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/03/04 12:22:55 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {ad708c09-d51b-45b3-9d28-4eba2681febf} - No CLSID value found.
O2 - BHO: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
O3 - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-702161605-438085461-1128871654-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-702161605-438085461-1128871654-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html File not found
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..Trusted Domains: localhost ([]http in Lokaal intranet)
O15 - HKU\S-1-5-21-702161605-438085461-1128871654-1000\..Trusted Ranges: GD ([http] in Lokaal intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.2 195.130.130.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1337CB6D-DB1D-4915-91FF-6B7399B5A75F}: DhcpNameServer = 195.130.131.2 195.130.130.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7632EC29-9B01-415D-9A88-93DB1F2BE932}: DhcpNameServer = 192.168.5.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Users\Mathias\Pictures\4.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mathias\Pictures\4.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5a97f46c-6046-11e0-bf60-0022fa07df42}\Shell - "" = AutoRun
O33 - MountPoints2\{b1197c95-8ef2-11de-b130-001e331d546b}\Shell - "" = AutoRun
O33 - MountPoints2\{b1197c95-8ef2-11de-b130-001e331d546b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{c58ea96d-ddce-11de-ba02-001e331d546b}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/24 22:03:40 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.com
[2012/03/24 22:02:56 | 000,000,000 | ---D | C] -- C:\Users\Mathias\Desktop\backups
[2012/03/24 11:39:51 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{ACD5DD05-826E-4796-B092-29E71E9E67AF}
[2012/03/24 11:39:41 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{4ACD664B-AC71-4DD1-A915-DC6ADFE4E906}
[2012/03/23 18:41:17 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{CE67F5D4-8CD9-4287-9552-734EDFE36F95}
[2012/03/23 18:41:07 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{9779EDE5-0614-4926-A64A-961D4F8BE488}
[2012/03/23 17:25:27 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Mathias\Desktop\HijackThis.exe
[2012/03/22 22:22:28 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{D784124E-41C2-43CC-A2AB-EA767786D04A}
[2012/03/22 22:22:18 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{10C7FE35-7417-437E-AE94-2CA451F32810}
[2012/03/20 19:30:00 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{9F9C3D31-0500-4A86-A218-1C245C865C94}
[2012/03/20 19:29:50 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{76C20CBA-60F5-4654-A788-E150662775C7}
[2012/03/19 21:05:43 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2012/03/19 18:15:44 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{8EFAE18F-2870-4FB4-B067-D8184C1DD81C}
[2012/03/19 18:15:34 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{6D3BC48B-93B2-4154-8B68-31CACB94F5E3}
[2012/03/18 22:21:45 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{510D2FAA-FE6C-4F7C-9BE1-94B0BD982A5C}
[2012/03/18 22:21:35 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{1082D405-F2A1-49AA-A139-5E4252EB4643}
[2012/03/18 10:21:09 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{A9209F1E-B73C-4B6B-B918-967CC551B4D0}
[2012/03/18 10:20:59 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{4A6D6462-1975-44B9-A26E-65E8CEDE62D7}
[2012/03/17 18:58:15 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{94419209-B97C-4365-B282-2D4F79CA6D4A}
[2012/03/17 18:58:05 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{8D1201D5-3B14-4B41-9E42-195B1B8AD7F8}
[2012/03/16 20:01:32 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{F32091CE-B56C-4222-99B4-87AD717366C3}
[2012/03/16 20:01:21 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{168F7B91-A0D7-4211-A81C-394976C90162}
[2012/03/15 19:01:34 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{0CD80BB2-614A-4209-9D1A-754EA6761D10}
[2012/03/15 19:01:24 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{224D499B-836E-4511-9302-57CCDF6E9719}
[2012/03/12 20:32:12 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{70A4210D-6C9A-4118-A3C5-76877A467A42}
[2012/03/12 20:32:02 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{2710C611-62C3-4DA4-A909-D9E0C4DD6EF2}
[2012/03/11 17:52:23 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{6701F737-1827-43DF-9EC3-6FFBE718C200}
[2012/03/11 17:52:12 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{8BB80FAD-B223-4167-B9F4-E7144B02F134}
[2012/03/09 19:32:49 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{2C2B7A3D-CAE8-49F5-BD25-2371A6822762}
[2012/03/09 19:32:39 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{89235B09-839E-41C3-BBB6-75A0DE7B2C33}
[2012/03/08 17:24:40 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{78E752CE-D2E1-4B7D-98D7-BCCD7BE39D09}
[2012/03/08 17:24:30 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{A3781559-975A-4547-80F9-C5F8C56CEAE3}
[2012/03/07 19:42:42 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{76090DAE-57D8-456B-8E48-5D62A599F7AC}
[2012/03/07 19:42:31 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{FE5A529B-03B9-4B10-A880-A6C9987EEEFB}
[2012/03/06 22:05:40 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{854A969B-561F-45BB-A22F-F759B9AF649B}
[2012/03/06 22:05:30 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{CC7945B1-B35C-4D3B-8300-32777F103475}
[2012/03/04 12:21:12 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Roaming\Mozilla
[2012/03/03 19:11:45 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{D3420900-03BA-4CF8-8A77-2135D9AFFE1A}
[2012/03/03 19:11:34 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{642707BA-5C65-47CC-AB5B-397DFF8D2DBC}
[2012/03/02 21:30:04 | 000,000,000 | ---D | C] -- C:\baa8532ee04e1cf53393cf
[2012/03/02 21:16:06 | 000,000,000 | ---D | C] -- C:\bc916269c2ed7368594f4cadac
[2012/03/02 19:26:44 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{08353C94-16AF-467A-9888-51980839463D}
[2012/03/02 19:26:34 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{D3F5B313-F166-46F1-9DE9-84942F6752CE}
[2012/03/01 17:49:23 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{1F278124-ED94-4438-A1D6-C0F58755F3B4}
[2012/03/01 17:49:13 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{14C74049-B46B-4334-9022-9772030A9E8D}
[2012/02/29 20:18:27 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{C0D25F4E-A5EC-47DC-8C4F-FCECC7B65BCB}
[2012/02/29 20:18:17 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{DA45D96E-4F4B-4E23-8F55-6F453483D614}
[2012/02/28 19:29:19 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{ED5D47B0-BB7E-4C0C-BC42-418EA618159D}
[2012/02/28 19:29:09 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{3FFCBA38-214E-4FC7-B395-41A5198BF356}
[2012/02/27 12:17:45 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{6EDAAFF7-C6FB-45B2-B0BA-F4231D127D87}
[2012/02/27 12:17:35 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{B25C6A8F-305E-415C-8A41-D78B3AAB4A92}
[2012/02/25 18:00:30 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{951DB392-8A70-4C9A-9495-74954A92DACC}
[2012/02/25 18:00:20 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{5BF857BD-B65D-4A7D-95E6-D948C53178C3}
[2012/02/24 19:07:30 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{BAAE2F8C-D493-4DE9-BED3-25EA1DC51084}
[2012/02/24 19:07:19 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Local\{02116CC0-E93C-4C12-B1E0-11A142853DDA}
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/24 22:03:48 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.com
[2012/03/24 21:55:30 | 000,077,745 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/03/24 21:55:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012/03/24 21:55:02 | 000,077,745 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/03/24 21:55:01 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/03/24 21:54:50 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/24 21:54:50 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/24 10:53:12 | 000,677,188 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2012/03/24 10:53:12 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/24 10:53:12 | 000,130,186 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2012/03/24 10:53:12 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/23 17:25:30 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Mathias\Desktop\HijackThis.exe
[2012/03/19 20:42:43 | 000,125,850 | ---- | M] () -- C:\Users\Mathias\Documents\Merel 2 .mp3
[2012/03/19 20:03:19 | 000,787,270 | ---- | M] () -- C:\Users\Mathias\Documents\Kraan.mp3
[2012/03/19 20:03:19 | 000,016,343 | ---- | M] () -- C:\Users\Mathias\Documents\Car lock.mp3
[2012/03/19 17:11:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/03/17 20:17:04 | 000,002,605 | ---- | M] () -- C:\Users\Mathias\Desktop\Microsoft Office Word 2007.lnk
[2012/03/17 19:48:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/03/14 18:57:41 | 000,301,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/13 20:24:58 | 000,000,218 | ---- | M] () -- C:\Users\Mathias\.recently-used.xbel
[2012/03/07 19:46:42 | 000,007,592 | ---- | M] () -- C:\Users\Mathias\AppData\Local\d3d9caps.dat
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/19 20:30:52 | 000,125,850 | ---- | C] () -- C:\Users\Mathias\Documents\Merel 2 .mp3
[2012/03/19 19:31:29 | 000,016,343 | ---- | C] () -- C:\Users\Mathias\Documents\Car lock.mp3
[2012/03/19 19:07:07 | 000,787,270 | ---- | C] () -- C:\Users\Mathias\Documents\Kraan.mp3
[2012/03/19 17:11:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/03/17 19:48:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/03/13 20:24:58 | 000,000,218 | ---- | C] () -- C:\Users\Mathias\.recently-used.xbel
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/06/15 14:31:48 | 000,717,289 | ---- | C] () -- C:\Windows\System32\unins000.exe
[2011/06/15 14:31:47 | 000,032,367 | ---- | C] () -- C:\Windows\System32\unins000.dat
[2011/03/28 18:34:08 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/22 12:54:01 | 000,000,000 | ---- | C] () -- C:\Windows\PhotoNow.INI
[2010/09/23 19:00:59 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe

========== LOP Check ==========

[2011/01/16 10:35:19 | 000,000,000 | -HSD | M] -- C:\Users\Mathias\AppData\Roaming\.#
[2011/11/19 14:04:49 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\AnvSoft
[2012/03/13 20:24:58 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\BitLord
[2009/10/02 19:14:56 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Flood Light Games
[2011/04/29 20:56:05 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\GlarySoft
[2009/08/22 08:56:28 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Leadertech
[2011/08/27 17:39:56 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Nokia
[2011/08/27 17:42:02 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\PC Suite
[2010/01/24 15:01:17 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\PowerCinema
[2011/08/22 11:12:27 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Python-Eggs
[2011/04/29 20:18:17 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Reviversoft
[2010/11/09 15:24:55 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\TomTom
[2011/12/24 22:56:21 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\uTorrent
[2011/05/11 13:03:36 | 000,000,000 | ---D | M] -- C:\Users\Mathias\AppData\Roaming\Windows Live Writer
[2012/03/24 21:55:01 | 000,000,316 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012/03/24 19:55:39 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:05113FB9
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:73933431
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:C99F6ECA
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3176E45
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp1B5B4F1

< End of report >

Deel 3

OTL Extras logfile created on: 24/03/2012 22:04:16 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Mathias\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,40% Memory free
6,19 Gb Paging File | 4,87 Gb Available in Paging File | 78,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 104,21 Gb Free Space | 72,34% Space Free | Partition Type: NTFS
Drive D: | 137,50 Gb Total Space | 88,78 Gb Free Space | 64,57% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_MATHIAS | User Name: Mathias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A4F66A-4FC0-4F2F-8B95-80D6D8A6B157}" = rport=445 | protocol=6 | dir=out | app=system |
"{07599D28-7F9F-4453-8428-BDA23F31339B}" = rport=138 | protocol=17 | dir=out | app=system |
"{0A8C862D-9776-404E-ABCA-C835B4D17DC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1F2E2A8B-D7AF-4287-AF33-E94CBFC199E2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2D3F31C6-E246-4A29-B794-EC4C6B7D5B0C}" = rport=137 | protocol=17 | dir=out | app=system |
"{72C0739E-F6EE-4DDC-85EB-0E6C53C55FF5}" = lport=445 | protocol=6 | dir=in | app=system |
"{84797B8A-FF1C-4014-9C97-BEC944EA2255}" = lport=137 | protocol=17 | dir=in | app=system |
"{B072C2A4-DFB2-42FE-9772-1744DD945972}" = lport=139 | protocol=6 | dir=in | app=system |
"{B37AFE6C-A5B3-4F41-BE89-425110D401AB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B78B51EC-D0B9-4049-8841-414AAE4A9A07}" = rport=139 | protocol=6 | dir=out | app=system |
"{C1038D0F-55DC-4079-8831-DD7EBEFB0932}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C428A872-5684-4120-972E-E735B2C96474}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D33B2664-8A6D-4DF4-B03E-6681E4CEBD77}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ED121F0E-667D-4B34-BBB1-5C7CE6595978}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04226478-C7D2-4316-BC01-2621FBE85917}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{04E05F85-7AFE-4B9B-837A-755B57FDE31B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0A91B669-6C42-47C0-82D4-C58A7ED34E3B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{114817F2-1B00-475D-95F0-3B0F19161DD4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{1365BF11-5A0A-4E36-8A9D-421B17078D81}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{17D769DF-1EE1-4CAC-9E23-22F3C1E3316C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{187752B7-7BF2-4B34-B25A-D0D2D6D14D21}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1D9C70E7-4304-440C-B764-7CF4F97CFBC0}" = protocol=58 | dir=out | [email protected],-28546 |
"{1DD8376C-F6A5-4775-986A-A77126AE18A8}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\mediabar\datamngr\toolbar\dtuser.exe |
"{1F1B12E9-5CE2-4DF9-BCD6-D324F2E0016B}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{1FE33F86-B991-464C-8921-49A4D4E97B14}" = protocol=6 | dir=in | app=c:\program files\codemasters\dirt2\dirt2_game.exe |
"{28A37640-15B2-4739-984E-464435B66C63}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{2ABED4D2-FB59-436E-A508-20C7A407A0EF}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{2CB55F86-D6C9-4B1B-9986-82C0762BD8A6}" = protocol=17 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{3158CD98-9671-4FB5-A789-EF3642365530}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{321C8CC4-85BA-46B2-BB56-F67B96C0C8DA}" = protocol=17 | dir=in | app=c:\program files\limewire music\limewire music.exe |
"{40B98E3B-372B-46E9-8464-4DB843E7BD13}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{40C452DC-4D62-4490-A64C-7682A0FB755A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{41BFF24A-0DE1-4F4C-B204-52E22657BFF6}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{41E6AADA-2A17-4518-9138-4FFBCF42C04F}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{42E39641-8C9C-4B12-B370-79C93F030DE9}" = protocol=6 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{46276ABF-194C-412B-BF29-84C62AEF3628}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{48F14367-7190-42CE-987D-480C3A016E11}" = protocol=1 | dir=in | [email protected],-28543 |
"{4A767A69-1390-4514-98F6-77354F5BC70B}" = protocol=6 | dir=in | app=c:\program files\limewire music\limewire music.exe |
"{651D0479-9275-4D64-8C34-1A3CEC8D4847}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{67FE9D6F-2FD8-43D9-BD0A-0529E7C2A9CB}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{6A1043F6-1BEB-4A04-B123-4E3E112DB2B5}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{6C0B4938-5DDC-4D4B-B9C9-9DA2DCCDBC34}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{8297851D-7F98-4559-8DAA-2F3939DE4412}" = protocol=1 | dir=out | [email protected],-28544 |
"{A94A588B-C104-4325-85F3-AF0B0078AB9E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{AE161E81-F17F-4E34-B04A-6E420068FBB8}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{AE336FEF-3223-46A1-B6F7-7805A153F89A}" = protocol=58 | dir=in | [email protected],-28545 |
"{B2C168CA-A118-4C8B-B01F-08F0A7F12442}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{B5920973-7EF3-475C-BE82-FBF256A0DC0B}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{BB4AEB1C-B8E9-44D8-829E-81FCDC672523}" = protocol=17 | dir=in | app=c:\program files\codemasters\dirt2\dirt2_game.exe |
"{BEA97514-8A64-47C8-9CED-9E92870E6E1A}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{CD6577EC-F3F0-4ECC-B6F5-040FB15136DE}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe |
"{D30A0D28-203A-46D3-9AF8-EA08BD6973E3}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{DB5AC072-F957-4464-9DAD-4E2D92F1AFBC}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{DD13709C-BB4C-48DA-B1F3-65C5DE541696}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{DD37A212-BA12-452E-B688-D0DB1CE53524}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{DE27F9B5-A734-4FA7-A214-0FD883FDEB01}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{E2D3BD33-94FD-4683-8BF5-DD20AB1E4E91}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F6B76B16-0FEF-4773-8DD8-D91BB542DC87}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FB0E5E88-0F0D-4B70-9F60-F049A27EB3B7}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{FB147D76-56D0-4232-BA2C-67DBE79AA0FA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{FF108E57-7CE7-43CE-B537-FB458425959C}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\mediabar\datamngr\toolbar\dtuser.exe |
"TCP Query User{0935703A-5EEA-4098-81D8-B3B75E35CA7C}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{1998926C-C97D-4DF6-9524-1839BF57FD5F}D:\dirt 2\codemasters\dirt2\dirt2_game.exe" = protocol=6 | dir=in | app=d:\dirt 2\codemasters\dirt2\dirt2_game.exe |
"TCP Query User{1BD78F8C-15EF-4F78-9F67-9F2D94F742BF}C:\program files\bitlord 1.2\bitlord files\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord 1.2\bitlord files\bitlord.exe |
"TCP Query User{1F0BD702-AE25-4D12-A734-CFAFCC82201D}C:\program files\delta force black hawk down\dfbhd.exe" = protocol=6 | dir=in | app=c:\program files\delta force black hawk down\dfbhd.exe |
"TCP Query User{2365069E-88F8-4F48-92D3-1FEC085DF1AA}D:\my games\dirt 2\codemasters\dirt2\dirt2_game.exe" = protocol=6 | dir=in | app=d:\my games\dirt 2\codemasters\dirt2\dirt2_game.exe |
"TCP Query User{2AE38E5E-E85A-42DC-8D36-1A04F670CB4A}C:\program files\dfpinger\dfbhdpinger\dfbhdpinger.exe" = protocol=6 | dir=in | app=c:\program files\dfpinger\dfbhdpinger\dfbhdpinger.exe |
"TCP Query User{55FEEFFC-1FE0-4C40-BC36-A6653C3F3FBA}D:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{56FB1BBB-77A0-40C8-BFB0-5927EDDC5014}D:\my games\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\my games\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{63720CC7-70BB-46E1-A6A9-C4B5D4929EBE}C:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe" = protocol=6 | dir=in | app=c:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe |
"TCP Query User{6E8DF290-8754-464F-A1AA-72C3EAACE28C}D:\dirt 2\codemasters\dirt2\dirt2_game.exe" = protocol=6 | dir=in | app=d:\dirt 2\codemasters\dirt2\dirt2_game.exe |
"TCP Query User{8A008214-80F9-4BED-9F3F-C40F2D44025B}C:\program files\bhd delta force\dfpinger\dfbhdpinger\dfbhdpinger.exe" = protocol=6 | dir=in | app=c:\program files\bhd delta force\dfpinger\dfbhdpinger\dfbhdpinger.exe |
"TCP Query User{9FDE86FB-5EBB-4256-8FBA-DC965CE73901}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{AE1033DC-D33B-42E8-AA3B-607AB16F0AC4}D:\my games\need for speed carbon\nfsc.exe" = protocol=6 | dir=in | app=d:\my games\need for speed carbon\nfsc.exe |
"TCP Query User{AE39D285-E5DC-43BF-89B6-AACA9C07FDC0}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{CEC340B9-313C-42E1-8B57-8A836A895500}C:\program files\2 delta force black hawk down\dfbhd.exe" = protocol=6 | dir=in | app=c:\program files\2 delta force black hawk down\dfbhd.exe |
"TCP Query User{D2D8B9F8-9446-4CE5-9131-8E9C076291CB}C:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe" = protocol=6 | dir=in | app=c:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe |
"TCP Query User{D3B4382C-D684-45FB-B143-4E0ECF2DEBAA}D:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{E878B90A-C2A8-4022-BDB1-60CA276D9354}C:\program files\bhd delta force\dfbhdpinger\dfbhdpinger.exe" = protocol=6 | dir=in | app=c:\program files\bhd delta force\dfbhdpinger\dfbhdpinger.exe |
"TCP Query User{F5A74C76-0586-4036-80D0-BEF49AF01375}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{F7089CAF-DC65-4532-B073-CDC05F1E1297}C:\program files\delta force black hawk down\update.exe" = protocol=6 | dir=in | app=c:\program files\delta force black hawk down\update.exe |
"TCP Query User{FEDED8FA-9CD7-424B-B9D7-07899EC06097}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{FEE192A8-1851-40A2-BF44-6EDC1D86A497}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{2051EEE1-17D0-42DE-9544-1C13DF613293}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{2487FBC6-2C7B-4750-84EE-B8A1BC2C909F}C:\program files\2 delta force black hawk down\dfbhd.exe" = protocol=17 | dir=in | app=c:\program files\2 delta force black hawk down\dfbhd.exe |
"UDP Query User{4E1D580C-48AB-4995-8D70-301ADE955BC2}C:\program files\bitlord 1.2\bitlord files\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord 1.2\bitlord files\bitlord.exe |
"UDP Query User{5F5B6101-C368-4A47-9EFC-0F481F2FED63}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{628F4B33-FB4C-41CA-8953-A0E05A1A1F66}D:\my games\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\my games\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{6AF486BB-4B06-4CD6-B0E0-C3233988B0DC}C:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe" = protocol=17 | dir=in | app=c:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe |
"UDP Query User{781201F5-8C22-4924-B570-C6F06313905A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{81B055F9-6C8F-4AB7-A3F0-85B16D393A19}D:\dirt 2\codemasters\dirt2\dirt2_game.exe" = protocol=17 | dir=in | app=d:\dirt 2\codemasters\dirt2\dirt2_game.exe |
"UDP Query User{8429B9C9-BC2A-4ED0-9B68-D979E2BDFE14}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{9893F6F9-7382-4442-B43C-90C6F583B23E}D:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{B484F1F3-C25D-4C49-A81B-7DF23631C9BC}C:\program files\dfpinger\dfbhdpinger\dfbhdpinger.exe" = protocol=17 | dir=in | app=c:\program files\dfpinger\dfbhdpinger\dfbhdpinger.exe |
"UDP Query User{B6669504-ABF3-44A2-B9F5-9C014BACD1C1}C:\program files\delta force black hawk down\update.exe" = protocol=17 | dir=in | app=c:\program files\delta force black hawk down\update.exe |
"UDP Query User{CF5FA27E-B992-438B-A09A-7D18ECC11512}C:\program files\delta force black hawk down\dfbhd.exe" = protocol=17 | dir=in | app=c:\program files\delta force black hawk down\dfbhd.exe |
"UDP Query User{D30ED8BE-8ED9-4870-B2C7-DFFFCAEA78EC}D:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\grand theft auto iv\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{D42FE2D4-EBC0-4BC4-9963-E791D8E8A943}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{D7AC1619-9D81-4BBE-B7A0-6348E2780D72}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{E1260A41-198A-4778-BFD1-1A5EE9BA6AF3}D:\my games\need for speed carbon\nfsc.exe" = protocol=17 | dir=in | app=d:\my games\need for speed carbon\nfsc.exe |
"UDP Query User{E3846993-ABED-478F-A4D3-5596E73FE6F0}D:\dirt 2\codemasters\dirt2\dirt2_game.exe" = protocol=17 | dir=in | app=d:\dirt 2\codemasters\dirt2\dirt2_game.exe |
"UDP Query User{E39CA763-E87D-49A8-8DB0-9640EFE17DC7}C:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe" = protocol=17 | dir=in | app=c:\program files\bhd delta force\2 delta force black hawk down\dfbhd.exe |
"UDP Query User{EF0EB99C-7EB8-4249-B839-FEC729E07563}D:\my games\dirt 2\codemasters\dirt2\dirt2_game.exe" = protocol=17 | dir=in | app=d:\my games\dirt 2\codemasters\dirt2\dirt2_game.exe |
"UDP Query User{F44D7A98-76B8-4CBE-8544-469CEB4BE083}C:\program files\bhd delta force\dfbhdpinger\dfbhdpinger.exe" = protocol=17 | dir=in | app=c:\program files\bhd delta force\dfbhdpinger\dfbhdpinger.exe |
"UDP Query User{F5E39E9B-E689-450D-A48F-AA3BFD22333D}C:\program files\bhd delta force\dfpinger\dfbhdpinger\dfbhdpinger.exe" = protocol=17 | dir=in | app=c:\program files\bhd delta force\dfpinger\dfbhdpinger\dfbhdpinger.exe |

Deel 4

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{072B53D7-DAAD-4562-8764-B528D0ADA7C4}" = Windows Live Family Safety
"{07C132EA-AA40-4039-A2A7-9F82547C1CBF}" = Vlecad Additions for KeyCreator9.0x
"{09E65BD1-C12C-4D33-8420-A1E587F19AB4}" = Productverbeteringonderzoek HP Deskjet 1050 J410 series
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19D93910-975D-4137-8D5F-76065C3C7ADE}" = Basissoftware voor HP Deskjet 1050 J410 series
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed&#8482; Carbon
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 26
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C3CCF7-6D68-46AE-997A-F1D595F74FF5}" = DFBHDPinger v6.0
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Haelp
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{603E7A20-6826-41E0-B2D3-A6DEC6073183}" = Kubotek KeyCreator 4.5 Educational
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76E64224-DAFE-4CE9-AF85-5D00A87F8F2E}" = Kubotek KeyCreator with Catia V5 Translators 9.0.3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A04BACC-8033-44C6-AB0B-1B04C99400ED}" = Vlecad Additions for KeyCreator 4.5
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_HOMESTUDENTR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{949460AD-3C77-44FD-8D78-BF605EF28114}" = EMEA02
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP-software voor foto- en beeldbewerking 2.0 - All-in-One
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2A0A82F-025F-458d-A0CD-9BB2320804B5}" = Microsoft Works
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.0 - Nederlands
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D2A0B573-BDC0-4F5B-9202-A8D9B7781664}" = GEAR driver installer for x86 and x64
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-stuurprogrammapakket - Nokia Modem (02/15/2007 3.1)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-stuurprogrammapakket - Nokia Modem (02/25/2011 7.01.0.9)
"Acer Acer Bio Protection 6.0.00.15" = Acer Bio Protection

AAV 6.0.00.15
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-stuurprogrammapakket - Nokia Modem (02/15/2007 3.1)
"BitLord" = BitLord 1.2
"CCleaner" = CCleaner
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-stuurprogrammapakket - Nokia Modem (02/25/2011 4.7)
"Glary Utilities_is1" = Glary Utilities 2.21.0.863
"Google Desktop" = Google Desktop
"Home'Bank Light_is1" = Home'Bank Light 3.3.3
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.60.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"N360" = Norton 360
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TomTom HOME" = TomTom HOME 2.8.3.2499
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.8
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Amai kzie nu ook dingen die ik verwijdert heb. Die er blijkbaar toch nog op de pc staan.

Probleem blijft met de usb. zowel als kleine opslag als groote opslag. Pc loop elke keer vast als ik de usb opvraag. Na het heropstarten van mijn pc doet hij het altijd.

En alvast bedankt voor de persoon(en) die mij helpen

Start OTL

• Plak het volgende onder Custom Scans/Fixes
  
  

  :OTL
  
  IE - HKLM\..\URLSearchHook: {ad708c09-d51b-45b3-9d28-4eba2681febf} - No CLSID value found
  IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT1269415
  O2 - BHO: (no name) - {ad708c09-d51b-45b3-9d28-4eba2681febf} - No CLSID value found.
  O2 - BHO: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - No CLSID value found.
  O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found.
  
  
  ervices
  
  :Reg
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [emptyflash]
  [createrestorepoint]
  [reboot]

  Klik om te vergroten...

• Klik daarna bovenaan op de knop Run Fix
• Laat het programma ongestoord zijn werk doen. De pc zal na afloop opnieuw opgestart worden.

Ok is gebeurd: pc is terug opgestart en kreeg dit kladblok:

En pc loop nog steeds vast bij het aansluiten van een usb, en soms nog op internet

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ad708c09-d51b-45b3-9d28-4eba2681febf} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad708c09-d51b-45b3-9d28-4eba2681febf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad708c09-d51b-45b3-9d28-4eba2681febf}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-configuratie
De DNS-omzettingscache is leeggemaakt.
C:\Users\Mathias\Desktop\cmd.bat deleted successfully.
C:\Users\Mathias\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temporary Internet Files folder emptied: 33109 bytes

User: Default User
->Temporary Internet Files folder emptied: 0 bytes

User: Mathias
->Temp folder emptied: 1645652 bytes
->Temporary Internet Files folder emptied: 36981692 bytes
->Java cache emptied: 23347460 bytes
->Flash cache emptied: 57125 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2170370 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 63,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Mathias
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb



OTL by OldTimer - Version 3.2.39.2 log created on 03272012_173829

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP00000016F58A64FD325FCE07 not found!

Registry entries deleted on Reboot...

En hoe gaat het nu ?

Op internet is alles cva. Maar steek geen USB in de pc want dan kun je niets meer doen. alleen ng met je muis bewegen maak kan niets aanklikken. Start de pc dan opnieuw op en dan kun je wel teug aan de slag emt de usb

Download ComboFix van één van deze locaties:

Link 1
Link 2


* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.





1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier 2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

ComboFix 12-03-30.02 - Mathias 30/03/2012 9:29.1.2 - x86
Microsoft® Windows Vista&#8482; Home Premium 6.0.6002.2.1252.32.1043.18.3068.2022 [GMT 2:00]
Gestart vanuit: c:\users\Mathias\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Acer\Acer Bio Protection\PwdFilter.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\users\Mathias\AppData\Roaming\.#
c:\users\Mathias\AppData\Roaming\.#\MBX@F90@1D82990.###
c:\users\Mathias\AppData\Roaming\.#\MBX@F90@1D829C0.###
c:\users\Mathias\AppData\Roaming\.#\MBX@F90@1D829F0.###
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-02-28 to 2012-03-30 ))))))))))))))))))))))))))))))
.
.
2012-03-28 15:15 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{21547C61-94E9-4FB9-B9BD-F17EC0A057F4}\mpengine.dll
2012-03-27 18:32 . 2012-03-27 18:32 7592 ----a-w- c:\users\Mathias\AppData\Local\d3d9caps.tmp
2012-03-27 15:27 . 2012-03-27 15:27 -------- d-----w- C:\_OTL
2012-03-14 17:36 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-14 17:36 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-14 17:36 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-14 17:36 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-14 17:36 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 17:36 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-13 17:53 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-13 17:53 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-02 20:30 . 2012-03-02 20:30 -------- d-----w- C:\baa8532ee04e1cf53393cf
2012-03-02 20:16 . 2012-03-02 20:16 -------- d-----w- C:\bc916269c2ed7368594f4cadac
2012-02-29 19:03 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-02-29 19:03 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-02-29 19:03 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 08:18 . 2009-10-02 16:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-19 18:36 . 2011-05-14 17:08 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-11 21:38 . 2012-01-11 21:38 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-06-16 809480]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-07 6139904]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-05 13601312]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 1037608]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-06-30 200704]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-05 92704]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2009-08-21 18:49 3162624 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhoud van de 'Gedeelde Taken' map
.
2012-03-30 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-04-29 11:03]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
mStart Page = hxxp://downloads.phpnuke.org/nl/index.php?rvs=hompag
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
TCP: DhcpNameServer = 195.130.131.2 195.130.130.130
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
WebBrowser-{5B291E6C-9A74-4034-971B-A4B007A0B315} - (no file)
WebBrowser-{AD708C09-D51B-45B3-9D28-4EBA2681FEBF} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-03-30 10:05
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-702161605-438085461-1128871654-1000\Software\SecuROM\License information*]
"datasecu"=hex:05,29,a1,f3,e3,71,e4,e3,ba,d3,48,20,d6,d1,07,3e,ec,9d,58,19,b6,
1a,49,0a,db,15,ec,24,0e,58,1f,73,73,12,aa,c8,58,9a,b0,36,dd,7a,8f,50,a7,9f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(5168)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\system32\authui.dll
c:\windows\system32\BatMeter.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\vfsFPService.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\rundll32.exe
c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Acer\Empowering Technology\Service\ETService.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Acer\Acer Bio Protection\BASVC.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe
c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\TomTom HOME 2\TomTomHOMEService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DllHost.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Voltooingstijd: 2012-03-30 10:09:02 - machine werd herstart
ComboFix-quarantined-files.txt 2012-03-30 08:08
.
Pre-Run: 109.047.590.912 bytes beschikbaar
Post-Run: 108.478.386.176 bytes beschikbaar
.
- - End Of File - - 7418F510E910A5C2415E4E5029E1EC6A

Hallo,

Ik krijg wel telkens een foutmelding van windows defender: "De toepassing kan niet worden geïnitialiseerd: 0x800106ba. De service van dit programma is vanwege een probleem gestopt. Start de computer opnieuw op of zoek in Help en ondersteuning naar hoe u een service handmatig kunt starten als u de service wilt starten."

Heb pc al opnieuw opgestart en krijg het niet opgelost.

Opgelost: Dit probleem oplossen door de volgende stappen uit:
1.De service Windows Defender instellen voorAutomatischein plaats vanUitgeschakeldofHandleiding. U doet dit als volgt:
&#8226;Klik opStartDeze afbeelding samenvouwenDeze afbeelding uitklappen, typServicesin deStart zoekenvak en klik vervolgens opServicesin deProgramma 'slijst.
Deze afbeelding samenvouwenDeze afbeelding uitklappenAls u een beheerderswachtwoord of bevestiging wordt gevraagd, typt u uw wachtwoord of klikt u opDoorgaan.
&#8226;Dubbelklik op de service Windows Defender en klik vervolgens in deOpstarttypeopAutomatische.
&#8226;Klik opOK.

Toch bedankt voor de hulp met cobo fix. pc loop niet meer vast en gaat iets reageert iets sneller