AVG meldt constant Trojan Horses

**clubje** · 23 maart 2012, 18:58

Hallo,

sindskort geeft AVG bijna constant meldingen van geïnfecteerde bestanden, meestal Trojan Horses. Ik laat ze fixen (naar quarantaine plaatsen) maar de meldingen blijven komen.
Ook al scans gedaan met Ad Aware en Spybot maar die leveren niets op. Wel is het zo dat ik buiten de meldingen voorlopig niets merk aan de werking van de computer...maar toch, er is duidelijk iets aan de hand.

Dit is mijn log. Alvast bedankt!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:55:15, on 23/03/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Dries\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG

ystem.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1214059850-2673516941-380067596-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-1214059850-2673516941-380067596-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)
O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing)
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files\PokerStars.BE\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België (file missing) (HKCU)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10599 bytes

**clubje** · 24 maart 2012, 11:44

ok update: nu begint mijn pc wel rare kuren te krijgen. Zo komen geluiden iets later dan ze zouden moeten komen, en gaat mijn geluid luider en zachter zomaar

edit: ook mijn browser begint raar te doen (knoppen die vervagen)
komt erger met het uur

**Juisterr** · 24 maart 2012, 19:55

Dat is niet best.

Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

http://www.imgdumper.nl/uploads4/4de...3-Combofix.JPG

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier 2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

**clubje** · 25 maart 2012, 20:08

Bedankt alvast voor de hulp.

Heb alles uitgevoerd zoals gevraagd, maar op een bepaald moment meldde hij dat er moest heropgestart worden omdat er een probleem was vastgesteld dat vrij moeilijk te verwijderen valt en waar rebooting voor nodig was.
Zo gezegd zo gedaan, en bij heropstarten ging hij verder met scannen dus geen probleem.

Maar dan kwam hij plots bij "deleting maps" en daar heeft hij meer dan 3 u op gestaan...toen vond ik het welletjes en heb via task manager herstart.

PC startte gewoon terug op maar Combofix niet. Maar...alle problemen zijn (voorlopig toch) allemaal weg! Mijn pc terug zoals vroeger.

Ik kan dus geen log plaatsen, want de scan is nooit afgemaakt. Ik kan Combofix nog eens laten draaien natuurlijk, maar weet niet of dat goed idee is? Of ik kan nog eens een hijack-log plaatsen?

Ik volg uw advies...maar sowieso al bedankt voor de hulp!

**Juisterr** · 26 maart 2012, 18:26

Dan werd er wel heel veel verwijderd denk ik ?

Download OTL naar je Bureaublad

Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
Zet een vinkje bij Scan All Users.
Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
- Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
- Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

**clubje** · 26 maart 2012, 19:08

Yup, veel verwijderd. Ik denk dat er 52 lijnen kwamen met "delete..." ofzo.

Hier de twee gevraagde logs (in verschillende delen gepost).

OLT (deel 1)

OTL logfile created on: 3/26/2012 7:01:35 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Dries\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: België | Language: NLB | Date Format: d/MM/yyyy

2.99 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 62.21% Memory free
5.98 Gb Paging File | 4.54 Gb Available in Paging File | 75.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 555.07 Gb Total Space | 154.38 Gb Free Space | 27.81% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 19.64 Gb Free Space | 49.10% Space Free | Partition Type: NTFS
Drive E: | 2.05 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DRIES-PC | User Name: Dries | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/26 19:00:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Dries\Desktop\OTL.com
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/11/28 02:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/10/10 07:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011/09/08 21:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 07:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/01/05 11:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/05/18 10:45:00 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/22 19:57:36 | 000,678,432 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2009/12/17 18:18:24 | 000,368,640 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/12/17 18:17:54 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/11/07 12:46:52 | 000,020,480 | ---- | M] (X10) -- C:\Program Files\Common Files\X10\Common\X10nets.exe
PRC - [2009/09/08 09:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2009/09/08 09:47:07 | 004,513,792 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

========== Modules (No Company Name) ==========

MOD - [2011/01/08 13:44:28 | 011,807,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Web\ace3bede2f516f9e5bca620ad86cc063\System.We b.ni.dll
MOD - [2011/01/08 01:31:03 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Runtime.Remo#\6afe3a43d112ed5356d73468c5c44045 \System.Runtime.Remoting.ni.dll
MOD - [2010/08/24 13:56:33 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Windows.Forms\f92c882fd4e7005c005e208daa04c28d \System.Windows.Forms.ni.dll
MOD - [2010/08/24 13:56:11 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Drawing\fdeec42fa02f3d789c42be2e33b130eb\Syste m.Drawing.ni.dll
MOD - [2010/08/24 13:56:03 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Xml\3060dfcdecbeb8ee65077fb29b217c3d\System.Xm l.ni.dll
MOD - [2010/08/24 13:56:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem.Configuration\4be2653d1c9804d2ff6e6b66d22764e1 \System.Configuration.ni.dll
MOD - [2010/08/24 13:55:59 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\500ddd904b1099f95552a81b54223b7f\System.ni.dll
MOD - [2010/08/24 13:55:53 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\f58ab951b57c8526430486dcf7ee38fd\mscorlib.ni .dll
MOD - [2010/08/24 13:13:16 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager2.Graphics.Wizard\2.0.3638.29735__90ba9c70f84 6762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard. dll
MOD - [2010/08/24 13:13:16 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode. Graphics.Wizard\2.0.3638.29705__90ba9c70f846762e\C LI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/08/24 13:13:16 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Ru ntime\2.0.3638.29613__90ba9c70f846762e\CLI.Caste.G raphics.Runtime.dll
MOD - [2010/08/24 13:13:16 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.G raphics.Dashboard\2.0.3638.29671__90ba9c70f846762e \CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:16 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Wizard\2.0.3638.29633__90ba9c70f846762e\ CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/08/24 13:13:16 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.G raphics.Wizard\2.0.3638.29672__90ba9c70f846762e\CL I.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/08/24 13:13:16 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Runtime\2.0.3638.29685__90ba9c70f846762e\C LI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:16 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Da shboard\2.0.3638.29622__90ba9c70f846762e\CLI.Caste .Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:16 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Gr aphics.Dashboard\2.0.3638.29706__90ba9c70f846762e\ CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:16 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Runtime\2.0.3638.29666__90ba9c70f846762e\C LI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Runtime\2.0.3638.29656__90ba9c70f846 762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l
MOD - [2010/08/24 13:13:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wi zard\2.0.3638.29628__90ba9c70f846762e\CLI.Caste.Gr aphics.Wizard.dll
MOD - [2010/08/24 13:13:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHan dling.Graphics.Runtime\2.0.3638.29622__90ba9c70f84 6762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll
MOD - [2010/08/24 13:13:16 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Gr aphics.Runtime\2.0.3638.29736__90ba9c70f846762e\CL I.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:15 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager2.Graphics.Dashboard\2.0.3638.29731__90ba9c70 f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dash board.dll
MOD - [2010/08/24 13:13:15 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Gr aphics.Dashboard\2.0.3638.29659__90ba9c70f846762e\ CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:15 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Dashboard\2.0.3638.29634__90ba9c70f 846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll
MOD - [2010/08/24 13:13:15 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Gr aphics.Wizard\2.0.3638.29680__90ba9c70f846762e\CLI .Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010/08/24 13:13:15 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Dashboard\2.0.3638.29633__90ba9c70f84676 2e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:15 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayD PPE.Graphics.Dashboard\2.0.3638.29704__90ba9c70f84 6762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll
MOD - [2010/08/24 13:13:15 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Gr aphics.Runtime\2.0.3638.29658__90ba9c70f846762e\CL I.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:15 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Dashboard\2.0.3638.29664__90ba9c70f 846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll
MOD - [2010/08/24 13:13:15 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.G raphics.Runtime\2.0.3638.29671__90ba9c70f846762e\C LI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayD PPE.Graphics.Runtime\2.0.3638.29704__90ba9c70f8467 62e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Runtime\2.0.3638.29663__90ba9c70f84 6762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll
MOD - [2010/08/24 13:13:14 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Dashboard\2.0.3638.29658__90ba9c70f846762 e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:14 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Dashboard\2.0.3638.29653__90ba9c70f846762 e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:14 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Dashboard\2.0.3638.29665__90ba9c70f846762 e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:14 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Wizard\2.0.3638.29638__90ba9c70f846762e\C LI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010/08/24 13:13:14 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDispl ay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CL I.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/08/24 13:13:14 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Sh ared\2.0.3622.19963__90ba9c70f846762e\CLI.Caste.Gr aphics.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.36 22.19963__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/08/24 13:13:14 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Runtime\2.0.3638.29657__90ba9c70f846762e\ CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:14 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2. 0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601. dll
MOD - [2010/08/24 13:13:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Runtime\2.0.3638.29638__90ba9c70f84 6762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll
MOD - [2010/08/24 13:13:14 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Runtime\2.0.3638.29658__90ba9c70f846762e\ CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:14 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Runtime\2.0.3638.29665__90ba9c70f846762e\ CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/08/24 13:13:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.36 22.19962__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/08/24 13:13:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0 .3622.19963__90ba9c70f846762e\NEWAEM.Foundation.dl l
MOD - [2010/08/24 13:13:14 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManif est\2.0.3622.19993__90ba9c70f846762e\CLI.Foundatio n.XManifest.dll
MOD - [2010/08/24 13:13:14 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboa rd.Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Com ponent.Dashboard.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard. Shared\2.0.3622.19964__90ba9c70f846762e\CLI.Compon ent.Wizard.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client. Shared\2.0.3622.19963__90ba9c70f846762e\CLI.Compon ent.Client.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Gr aphics.Shared\2.0.3622.19973__90ba9c70f846762e\CLI .Aspect.Welcome.Graphics.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Sh ared\2.0.3622.19965__90ba9c70f846762e\AEM.Plugin.H otkeys.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shar ed\2.0.3622.19964__90ba9c70f846762e\AEM.Actions.CC AA.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.36 22.19965__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2. 0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706. dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3622 .19974__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.25 73.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime .Shared\2.0.3622.19965__90ba9c70f846762e\CLI.Compo nent.Runtime.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wi zard.Shared\2.0.3622.19971__90ba9c70f846762e\CLI.C aste.Graphics.Wizard.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Da shboard.Shared\2.0.3622.19966__90ba9c70f846762e\CL I.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessage s.Shared\2.0.3622.19966__90ba9c70f846762e\AEM.Plug in.WinMessages.Shared.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared \2.0.3622.19978__90ba9c70f846762e\AEM.Plugin.REG.S hared.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\ 2.0.3622.19975__90ba9c70f846762e\AEM.Plugin.GD.Sha red.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared \2.0.3622.19967__90ba9c70f846762e\AEM.Plugin.EEU.S hared.dll
MOD - [2010/08/24 13:13:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Share d\2.0.3622.19974__90ba9c70f846762e\AEM.Plugin.DPPE .Shared.dll
MOD - [2010/08/24 13:13:14 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90b a9c70f846762e\atixclib.dll
MOD - [2010/08/24 13:13:13 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Fo undation.Implementation\2.0.3638.29730__90ba9c70f8 46762e\ResourceManagement.Foundation.Implementatio n.dll
MOD - [2010/08/24 13:13:13 | 000,565,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemt ray\2.0.3638.29694__90ba9c70f846762e\CLI.Component .Systemtray.dll
MOD - [2010/08/24 13:13:13 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\ 2.0.3638.29627__90ba9c70f846762e\CLI.Component.Wiz ard.dll
MOD - [2010/08/24 13:13:13 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2. 0.3638.29699__90ba9c70f846762e\MOM.Implementation. dll
MOD - [2010/08/24 13:13:13 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implem entation\2.0.3638.29698__90ba9c70f846762e\LOG.Foun dation.Implementation.dll
MOD - [2010/08/24 13:13:13 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Shared\2.0.3622.19968__90ba9c70f846762e\CL I.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime \2.0.3638.29611__90ba9c70f846762e\CLI.Component.Ru ntime.dll
MOD - [2010/08/24 13:13:13 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Gr aphics.Shared\2.0.3622.19966__90ba9c70f846762e\CLI .Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFac tory\2.0.3638.29612__90ba9c70f846762e\CLI.Componen t.SkinFactory.dll
MOD - [2010/08/24 13:13:13 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.G raphics.Shared\2.0.3622.19977__90ba9c70f846762e\CL I.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Shared\2.0.3622.19966__90ba9c70f846762e\C LI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Shared\2.0.3622.19970__90ba9c70f846762e\C LI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime .Shared.Private\2.0.3622.19967__90ba9c70f846762e\C LI.Component.Runtime.Shared.Private.dll
MOD - [2010/08/24 13:13:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit .Server\2.0.3638.29710__90ba9c70f846762e\AEM.Plugi n.Source.Kit.Server.dll
MOD - [2010/08/24 13:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Privat e\2.0.3622.19963__90ba9c70f846762e\CLI.Foundation. Private.dll
MOD - [2010/08/24 13:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode. Graphics.Shared\2.0.3622.19973__90ba9c70f846762e\C LI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Shared\2.0.3622.19965__90ba9c70f8467 62e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Shared\2.0.3622.19967__90ba9c70f846762e\CL I.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Privat e\2.0.3622.19963__90ba9c70f846762e\LOG.Foundation. Private.dll
MOD - [2010/08/24 13:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayD PPE.Graphics.Shared\2.0.3622.19972__90ba9c70f84676 2e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Shared\2.0.3622.19971__90ba9c70f846 762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l
MOD - [2010/08/24 13:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Shared\2.0.3622.19974__90ba9c70f846762e\C LI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomForm ats.Graphics.Shared\2.0.3622.19964__90ba9c70f84676 2e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/08/24 13:13:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard. Shared.Private\2.0.3622.19965__90ba9c70f846762e\CL I.Component.Wizard.Shared.Private.dll
MOD - [2010/08/24 13:13:13 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Shared\2.0.3622.19968__90ba9c70f846 762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l
MOD - [2010/08/24 13:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Fo undation.Private\2.0.3622.19964__90ba9c70f846762e\ ResourceManagement.Foundation.Private.dll
MOD - [2010/08/24 13:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implem entation.Private\2.0.3622.19967__90ba9c70f846762e\ LOG.Foundation.Implementation.Private.dll
MOD - [2010/08/24 13:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHan dling.Graphics.Shared\2.0.3622.19965__90ba9c70f846 762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l
MOD - [2010/08/24 13:13:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.36 22.19967__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/08/24 13:13:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0 .3622.19965__90ba9c70f846762e\AEM.Server.Shared.dl l
MOD - [2010/08/24 13:13:13 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime .Extension.EEU\2.0.3638.29611__90ba9c70f846762e\CL I.Component.Runtime.Extension.EEU.dll
MOD - [2010/08/24 13:13:12 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboa rd\2.0.3638.29618__90ba9c70f846762e\CLI.Component. Dashboard.dll
MOD - [2010/08/24 13:13:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3638.2 9609__90ba9c70f846762e\APM.Server.dll
MOD - [2010/08/24 13:13:12 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3638.2 9610__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/08/24 13:13:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client. Shared.Private\2.0.3622.19964__90ba9c70f846762e\CL I.Component.Client.Shared.Private.dll
MOD - [2010/08/24 13:13:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90b a9c70f846762e\ATICCCom.dll
MOD - [2010/08/24 13:13:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboa rd.Shared.Private\2.0.3622.19967__90ba9c70f846762e \CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/08/24 13:13:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Ru ntime.Shared.Private\2.0.3622.19968__90ba9c70f8467 62e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/08/24 13:13:12 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2. 0.3638.29699__90ba9c70f846762e\CCC.Implementation. dll
MOD - [2010/05/18 09:26:39 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms. resources\2.0.0.0_nl_b77a5c561934e089\System.Windo ws.Forms.resources.dll
MOD - [2010/05/18 09:26:32 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2. 0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

**clubje** · 26 maart 2012, 19:09

OTL (deel 2)

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\interactivelogon.dll -- (WNIPROT5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\isapisearch.dll -- (wmp54gsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\parallel.dll -- (wmdmpmsp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nmservice.dll -- (VirtualFD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\us30service.dll -- (VC4CB104)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\twdns.dll -- (usprserv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\p1131vid.dll -- (uploadmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c34nb4c5.dll -- (uhcd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\emproxy.dll -- (TestHandler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AMDPCI.dll -- (tap0901)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\itchfltr.dll -- (sp_clamsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Cmgmt.dll -- (SndTDriverV32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\enum1394.dll -- (snapman380)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hsf_dpv.dll -- (smservauth)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s3psddr.dll -- (SenFiltService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NxNetMon.dll -- (se45mdfl)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NWDHCP.dll -- (RadProbe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wuolservice.dll -- (pmsveh)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w200mdfl.dll -- (pepifilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RTL8169.dll -- (pdlnctdl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kl1.dll -- (oraclewebassistant)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fdc.dll -- (NtMtlFax)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srvdpi.dll -- (NMSCFG)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlaboiom.dll -- (nimxdfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dbus.dll -- (NICM)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\raidmsvr.dll -- (mhn)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\coste.dll -- (mcupdmgr.exe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dwusbdnt.dll -- (Machnm32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acmservice.dll -- (macformatservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WcesComm.dll -- (generichidservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\portio.dll -- (enxpsvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmiapsrv.dll -- (dpc_srv_webcast)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdudf_xp.dll -- (DMUSBUSBDCam)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c-dillasrv.dll -- (dlbx_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VMAUDIO.dll -- (deckzpsx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acrotray.dll -- (cxpt_service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnshay.dll -- (cxlpt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vclone.dll -- (ctsfm2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CVirtA.dll -- (cpuz132)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\plscsi.dll -- (BVRPMPR5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\belgium_id_card_service.dll -- (backupexecalertserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\USA49W2KP.dll -- (avhook)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bthmodem.dll -- (Atmuni)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZuneBusEnum.dll -- (ARSVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ntlmssp.dll -- (ARPolicy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\perc2.dll -- (aeclienthostservice)
SRV - [2012/03/09 16:06:11 | 002,152,152 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012/02/23 19:59:30 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/01/21 18:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/12/17 18:17:54 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/11/07 12:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
SRV - [2009/09/08 09:48:55 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Dries\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/12/23 08:12:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2011/12/23 08:12:10 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/10/07 07:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 07:21:28 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 07:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 07:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/29 19:45:45 | 000,023,680 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH)
DRV - [2011/07/29 19:45:45 | 000,007,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2011/07/11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 02:14:14 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 02:14:12 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/11 02:14:12 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/01/09 18:30:41 | 000,218,176 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/06/09 13:00:48 | 001,554,472 | ---- | M] (Trident Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TrdCap.sys -- (TrdCap)
DRV - [2010/05/24 15:46:34 | 000,193,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/03/02 13:24:58 | 001,006,624 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009/12/17 18:52:18 | 005,145,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/09/30 09:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/05/13 21:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2009/05/13 21:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

**clubje** · 26 maart 2012, 19:09

OTL (deel 3)

IE - HKU\S-1-5-21-1214059850-2673516941-380067596-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1214059850-2673516941-380067596-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1214059850-2673516941-380067596-1000\..\SearchScopes,DefaultScope = {DB7A8016-CD51-481B-84C9-86490D1E3283}
IE - HKU\S-1-5-21-1214059850-2673516941-380067596-1000\..\SearchScopes\{DB7A8016-CD51-481B-84C9-86490D1E3283}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer

ource?}&ie={inputEncoding}&oe={outputEncoding}&sou rceid=ie7&rlz=1I7MDNA_enDE393
IE - HKU\S-1-5-21-1214059850-2673516941-380067596-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.be"
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/06 15:18:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/21 19:07:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/14 15:42:40 | 000,000,000 | ---D | M]

[2011/01/07 20:21:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dries\AppData\Roaming\mozilla\Extensions
[2011/08/09 13:25:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dries\AppData\Roaming\mozilla\Firefox\Pro files\fkkvgs7d.default\extensions
[2011/01/08 20:55:28 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Dries\AppData\Roaming\mozilla\Firefox\Pro files\fkkvgs7d.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2011/08/09 13:25:08 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Dries\AppData\Roaming\mozilla\Firefox\Pro files\fkkvgs7d.default\extensions\DeviceDetection@ logitech.com
[2012/02/24 17:39:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/02/24 17:39:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/03/21 19:07:27 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/08/24 11:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2012/02/17 17:35:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/17 17:35:12 | 000,001,892 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2012/02/17 17:35:12 | 000,004,558 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012/02/17 17:35:12 | 000,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml
[2011/03/12 17:45:12 | 000,001,106 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-nl.xml

========== Chrome ==========

Hosts file not found
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1214059850-2673516941-380067596-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1214059850-2673516941-380067596-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1214059850-2673516941-380067596-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1214059850-2673516941-380067596-1003..\RunOnce: [MEDION] C:\Windows\Web\Wallpaper\MEDION\start.vbs File not found
O4 - HKU\S-1-5-21-1214059850-2673516941-380067596-1003..\RunOnce: [Screensaver] C:\Windows\Web\Wallpaper\MEDION\start.vbs File not found
O4 - HKU\S-1-5-21-1214059850-2673516941-380067596-1003..\RunOnce: [spchecker] "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: &D&ownload &met BitComet - C:\Program Files\BitComet\BitComet.exe (BitComet - A free C++ BitTorrent/HTTP/FTP Download Client)
O8 - Extra context menu item: &D&ownload alles met BitComet - C:\Program Files\BitComet\BitComet.exe (BitComet - A free C++ BitTorrent/HTTP/FTP Download Client)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België File not found
O9 - Extra 'Tools' menuitem : eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay België File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files\PokerStars.BE\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.133 195.130.131.133
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{16601466-C772-4CB6-A238-F2D88C533590}: DhcpNameServer = 195.130.130.133 195.130.131.133
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{9A5A1CC0-48B0-4E83-8A8C-1B631504C957}: DhcpNameServer = 195.130.130.133 195.130.131.133
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003/12/01 18:39:56 | 000,002,998 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2004/01/28 15:46:41 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/26 19:00:35 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Dries\Desktop\OTL.com
[2012/03/25 14:06:53 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/03/25 14:06:53 | 000,000,000 | ---D | C] -- C:\Users\Dries\AppData\Local\temp
[2012/03/25 13:54:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/03/25 13:54:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/03/25 13:54:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/03/25 13:54:26 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/03/25 13:54:25 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/03/25 13:53:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/03/25 13:52:21 | 004,443,082 | R--- | C] (Swearware) -- C:\Users\Dries\Desktop\ComboFix.exe
[2012/03/24 14:27:18 | 000,000,000 | ---D | C] -- C:\Users\Dries\Documents\mails
[2012/03/24 13:51:49 | 000,000,000 | ---D | C] -- C:\Users\Dries\Documents\Instellingen utorrent
[2012/03/15 21:14:25 | 000,000,000 | ---D | C] -- C:\Users\Dries\AppData\Roaming\HoldemManager
[2012/03/09 16:04:43 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2012/03/09 16:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2012/03/09 15:44:25 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/03/09 15:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/02/28 21:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.BE
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/26 19:00:36 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Dries\Desktop\OTL.com
[2012/03/26 18:43:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/26 18:05:47 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/26 18:05:47 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/26 18:03:11 | 000,704,468 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2012/03/26 18:03:11 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/26 18:03:11 | 000,134,408 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2012/03/26 18:03:11 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/26 17:58:49 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/26 17:58:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/26 17:58:31 | 2406,924,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/25 17:32:29 | 092,621,341 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/03/25 13:52:31 | 004,443,082 | R--- | M] (Swearware) -- C:\Users\Dries\Desktop\ComboFix.exe
[2012/03/24 12:18:04 | 000,326,493 | ---- | M] () -- C:\Users\Dries\AppData\Local\census.cache
[2012/03/24 12:17:43 | 000,162,457 | ---- | M] () -- C:\Users\Dries\AppData\Local\ars.cache
[2012/03/24 12:08:48 | 000,000,036 | ---- | M] () -- C:\Users\Dries\AppData\Local\housecall.guid.cache
[2012/03/09 16:06:16 | 000,016,432 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/25 13:54:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/03/25 13:54:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/03/25 13:54:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/03/25 13:54:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/03/25 13:54:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/03/24 15:51:47 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2012/03/24 12:18:04 | 000,326,493 | ---- | C] () -- C:\Users\Dries\AppData\Local\census.cache
[2012/03/24 12:17:43 | 000,162,457 | ---- | C] () -- C:\Users\Dries\AppData\Local\ars.cache
[2012/03/24 12:08:48 | 000,000,036 | ---- | C] () -- C:\Users\Dries\AppData\Local\housecall.guid.cache
[2011/09/17 14:59:14 | 000,138,376 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/09/17 14:59:05 | 000,202,448 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/09/17 14:58:50 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/07/03 12:29:45 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/07/03 12:29:45 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/06/28 20:22:07 | 000,000,324 | ---- | C] () -- C:\Windows\game.ini
[2011/06/25 12:02:44 | 000,000,285 | ---- | C] () -- C:\Windows\cod2demo.ini
[2011/04/20 21:42:30 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/01/15 19:32:45 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/01/08 18:44:50 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2011/01/08 14:46:27 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011/01/07 21:35:01 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/01/07 19:56:26 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2010/08/26 15:45:44 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe
[2010/08/26 15:45:44 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2010/08/24 13:25:58 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010/08/24 13:25:10 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/08/24 13:18:46 | 000,011,020 | ---- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2010/08/24 13:11:36 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2010/08/24 13:11:36 | 000,196,565 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/08/24 13:11:36 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2010/08/24 12:23:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/08/23 21:37:16 | 000,009,896 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2010/05/18 09:28:13 | 000,704,468 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2010/05/18 09:28:13 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2010/05/18 09:28:13 | 000,134,408 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2010/05/18 09:28:13 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat

========== LOP Check ==========

[2011/02/01 21:08:32 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\Ariane Software
[2011/01/07 20:46:12 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\Ashampoo
[2012/02/06 15:18:33 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\AVG2012
[2011/01/09 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\BitComet
[2011/02/20 17:58:46 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\Canneverbe Limited
[2011/01/09 18:36:06 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\DAEMON Tools Lite
[2012/02/08 22:34:53 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\Dropbox
[2011/01/08 14:44:44 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\HEM Data
[2012/03/15 21:14:46 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\HoldemManager
[2011/04/20 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\PrimoPDF
[2011/01/09 18:26:11 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\SoftGrid Client
[2011/02/06 15:39:17 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\Subsync
[2011/02/06 15:40:12 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\Subversion
[2011/01/07 21:20:28 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\TP
[2012/03/24 13:55:26 | 000,000,000 | ---D | M] -- C:\Users\Dries\AppData\Roaming\uTorrent
[2012/03/11 13:58:51 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 81 bytes -> C:\Program Files\Cake Poker 2.0:MID

< End of report >

**clubje** · 26 maart 2012, 19:10

Extras.txt

OTL Extras logfile created on: 3/26/2012 7:01:35 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Dries\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: België | Language: NLB | Date Format: d/MM/yyyy

2.99 Gb Total Physical Memory | 1.86 Gb Available Physical Memory | 62.21% Memory free
5.98 Gb Paging File | 4.54 Gb Available in Paging File | 75.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 555.07 Gb Total Space | 154.38 Gb Free Space | 27.81% Space Free | Partition Type: NTFS
Drive D: | 40.00 Gb Total Space | 19.64 Gb Free Space | 49.10% Space Free | Partition Type: NTFS
Drive E: | 2.05 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DRIES-PC | User Name: Dries | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1214059850-2673516941-380067596-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05111291-C4F7-8292-01A2-C113286286A4}" = CCC Help Russian
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{071B5C15-8CD0-744E-B0BC-F5855F8DECB0}" = CCC Help Hungarian
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0AAC425C-6B3E-CD6E-BFFB-5D751CC6753C}" = CCC Help Japanese
"{0DAAFBE9-86D2-BDF6-CC64-34DE56EF5960}" = CCC Help Spanish
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{14191227-D02E-B89F-9B98-95EBB3A547AD}" = Catalyst Control Center Localization All
"{1573631D-6883-DA31-9A46-9FB22B38F75F}" = CCC Help Italian
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1AD017B8-F7C4-D914-A38C-4756F2DD09F6}" = Catalyst Control Center Graphics Full New
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32061277-9F45-4C3B-8299-D106D5A502ED}" = Windows Live Movie Maker
"{343F5BC0-7765-BE30-08AF-798781247903}" = ccc-core-static
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{35CA031C-D3CD-4A28-8D9B-C71466C4F045}" = Windows Live Writer
"{3ABC3B58-0CAD-E52D-4F36-9379D25794FE}" = Catalyst Control Center Graphics Previews Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C7F3C64-0CF2-71E6-25A2-C4093A1D50D5}" = ccc-utility
"{3CB70B01-4BC8-4C0F-B28F-7C6E33F913CC}" = Gtk# for .Net 2.12.9
"{3D4A7623-61FE-BF12-C2A8-39C1D0E533CF}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{472B7916-CB4E-6F58-056E-804781DFEFF8}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DECFC9F-2310-4C02-009A-B6758306EF00}" = FIFA 06
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{4FF5A6ED-9A89-3E3D-5ADB-60602DA8FB6D}" = CCC Help Greek
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{5914674F-5E85-103E-AE01-C69177C320AF}" = CCC Help Portuguese
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6FC9A3FA-61F5-0D3E-062D-D2C85DA71651}" = CCC Help Norwegian
"{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}" = Windows Live Photo Gallery
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80FE4054-30AD-A402-BD23-0D3580376EAF}" = CCC Help Dutch
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{838CFC61-FA8C-5AD2-7E86-1BA036D5479F}" = ATI Catalyst Install Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E9976D2-E563-43DE-A51F-5AEBC38D1F08}" = Ad-Aware
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{93C95468-5FFB-101B-FE4F-1B2460AD4791}" = CCC Help French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96534FAB-69B3-CB78-3312-5416A253792C}" = CCC Help Turkish
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A13AB951-00E5-F431-A1E4-E430F6DF0BD0}" = CCC Help Thai
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A43A4D7C-8D09-E5AA-F10A-FA99C2D6B400}" = CCC Help Danish
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8832278-3937-6753-A07A-DF23FA6A569A}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA484486-87CC-91E3-C8C1-F505D06A9BEE}" = CCC Help German
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI
"{B2934A24-C863-7ABE-B054-AD4E97BE48E4}" = CCC Help Finnish
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B972E956-F6FB-FAD7-43BF-09F558DCFFE6}" = Catalyst Control Center Graphics Previews Common
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C05900D1-D58F-4E26-C60D-605E49583F7E}" = CCC Help Swedish
"{C20C2630-B3A7-44BA-BDD0-31E256AE490E}" = Windows Live Call
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3876972-1660-0FC0-5550-B903D161E4D8}" = Catalyst Control Center Graphics Light
"{DAB36FAD-35DE-486A-9F1A-7784AC1E78B5}" = Catalyst Control Center Core Implementation
"{DFC1FA94-6D9D-7093-A60D-BEFF1A083023}" = CCC Help Chinese Traditional
"{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E7E84E23-C5C0-4B15-B13A-C63149E59C98}" = AVG 2012
"{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EEE369FB-0F44-D01A-C953-2BFA81362638}" = CCC Help Czech
"{EF33D4A2-8A46-84FF-CFAA-7F90F8EE670F}" = Catalyst Control Center Graphics Full Existing
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3A6830D-689F-C34E-5F38-9D66D7D5B3C3}" = CCC Help Chinese Standard
"{F53F4595-BDF7-C392-1CD5-1D425EBAA1A9}" = CCC Help Polish
"{F8718F95-21A1-44B9-97EC-679C93020BAE}" = Colin McRae Rally 04
"{FB9CDF41-F0B9-4F31-9230-7DF0D6637270}" = Call of Duty(R) 2 Demo
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ares" = Ares 2.1.7
"AVG" = AVG 2012
"BitComet" = BitComet 1.25
"Cake Poker 2.0" = Cake Poker 2.0
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"Cisco Connect" = Cisco Connect
"DAEMON Tools Lite" = DAEMON Tools Lite
"DirectVobSub" = DirectVobSub (remove only)
"Google Chrome" = Google Chrome
"HoldemManager" = Holdem Manager
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaShow Espresso
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallShield_{FB9CDF41-F0B9-4F31-9230-7DF0D6637270}" = Call of Duty(R) 2 Demo
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox 11.0 (x86 nl)" = Mozilla Firefox 11.0 (x86 nl)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PokerStars.be" = PokerStars.be
"PostgreSQL 8.4" = PostgreSQL 8.4
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"ST6UNST #1" = SubSync
"Steam App 40" = Deathmatch Classic
"Steam App 50" = Half-Life: Opposing Force
"SubtitleWorkshop" = Subtitle Workshop 2.51
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UsbBoost" = UsbBoost
"UT2004-Demo" = Unreal Tournament 2004 Demo
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
"Youtube Downloader_is1" = Youtube Downloader 4.51

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1214059850-2673516941-380067596-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/21/2012 1:00:45 PM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-21 18:00:45 CETFATAL: the database system is starting up

Error - 3/22/2012 2:46:27 PM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-22 19:46:27 CETFATAL: the database system is starting up

Error - 3/23/2012 9:09:35 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-23 14:09:35 CETFATAL: the database system is starting up

Error - 3/25/2012 7:58:08 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-25 13:58:08 CESTFATAL: the database system is starting up

Error - 3/25/2012 7:58:09 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-25 13:58:09 CESTFATAL: the database system is starting up

Error - 3/25/2012 7:58:10 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-25 13:58:10 CESTFATAL: the database system is starting up

Error - 3/25/2012 7:58:11 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-25 13:58:11 CESTFATAL: the database system is starting up

Error - 3/25/2012 7:58:12 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-25 13:58:12 CESTFATAL: the database system is starting up

Error - 3/25/2012 10:17:53 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-25 16:17:52 CESTFATAL: the database system is starting up

Error - 3/26/2012 11:58:39 AM | Computer Name = Dries-PC | Source = PostgreSQL | ID = 0
Description = 2012-03-26 17:58:38 CESTFATAL: the database system is starting up

[ System Events ]
Error - 3/26/2012 11:58:38 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7023
Description = De Lxcc_device-service is gestopt met de volgende foutcode: %%126.

Error - 3/26/2012 11:58:38 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7023
Description = De Ntservice1-service is gestopt met de volgende foutcode: %%126.

Error - 3/26/2012 11:58:38 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7023
Description = De Bdftdif-service is gestopt met de volgende foutcode: %%126.

Error - 3/26/2012 11:58:38 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7023
Description = De Nsengine-service is gestopt met de volgende foutcode: %%126.

Error - 3/26/2012 11:58:38 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7023
Description = De Ramaint-service is gestopt met de volgende foutcode: %%126.

Error - 3/26/2012 11:58:38 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7023
Description = De Vpcnfltr-service is gestopt met de volgende foutcode: %%126.

Error - 3/26/2012 11:58:38 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7023
Description = De MXOFX-service is gestopt met de volgende foutcode: %%126.

Error - 3/26/2012 11:58:40 AM | Computer Name = Dries-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 3/26/2012 11:58:48 AM | Computer Name = Dries-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Er is een fout opgetreden bij een poging het local hosts-bestand te
lezen.

Error - 3/26/2012 11:59:08 AM | Computer Name = Dries-PC | Source = Service Control Manager | ID = 7024
Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout
%%-2147023143.

< End of report >

**Juisterr** · 27 maart 2012, 20:43

En hoe gaat het nu ?

**clubje** · 27 maart 2012, 23:02

Zoals ik zei, pc is als herboren.

Enorm bedankt, als ik zie hoe jij hier het forum zowat op jouw eentje draaiende houdt, kan ik alleen maar zeggen: respect

Tot later, als ik nog es probs heb

**Juisterr** · 29 maart 2012, 18:53

Dank je wel clubje

Discussie: AVG meldt constant Trojan Horses

LinkBack

Discussietools

Geef een waardering voor deze discussie

AVG meldt constant Trojan Horses

Discussie informatie

Users Browsing this Thread

Regels voor berichten