OTL logfile created on: 29-3-2012 19:43:07 - Run 2
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Documents and Settings\Ad\Bureaublad
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
 
2,00 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 80,02% Memory free
2,60 Gb Paging File | 2,32 Gb Available in Paging File | 89,07% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,00 Gb Total Space | 25,46 Gb Free Space | 72,73% Space Free | Partition Type: NTFS
Drive D: | 39,53 Gb Total Space | 38,30 Gb Free Space | 96,90% Space Free | Partition Type: NTFS
 
Computer Name: XPTEST | User Name: Ad | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-03-29 18:56:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ad\Bureaublad\OTL.exe
PRC - [2012-03-11 23:13:21 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012-03-11 23:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011-12-27 09:40:10 | 000,359,936 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\Privoxy\privoxy.exe
PRC - [2011-11-03 10:29:04 | 004,657,048 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files\SpeedFan\speedfan.exe
PRC - [2011-10-14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia_PSI\psia.exe
PRC - [2011-10-14 08:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia_PSI\psi_tray.exe
PRC - [2011-06-15 16:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011-04-27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008-04-14 19:02:58 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-03-29 19:01:08 | 000,192,512 | ---- | M] () -- C:\Documents and Settings\Ad\Local Settings\Temp\sfamcc00001.dll
MOD - [2012-03-29 19:01:08 | 000,172,032 | ---- | M] () -- C:\Documents and Settings\Ad\Local Settings\Temp\sfareca00001.dll
MOD - [2012-01-03 15:10:50 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.NLD
MOD - [2011-12-27 09:40:10 | 000,086,528 | ---- | M] () -- C:\Program Files\Privoxy\mgwz.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012-03-11 23:13:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011-10-14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia_PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011-04-27 16:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Fxdrv.sys -- (FXDRV)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012-03-28 12:47:00 | 000,032,768 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2012-03-28 12:47:00 | 000,004,096 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2012-03-11 23:13:46 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012-03-11 23:13:45 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012-03-11 23:13:44 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011-03-18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010-09-01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2005-06-20 16:08:44 | 002,324,480 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-08-04 00:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002-10-17 09:14:46 | 000,049,024 | R--- | M] (Windows (R) 2000 DDK provider) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex)
DRV - [2002-08-20 11:19:08 | 000,009,472 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf)
DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
 
[2012-03-24 16:26:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ad\Application Data\Mozilla\Extensions
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: WOT = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.12_0\
CHR - Extension: Hide My Ass! Web Proxy = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd\1.2.4_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.22_0\
CHR - Extension: IP Address and Domain Information = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lhgkegeccnckoiliokondpaaalbhafoa\3.11_0\
CHR - Extension: Better Pop Up Blocker = C:\Documents and Settings\Ad\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
 
O1 HOSTS File: ([2006-04-10 14:00:00 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\Ad\Menu Start\Programma's\Opstarten\SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Privoxy.lnk = C:\Program Files\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Secunia PSI Tray.lnk = C:\Program Files\Secunia_PSI\psi_tray.exe (Secunia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCABattery = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1322138425372 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7074664-653A-4FC4-95A1-C8E0CA1E1B96}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7074664-653A-4FC4-95A1-C8E0CA1E1B96}: NameServer = 8.26.56.26,156.154.70.22
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ad\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-11-24 14:56:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-03-29 19:08:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ad\Onlangs geopend
[2012-03-29 18:56:51 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ad\Bureaublad\OTL.exe
[2012-03-29 14:00:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012-03-28 22:50:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Bureaublad\Drivers
[2012-03-28 20:48:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Application Data\ImgBurn
[2012-03-28 20:47:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Bureaublad\B_Dog
[2012-03-28 20:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\ImgBurn
[2012-03-28 20:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2012-03-28 14:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\7-Zip
[2012-03-28 14:14:04 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012-03-28 13:32:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Application Data\Malwarebytes
[2012-03-28 13:32:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware
[2012-03-28 13:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012-03-28 13:31:55 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-03-28 13:31:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-03-24 16:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Local Settings\Application Data\Mozilla
[2012-03-24 16:04:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Application Data\tor
[2012-03-24 16:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Data
[2012-03-23 19:03:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Application Data\Mozilla
[2012-03-23 18:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Bureaublad\Tor Browser
[2012-03-23 18:55:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Privoxy
[2012-03-23 18:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\Privoxy
[2012-03-23 14:43:03 | 000,000,000 | -H-D | C] -- C:\VritualRoot
[2012-03-03 16:16:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012-03-03 16:13:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012-03-03 15:15:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Software
[2012-03-03 15:06:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Local Settings\Application Data\Temp
[2012-03-03 15:06:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Local Settings\Application Data\Adobe
[2012-03-03 15:06:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ad\Local Settings\Application Data\Secunia PSI
[2012-03-03 15:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia_PSI
[2012-03-03 14:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-03-03 14:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-03-03 14:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012-03-03 14:46:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2012-03-03 14:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012-03-03 14:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012-03-03 14:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2012-03-03 14:42:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ad\Application Data\.#
[2012-03-03 13:58:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2012-03-03 13:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-03-29 19:00:43 | 000,182,038 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-03-29 19:00:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-03-29 19:00:31 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2012-03-29 18:56:42 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ad\Bureaublad\OTL.exe
[2012-03-28 20:44:17 | 000,001,535 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\ImgBurn.lnk
[2012-03-28 13:32:03 | 000,000,809 | ---- | M] () -- C:\Documents and Settings\Ad\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012-03-28 13:16:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-03-28 12:48:00 | 000,004,096 | ---- | M] () -- C:\WINDOWS\System32\wdl.trm
[2012-03-28 12:47:53 | 000,937,984 | ---- | M] () -- C:\WINDOWS\System32\wbdbase.sve
[2012-03-28 12:47:32 | 001,630,208 | ---- | M] () -- C:\WINDOWS\System32\nwiz.exe
[2012-03-28 12:47:30 | 001,703,936 | ---- | M] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2012-03-28 12:47:30 | 001,019,904 | ---- | M] () -- C:\WINDOWS\System32\nvwimg.dll
[2012-03-28 12:47:29 | 000,466,944 | ---- | M] () -- C:\WINDOWS\System32\nvshell.dll
[2012-03-28 12:47:29 | 000,073,728 | ---- | M] () -- C:\WINDOWS\System32\nvtuicpl.cpl
[2012-03-28 12:47:27 | 000,286,720 | ---- | M] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2012-03-28 12:47:25 | 001,486,848 | ---- | M] () -- C:\WINDOWS\System32\nview.dll
[2012-03-28 12:47:24 | 001,339,392 | ---- | M] () -- C:\WINDOWS\System32\nvdspsch.exe
[2012-03-28 12:47:20 | 000,442,368 | ---- | M] () -- C:\WINDOWS\System32\nvappbar.exe
[2012-03-28 12:47:20 | 000,126,976 | R--- | M] () -- C:\WINDOWS\System32\nv3drus.chm
[2012-03-28 12:47:07 | 000,425,984 | ---- | M] () -- C:\WINDOWS\System32\keystone.exe
[2012-03-28 12:47:03 | 000,139,264 | R--- | M] () -- C:\WINDOWS\System32\IDEproperty.dll
[2012-03-28 12:47:00 | 000,032,768 | R--- | M] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnicxp.sys
[2012-03-28 12:46:46 | 000,040,960 | R--- | M] () -- C:\WINDOWS\System32\ChCfg.exe
[2012-03-27 12:55:42 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Ad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-25 03:36:23 | 000,542,340 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2012-03-25 03:36:23 | 000,472,808 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-03-25 03:36:23 | 000,095,728 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2012-03-25 03:36:23 | 000,075,520 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-03-23 19:10:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Ad\Menu Start\Programma's\Opstarten\SpeedFan.lnk
[2012-03-23 18:55:16 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Privoxy.lnk
[2012-03-23 14:44:42 | 000,002,246 | ---- | M] () -- C:\Documents and Settings\Ad\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-03-23 13:37:20 | 000,000,513 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Secunia PSI Tray.lnk
[2012-03-11 23:13:46 | 000,097,760 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2012-03-11 23:13:45 | 000,031,704 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2012-03-11 23:13:44 | 000,494,968 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2012-03-11 23:13:43 | 000,018,056 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2012-03-11 23:13:19 | 000,033,984 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2012-03-11 23:13:18 | 000,301,224 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2012-03-03 16:17:44 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012-03-03 15:20:10 | 000,000,650 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Taakbeheer.lnk
[2012-03-03 13:40:36 | 000,002,845 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-03-28 20:44:17 | 000,001,535 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\ImgBurn.lnk
[2012-03-28 13:32:03 | 000,000,809 | ---- | C] () -- C:\Documents and Settings\Ad\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012-03-27 12:55:42 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Ad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-03-23 19:10:59 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Ad\Menu Start\Programma's\Opstarten\SpeedFan.lnk
[2012-03-23 18:55:16 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Privoxy.lnk
[2012-03-23 13:37:20 | 000,000,513 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Secunia PSI Tray.lnk
[2012-03-03 16:17:44 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012-03-03 16:17:10 | 000,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Security Essentials.lnk
[2012-03-03 15:18:33 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Taakbeheer.lnk
[2012-03-03 13:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-03-03 13:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011-11-24 15:38:17 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-11-24 14:59:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-11-24 14:51:13 | 000,021,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-11-24 14:26:35 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2011-11-24 14:26:27 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2011-11-24 14:26:27 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-11-24 14:24:07 | 000,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-03-03 14:43:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Ad\Application Data\.#
[2012-03-28 20:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ad\Application Data\ImgBurn
[2012-03-29 18:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

< End of report >