Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

win32/IRCbot.gen!k


  • Please log in to reply

#1
govers

govers

    New Member

  • Member
  • Pip
  • 1 posts
greetings

recently i'm having some pc problems.
I have a laptop running on vista my other pc is running xp.
both detect the IRCbot when i runned microsoft windows essentials.
It takes a long time to start up my pc's also i keep losing internet connection.
one more problem is that i cant find all my maps on my external hard disc. They are not erased because i can axces them with my tv.

OTL logfile created on: 30/07/2011 0:16:31 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Nick\Downloads
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

2,99 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 38,47% Memory free
6,18 Gb Paging File | 4,37 Gb Available in Paging File | 70,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60,09 Gb Total Space | 17,02 Gb Free Space | 28,32% Space Free | Partition Type: NTFS
Drive D: | 228,00 Gb Total Space | 76,99 Gb Free Space | 33,77% Space Free | Partition Type: NTFS

Computer Name: GG | User Name: Nick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/30 00:05:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Nick\Downloads\OTL.exe
PRC - [2011/07/29 23:25:20 | 014,238,664 | ---- | M] (Microsoft Corporation) -- C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\13WVF0J5\windows-kb890830-v3.21.exe
PRC - [2011/07/11 10:05:26 | 000,240,288 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe
PRC - [2011/07/01 09:54:42 | 000,083,912 | ---- | M] (Microsoft Corporation) -- d:\54bc138372c243864bc3d5662e\mrtstub.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/12/14 16:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2010/10/25 11:07:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe
PRC - [2010/10/25 11:03:52 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/08/24 11:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/07/20 13:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 13:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/10 01:13:46 | 000,077,824 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
PRC - [2009/03/10 01:13:18 | 000,094,208 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe
PRC - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/10/06 11:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008/08/13 13:57:52 | 002,670,592 | ---- | M] () -- C:\Program Files\Softex\OmniPass\scureapp.exe
PRC - [2008/08/13 13:54:32 | 000,069,632 | ---- | M] () -- C:\Program Files\Softex\OmniPass\opvapp.exe
PRC - [2008/08/13 13:54:16 | 000,040,960 | ---- | M] (Softex Inc.) -- C:\Program Files\Softex\OmniPass\OmniServ.exe
PRC - [2008/07/10 13:42:14 | 000,819,200 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/07/10 13:12:40 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/07/08 04:27:50 | 006,273,568 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/05/12 12:38:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/03/18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008/02/12 06:19:52 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008/02/12 06:19:52 | 000,723,496 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe


========== Modules (SafeList) ==========

MOD - [2011/07/30 00:05:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Nick\Downloads\OTL.exe
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/07/27 08:56:32 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/25 11:07:48 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2010/10/25 11:03:52 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/08/24 11:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/07/20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/08/13 13:54:16 | 000,040,960 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Program Files\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2008/07/10 13:42:14 | 000,819,200 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/07/10 13:12:40 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/05/12 12:38:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/03/18 05:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/01/21 04:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/07/29 20:42:43 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{38F66951-238E-4771-AF05-DE0A10B4A941}\MpKslf8434da0.sys -- (MpKslf8434da0)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/10/25 11:07:48 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/10/25 11:03:52 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/07/28 15:33:24 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010/07/28 15:33:24 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010/07/28 15:33:24 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2009/06/26 22:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/06/17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/04/11 06:38:59 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/08/14 02:40:12 | 000,129,664 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2008/07/26 21:24:00 | 007,548,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/07/11 02:43:08 | 000,239,232 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2008/06/25 23:30:50 | 003,662,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/05/30 06:44:42 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/05/08 11:51:18 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel®
DRV - [2008/03/21 05:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/21 04:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/21 04:23:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/09/07 07:43:56 | 000,006,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2006/11/14 02:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
DRV - [2006/11/02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/12 11:01:44 | 000,053,168 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\alcan5wn.sys -- (alcan5wn) Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2002/11/12 11:01:42 | 000,748,544 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\alcaudsl.sys -- (alcaudsl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/06 19:20:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/06 19:20:47 | 000,000,000 | ---D | M]

[2010/08/12 13:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\mozilla\Extensions
[2010/08/12 13:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/02/08 14:38:29 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] D:\Games\STEAM\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
O4 - Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk = C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.4 195.130.131.4
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-9072472655-5910047704-779169490-9435\rundll32.exe) - C:\RECYCLER\S-1-5-21-9072472655-5910047704-779169490-9435\ [2010/05/21 20:02:32 | 000,000,000 | RHSD | M]
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1ffd470a-0226-11e0-b34d-00242cfa52e2}\Shell\AutoRun\command - "" = F:\RECYCLER\help.exe
O33 - MountPoints2\{1ffd470a-0226-11e0-b34d-00242cfa52e2}\Shell\opEN\CoMmanD - "" = F:\RECYCLER\help.exe
O33 - MountPoints2\{482c4909-a601-11df-b040-00242cfa52e2}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O33 - MountPoints2\{6c1302c4-67ee-11de-ab94-00242cfa52e2}\Shell\AutoRun\command - "" = RECYCLER\help.exe
O33 - MountPoints2\{6c1302c4-67ee-11de-ab94-00242cfa52e2}\Shell\opEN\CoMmanD - "" = RECYCLER\help.exe
O33 - MountPoints2\{a6107707-2089-11e0-b48d-00242cfa52e2}\Shell - "" = AutoRun
O33 - MountPoints2\{a6107707-2089-11e0-b48d-00242cfa52e2}\Shell\AutoRun\command - "" = F:\iStudio.exe
O33 - MountPoints2\{a7f5ab7c-85cb-11de-a111-00242cfa52e2}\Shell\Auto\command - "" = F:\exp1orer.exe
O33 - MountPoints2\{a7f5ab7c-85cb-11de-a111-00242cfa52e2}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\exp1orer.exe
O33 - MountPoints2\{c59e630f-8403-11df-9f59-00242cfa52e2}\Shell\AutoRun\command - "" = RECYCLER\help.exe
O33 - MountPoints2\{c59e630f-8403-11df-9f59-00242cfa52e2}\Shell\opEN\CoMmanD - "" = RECYCLER\help.exe
O33 - MountPoints2\{c9bb88ca-b488-11de-b97a-00242cfa52e2}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/29 13:19:51 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{2D758678-DEBC-4D1A-A5CE-27E212E7A6B4}
[2011/07/28 11:50:31 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{18856338-9E06-4E24-AEAD-7C99B358179F}
[2011/07/27 08:56:05 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{D9DCC21D-E57A-4772-AD14-51646A452435}
[2011/07/26 12:43:07 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{08E9530B-69AD-4FE4-AEC0-A28B9EBC655F}
[2011/07/25 18:56:14 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{86569BF8-9E31-4D51-9135-5C5E81544FA8}
[2011/07/24 13:18:00 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{91CFABC6-1A51-4DF7-93E5-689EFDFFA9D3}
[2011/07/24 05:57:59 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{3D6B0CDF-4D3D-413C-A819-8E3360265BCC}
[2011/07/22 13:36:03 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{5695FAA9-03D8-48D8-BE55-11AE8DB12C87}
[2011/07/21 19:54:04 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{A20BF6F8-15B0-467C-9FA8-81F2ABFBC5CB}
[2011/07/21 14:12:53 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{4E68AD26-3233-489D-8379-2C299B95EFFD}
[2011/07/20 14:17:52 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{E1BB0D6A-F255-43AF-8672-FA72CC5B7F9D}
[2011/07/19 19:01:22 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{7DAA9FCD-5E6B-4675-A560-CC68226E6681}
[2011/07/19 16:24:46 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{774E9E85-CD39-4296-A367-5E3CD219E388}
[2011/07/18 19:07:07 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{AF2C8E7E-60BB-4F29-AF4D-2B5BCDDBEEBB}
[2011/07/17 18:20:32 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{9A2094F6-2CE5-4751-9389-3C9DA2866784}
[2011/07/16 18:22:38 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{6F37B1A5-7C4A-452C-9DBA-4C9F0A751120}
[2011/07/15 18:16:25 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{8F4B5C67-D393-4DCD-8C95-1CC34A58C4C6}
[2011/07/14 18:28:36 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{2AA64794-F730-4624-8CF5-AF47756CB3D4}
[2011/07/14 18:13:19 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{C2D89D3D-77E9-4C6E-A4CB-4E84B33C3710}
[2011/07/13 18:12:48 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{871710DE-0C98-4A29-8CCA-9748E5F53188}
[2011/07/12 18:15:42 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{2A5A902F-5744-4C83-B210-FA3D5B215330}
[2011/07/11 22:03:34 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{1085B8BF-2183-4A74-A210-E3C5387BC14B}
[2011/07/11 19:14:08 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Intelli-studio
[2011/07/11 08:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/07/11 08:24:37 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\{D80DFD39-154F-4FF8-884B-5D7011BF557F}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/30 00:00:38 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/30 00:00:38 | 000,004,912 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/29 23:31:14 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/29 21:31:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/29 20:44:08 | 000,201,124 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/07/29 20:42:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/29 20:41:13 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/07/29 14:19:32 | 000,201,124 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/07/29 13:32:00 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/07/29 13:31:07 | 000,768,030 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2011/07/29 13:31:07 | 000,681,200 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/29 13:31:07 | 000,167,826 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2011/07/29 13:31:07 | 000,137,540 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/28 12:04:49 | 000,002,629 | ---- | M] () -- C:\Users\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/07/28 12:04:09 | 000,002,621 | ---- | M] () -- C:\Users\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/07/27 17:25:03 | 000,140,820 | ---- | M] () -- C:\Users\Nick\Desktop\Laundry_Day_Presale(5086532871573)_2.pdf
[2011/07/27 17:24:38 | 000,140,807 | ---- | M] () -- C:\Users\Nick\Desktop\Laundry_Day_Presale(5086532871573)_1.pdf
[2011/07/26 13:01:09 | 000,376,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/25 21:20:07 | 000,204,800 | ---- | M] () -- C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/19 16:45:35 | 000,000,399 | ---- | M] () -- C:\Users\Nick\Application Data\Microsoft\Internet Explorer\Quick Launch\Hotmail.website
[2011/07/11 22:13:37 | 003,409,579 | ---- | M] () -- C:\Users\Nick\Desktop\EXAMENROOSTERS-HORAIRES%20DES%20EXAMENS%20AUG-SEPT%202011%281%29.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/27 17:25:03 | 000,140,820 | ---- | C] () -- C:\Users\Nick\Desktop\Laundry_Day_Presale(5086532871573)_2.pdf
[2011/07/27 17:24:38 | 000,140,807 | ---- | C] () -- C:\Users\Nick\Desktop\Laundry_Day_Presale(5086532871573)_1.pdf
[2011/07/11 22:13:37 | 003,409,579 | ---- | C] () -- C:\Users\Nick\Desktop\EXAMENROOSTERS-HORAIRES%20DES%20EXAMENS%20AUG-SEPT%202011%281%29.pdf
[2010/10/25 11:09:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2010/10/25 11:09:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2010/10/25 11:09:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2010/10/25 11:09:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010/10/06 18:03:48 | 000,204,137 | ---- | C] () -- C:\Windows\hpoins40.dat.temp
[2010/10/06 18:03:45 | 000,000,992 | ---- | C] () -- C:\Windows\hpomdl40.dat.temp
[2010/10/06 16:28:44 | 000,204,295 | ---- | C] () -- C:\Windows\hpoins40.dat
[2010/05/26 19:19:38 | 000,000,680 | ---- | C] () -- C:\Users\Nick\AppData\Local\d3d9caps.dat
[2010/05/20 21:20:22 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/03/06 17:13:21 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/03/06 17:13:21 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/09/25 17:46:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/07 17:38:28 | 000,000,760 | ---- | C] () -- C:\Users\Nick\AppData\Roaming\setup_ldm.iss
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/18 17:46:40 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/18 17:46:40 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/07/18 17:46:08 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/06/11 04:51:05 | 000,000,992 | ---- | C] () -- C:\Windows\hpomdl40.dat
[2009/06/10 17:55:24 | 000,005,607 | ---- | C] () -- C:\Windows\System32\stci.dll
[2009/05/26 20:17:40 | 000,204,800 | ---- | C] () -- C:\Users\Nick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/16 07:13:58 | 000,201,124 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/04/16 07:10:04 | 000,201,124 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/01/12 19:15:30 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/01/12 02:59:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/12 02:49:27 | 000,002,714 | ---- | C] () -- C:\Windows\HotFixList.ini
[2009/01/12 02:37:46 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2009/01/12 02:37:35 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2009/01/12 02:37:35 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2009/01/12 02:23:54 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2009/01/12 01:57:56 | 000,768,030 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2009/01/12 01:57:56 | 000,336,440 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2009/01/12 01:57:56 | 000,167,826 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2009/01/12 01:57:56 | 000,041,976 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2009/01/12 01:49:28 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/05/16 11:58:04 | 000,012,632 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2008/04/25 08:53:06 | 000,053,248 | ---- | C] () -- C:\Windows\etRunDLL.dll
[2008/02/09 17:59:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/02/26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat
[2006/11/02 14:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:47:43 | 000,376,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,681,200 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,137,540 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/11/14 05:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2010/12/26 23:27:05 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\AVG10
[2011/03/05 14:34:47 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\BitLord
[2011/06/12 21:47:07 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Bluebits
[2011/01/03 21:03:02 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\BSplayer
[2010/11/09 22:30:41 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\BSplayer Pro
[2010/11/22 22:02:33 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\PC Suite
[2011/02/11 10:58:30 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\PDF Writer
[2011/02/22 00:42:02 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Python-Eggs
[2010/11/22 21:29:45 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\Samsung
[2010/08/12 13:12:51 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\TomTom
[2011/07/29 20:41:14 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP