- new network cable
- used the same router port with another PC to be sure it works
- full Norton AV scan (nothing found)
- full MalwareBytes scan (nothing found)
- ran TDSSKiller (nothing found)
- ran Combofix (nothing found)
- ran Esets Service repair (issue still the same)
- booted in save mode with networking, but no internet access
- rolled back to last good configuration but no internet access
- copied following files from a different W7 Pro PC (renamed the original ones to "OLD") but issue remains
netbt.sys
dhcpcore6.dll
dhcpcore.dll
dhcpsvc.dll
dhcpsvc6.dll
dhcpsapi.dll
- I am seeing a message in the Windows event log that the Ancillary Function Driver for Winsock cannot be started...
- Am seeing in the registry LocalMAchines\System\CurrentControlset\Services\NetBT\Enum following parameter "Initstartfailed" 00000001
DHCP is not working, so i believe there is something wrong with DHCP, AFD and NteBT but i cannot get it clarified what this might be.
Posted this into the networking forum, and was asked to run the OTL tool, of which i will paste the logs below:
OTL.txt
========
OTL logfile created on: 3/30/2013 10:44:47 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = F:\
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: België | Language: NLB | Date Format: d/MM/yyyy
2.93 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 66.72% Memory free
5.86 Gb Paging File | 4.83 Gb Available in Paging File | 82.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 133.95 Gb Total Space | 69.15 Gb Free Space | 51.62% Space Free | Partition Type: NTFS
Drive D: | 134.04 Gb Total Space | 131.72 Gb Free Space | 98.27% Space Free | Partition Type: NTFS
Drive F: | 1.87 Gb Total Space | 0.52 Gb Free Space | 27.86% Space Free | Partition Type: FAT32
Computer Name: COMPUTER-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/03/30 09:57:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2013/03/19 17:23:09 | 000,256,600 | ---- | M] (Microsoft Corporation) -- C:\Users\Computer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2013/03/14 16:54:10 | 001,103,768 | ---- | M] (Spotify Ltd) -- C:\Users\Computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/01/04 03:59:29 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/06/16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ccsvchst.exe
PRC - [2012/04/11 22:51:00 | 000,175,632 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
PRC - [2012/02/23 11:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/07/29 21:05:42 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/05/23 12:36:30 | 002,068,480 | ---- | M] (Belgian Government) -- C:\Program Files\Belgium Identity Card\beid35gui.exe
PRC - [2011/03/25 21:32:40 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/08 16:46:58 | 001,115,568 | ---- | M] (iMesh, Inc) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/14 14:52:30 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GREGsvc.exe
PRC - [2009/12/09 10:24:16 | 000,076,320 | ---- | M] () -- C:\OEM\USBDECTIONX86\USBS3S4Detection.exe
PRC - [2009/12/09 09:50:00 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/12/09 09:49:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/11/17 15:18:20 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/11/17 15:18:10 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/10/02 22:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/10/02 22:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/05/12 19:07:08 | 000,417,792 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
PRC - [2009/05/12 19:05:32 | 000,376,832 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe
PRC - [2009/02/18 01:01:04 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/21 13:45:02 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013/03/21 13:44:22 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/03/21 13:44:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013/03/21 13:44:07 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll
MOD - [2013/03/21 13:44:03 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/03/21 13:43:55 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/03/21 13:43:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/03/21 13:43:52 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/03/21 13:43:43 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/12/22 14:53:41 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/11/17 15:16:40 | 000,465,576 | ---- | M] () -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009/08/14 15:05:40 | 000,135,168 | ---- | M] () -- C:\Program Files\Belgium Identity Card\imageformats\qjpeg4.dll
MOD - [2009/08/14 14:53:52 | 007,495,680 | ---- | M] () -- C:\Program Files\Belgium Identity Card\QtGui4.dll
MOD - [2009/08/14 14:32:24 | 001,961,984 | ---- | M] () -- C:\Program Files\Belgium Identity Card\QtCore4.dll
========== Services (SafeList) ==========
SRV - [2013/03/12 12:01:26 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ccSvcHst.exe -- (NAV)
SRV - [2012/04/11 22:51:00 | 000,175,632 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2)
SRV - [2011/05/06 10:03:10 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/25 21:32:40 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/07 03:02:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/12/09 10:24:16 | 000,076,320 | ---- | M] () [Auto | Running] -- C:\OEM\USBDECTIONX86\USBS3S4Detection.exe -- (USBS3S4Detection)
SRV - [2009/12/09 09:50:00 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/09 09:49:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/17 15:18:20 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/10/02 22:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/05/12 19:07:08 | 000,417,792 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe -- (ASLSvc)
SRV - [2009/02/18 01:01:04 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
========== Driver Services (SafeList) ==========
DRV - [2013/01/24 22:24:46 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20130320.017\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/01/24 22:24:46 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/01/24 22:24:46 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\VirusDefs\20130320.017\NAVENG.SYS -- (NAVENG)
DRV - [2013/01/24 22:03:12 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/01/23 16:37:50 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\IPSDefs\20130320.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/01/16 03:22:36 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\Definitions\BASHDefs\20130301.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/07/06 03:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NAV\1309010.00E\srtsp.sys -- (SRTSP)
DRV - [2012/07/06 03:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1309010.00E\srtspx.sys -- (SRTSPX)
DRV - [2012/06/07 05:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1309010.00E\ccsetx86.sys -- (ccSet_NAV)
DRV - [2012/05/22 02:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NAV\1309010.00E\symefa.sys -- (SymEFA)
DRV - [2012/04/18 03:13:32 | 000,318,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1309010.00E\symnets.sys -- (SymNetS)
DRV - [2012/04/18 02:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NAV\1309010.00E\ironx86.sys -- (SymIRON)
DRV - [2011/08/15 23:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NAV\1309010.00E\symds.sys -- (SymDS)
DRV - [2010/02/02 23:36:34 | 000,232,960 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2009/12/31 10:22:09 | 000,295,936 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2009/09/23 10:09:56 | 000,208,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress)
DRV - [2009/09/23 02:19:31 | 000,055,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2009/09/23 02:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009/09/23 02:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009/09/17 20:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009/06/25 09:32:08 | 000,078,848 | ---- | M] (SUNIX Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snxppalx.sys -- (SNXPPALX)
DRV - [2009/06/25 09:32:00 | 000,055,424 | ---- | M] (SUNIX Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snxpserx.sys -- (SNXPSERX)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2004/05/04 05:48:00 | 000,090,229 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\P1130Vid.sys -- (P1130VID)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\URLSearchHook: {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Program Files\IncrediMail_MediaBar_Nederlands_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Program Files\IncrediMail_MediaBar_Nederlands_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh....q={searchTerms}
IE - HKCU\..\SearchScopes\{A248FA21-D74B-4958-A64C-9300C9B3C717}: "URL" = http://websearch.ask...13-96515C78CA53
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...ox&a=NUYmvtL5QW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla Firefox\extensions\[email protected] [2011/06/03 10:14:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/02/10 09:17:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.0.145\IPSFFPlgn\ [2013/01/24 22:03:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/03/12 12:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/03/12 12:01:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2011/02/11 23:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\Extensions
[2011/02/11 23:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/06/03 10:14:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/03 10:14:35 | 000,000,000 | ---D | M] (eID België) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.be/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Docs = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Zoeken = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: PicMonkey Extension = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl\1.4_0\
CHR - Extension: SiteAdvisor = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Lightshot (screenshot tool) = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp\3.0.9_0\
CHR - Extension: Gmail = C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IncrediMail MediaBar Nederlands 2 Toolbar) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Program Files\IncrediMail_MediaBar_Nederlands_2\prxtbIncr.dll (Conduit Ltd.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Program Files\iMesh Applications\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Nederlands 2 Toolbar) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - C:\Program Files\IncrediMail_MediaBar_Nederlands_2\prxtbIncr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer SmartBoot] C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe (Belgian Government)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [EmbassySecurityCheck] ";C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Computer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify] C:\Users\Computer\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Computer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Computer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Verzenden naar OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Computer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.co...gamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.4 195.130.130.132
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Program Files\iMesh Applications\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7f8d31cd-37f9-11e2-b96a-1078d2a4e77f}\Shell - "" = AutoRun
O33 - MountPoints2\{7f8d31cd-37f9-11e2-b96a-1078d2a4e77f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{f603ae41-361b-11e0-ba95-1078d2a4e77f}\Shell - "" = AutoRun
O33 - MountPoints2\{f603ae41-361b-11e0-ba95-1078d2a4e77f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - msh263.drv File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013/03/30 10:36:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/03/29 19:21:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/03/29 18:49:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/03/29 18:43:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/29 18:41:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/03/29 18:41:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/03/29 18:41:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/03/29 18:40:37 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/03/29 18:40:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/03/29 18:40:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/03/29 18:34:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2013/03/29 14:50:47 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2013/03/29 14:50:47 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpsapi.dll
[2013/03/29 14:50:47 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2013/03/29 14:02:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Old
[2013/03/28 21:34:14 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Malwarebytes
[2013/03/28 21:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/21 03:01:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/03/21 03:00:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/03/20 20:43:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/03/14 03:01:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/03/14 03:01:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/03/14 03:01:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/14 03:01:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/03/14 03:01:57 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/03/14 03:01:57 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/03/14 03:01:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/14 03:01:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/12 12:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013/03/11 13:01:31 | 000,000,000 | ---D | C] -- C:\Users\Computer\Documents\My Weblog Posts
[2013/03/11 13:01:30 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Windows Live Writer
[2013/03/11 13:01:30 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Windows Live Writer
[2013/03/06 18:00:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/06 18:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/03/06 18:00:22 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Google
[2013/03/06 17:59:58 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Deployment
[2013/03/06 17:59:58 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Apps
========== Files - Modified Within 30 Days ==========
[2013/03/30 10:47:04 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/30 10:47:04 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/30 10:44:00 | 000,744,860 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2013/03/30 10:44:00 | 000,652,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/30 10:44:00 | 000,152,844 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2013/03/30 10:44:00 | 000,121,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/30 10:39:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/30 10:39:33 | 2358,566,912 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/30 10:24:27 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013/03/29 19:21:46 | 160,508,442 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/29 18:35:07 | 000,000,000 | ---- | M] () -- C:\Users\Computer\AppData\Local\WavXMapDrive.bat
[2013/03/21 13:34:14 | 000,354,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/03/21 13:25:27 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2013/03/21 03:05:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/20 18:05:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/19 17:29:29 | 000,000,390 | ---- | M] () -- C:\Users\Computer\Desktop\HTC.website
[2013/03/14 17:06:32 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/14 16:54:00 | 000,002,229 | ---- | M] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/12 12:11:07 | 000,002,060 | ---- | M] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
========== Files Created - No Company Name ==========
[2013/03/29 19:21:46 | 160,508,442 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/03/29 18:41:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/03/29 18:41:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/03/29 18:41:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/03/29 18:41:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/03/29 18:41:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/03/21 13:20:54 | 000,001,024 | ---- | C] () -- C:\.rnd
[2013/03/06 18:00:46 | 000,002,229 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/06 18:00:46 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/06 18:00:28 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/06 18:00:27 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/05 17:05:43 | 000,119,628 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/02/05 21:24:03 | 000,000,000 | ---- | C] () -- C:\Users\Computer\AppData\Local\WavXMapDrive.bat
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: SCSI
Media Type: Fixed hard disk media
Model: WDC WD3200AAJS-22L7A0
Partitions: 4
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: FLASH Drive UT_USB20 USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 30.00GB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 32213303296
Hidden sectors: 0
DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 134.00GB
Starting Offset: 32318160896
Hidden sectors: 0
DeviceID: Disk #0, Partition #3
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 134.00GB
Starting Offset: 176147136512
Hidden sectors: 0
DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 2.00GB
Starting Offset: 32256
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\assembly\GAC_32\*.ini >
< %systemroot%\assembly\GAC_64\*.ini >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*.exe >
< %APPDATA%\*. >
[2011/02/11 21:30:02 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Adobe
[2013/03/03 17:59:55 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Apple Computer
[2011/02/22 21:35:44 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\ArcSoft
[2013/03/23 19:54:30 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Dropbox
[2012/05/07 19:50:51 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\DVDVideoSoft
[2012/05/07 19:50:32 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/02/05 21:23:44 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Identities
[2011/02/05 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Intel Corporation
[2011/02/05 21:24:03 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Macromedia
[2013/03/28 21:34:14 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Malwarebytes
[2009/07/14 08:49:10 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Media Center Programs
[2012/01/14 17:33:45 | 000,000,000 | --SD | M] -- C:\Users\Computer\AppData\Roaming\Microsoft
[2011/02/11 23:04:52 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Mozilla
[2012/05/07 19:50:52 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\OpenCandy
[2012/09/23 02:16:34 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Skype
[2013/03/30 10:39:53 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Spotify
[2011/02/11 23:04:52 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Thunderbird
[2011/02/20 14:23:43 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Tific
[2011/02/11 21:26:13 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\U3
[2011/12/29 23:33:04 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\vlc
[2012/02/08 07:50:53 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Wave Systems Corp
[2013/03/11 13:01:30 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Windows Live Writer
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CSRSS.EXE >
[2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009/07/14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe
< MD5 for: EXPLORER.EXE >
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2010/07/14 14:52:30 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2010/07/14 14:52:30 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2010/02/04 11:20:17 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010/02/04 11:20:17 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2010/07/14 14:52:30 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: MSWSOCK.DLL >
[2009/07/14 02:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\System32\mswsock.dll
[2009/07/14 02:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010/11/20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
< MD5 for: NAPINSP.DLL >
[2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\System32\NapiNSP.dll
[2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
< MD5 for: NLAAPI.DLL >
[2009/07/14 02:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\System32\nlaapi.dll
[2009/07/14 02:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_675c4bea6c3ddad6\nlaapi.dll
[2010/11/20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_698d5fb2692c5e70\nlaapi.dll
< MD5 for: PNRPNSP.DLL >
[2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\System32\pnrpnsp.dll
[2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_71556bd683c82a7a\pnrpnsp.dll
< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/14 02:14:29 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=640A476C8867AEAAD8FF9F59A61AFE2F -- C:\Windows\System32\PrintIsolationHost.exe
[2009/07/14 02:14:29 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=640A476C8867AEAAD8FF9F59A61AFE2F -- C:\Windows\winsxs\x86_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_9c856911bff5c373\PrintIsolationHost.exe
< MD5 for: SERVICES.EXE >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: USER32.DLL >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/07/14 14:52:30 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2010/07/14 14:52:30 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2010/07/14 14:52:30 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WINRNR.DLL >
[2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\System32\winrnr.dll
[2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll
< MD5 for: WSHELPER.DLL >
[2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\System32\wshelper.dll
[2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\wshelper.dll
< C:\Windows\assembly\tmp\U\*.* /s >
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/06/24 12:45:52 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/06/24 12:45:52 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/06/24 12:45:52 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/02/02 05:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/02/02 05:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/03/11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/06/24 12:45:52 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/06/24 12:45:52 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/06/24 12:45:52 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/02/02 05:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/02/02 05:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %ProgramFiles%\WINDOWS NT\*.* /s >
[2010/06/29 05:57:58 | 004,247,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\wordpad.exe
[2009/07/14 02:16:20 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\WordpadFilter.dll
[2010/12/22 14:53:50 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\nl-NL\wordpad.exe.mui
[2009/07/14 02:16:15 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\TableTextService\TableTextService.dll
[2009/06/10 22:43:18 | 000,016,212 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceAmharic.txt
[2009/06/10 22:43:18 | 001,272,822 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceArray.txt
[2009/06/10 22:43:18 | 000,980,102 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceDaYi.txt
[2009/06/10 22:43:19 | 001,665,878 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt
[2009/06/10 22:43:19 | 001,445,430 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt
[2009/06/10 22:43:19 | 001,810,352 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt
[2009/06/10 22:43:19 | 000,044,968 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceYi.txt
[2010/12/22 14:53:39 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\TableTextService\nl-NL\TableTextService.dll.mui
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< End of report >
Extra.TXT
==========
OTL Extras logfile created on: 3/30/2013 10:44:47 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = F:\
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: België | Language: NLB | Date Format: d/MM/yyyy
2.93 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 66.72% Memory free
5.86 Gb Paging File | 4.83 Gb Available in Paging File | 82.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 133.95 Gb Total Space | 69.15 Gb Free Space | 51.62% Space Free | Partition Type: NTFS
Drive D: | 134.04 Gb Total Space | 131.72 Gb Free Space | 98.27% Space Free | Partition Type: NTFS
Drive F: | 1.87 Gb Total Space | 0.52 Gb Free Space | 27.86% Space Free | Partition Type: FAT32
Computer Name: COMPUTER-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A73DF18-C80B-486E-BFE3-B3FAA5F87F15}" = rport=445 | protocol=6 | dir=out | app=system |
"{290D86D3-41B6-4F54-9D74-39C00508E182}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32D8C5FF-7BF6-4401-9298-9253B22D8AC7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{35049AF1-4E0F-40E6-BDDF-514BD664C983}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{54F7D805-337F-4D7E-84C1-F419E0DE9EF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{70012085-1641-4DEE-B93F-D27732FDEBEA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7EF6A916-DAB7-4086-A1D1-22F3FE2DF6A5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{83F9A794-C6C2-4F99-B686-BB8856D8B00D}" = lport=138 | protocol=17 | dir=in | app=system |
"{926310A6-AECB-4B3C-B0B0-E0AB04E19438}" = lport=139 | protocol=6 | dir=in | app=system |
"{A3CAC058-2DF3-4680-8E77-1549FBE42EAD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A8B1E9BC-8CED-4C64-8A1B-72AAC5002F13}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AC0E4850-F9DD-4791-9E24-5FD62974074E}" = rport=138 | protocol=17 | dir=out | app=system |
"{B39232EF-58A6-4E1E-BEC5-4AA2F37619B9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BC1B0F93-9CAC-4468-B28B-9FD7E3925E7C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D36FB886-A4F2-4197-A4A5-AFC48C4D3A1F}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3DE191D-9531-47A7-94B1-2545DD6E9583}" = lport=137 | protocol=17 | dir=in | app=system |
"{DA92A731-B354-4B42-B743-D254F72D726A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E910009F-9765-45AF-8A29-35047A5F7DE1}" = rport=139 | protocol=6 | dir=out | app=system |
"{F2213612-C2F0-4BE0-AECC-A8026B699CBE}" = lport=445 | protocol=6 | dir=in | app=system |
"{FB530DA4-1C2C-47D1-939E-39454F55DBD2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8D66BA14-78DB-41ED-B8E3-AC39D3750B58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B007C912-CCB5-4A3D-8F07-379324F4EB15}" = protocol=1 | dir=out | [email protected],-28544 |
"{BED84125-DE6A-48FD-A58B-2CA4AA8FEAA4}" = protocol=1 | dir=in | [email protected],-28543 |
"{E6B17BCC-4B7E-442A-9919-ED88D60D60B8}" = protocol=58 | dir=in | [email protected],-28545 |
"{EF32F994-E3D6-4099-B395-F2AA3B6A241E}" = protocol=58 | dir=out | [email protected],-28546 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{06EED60F-7FFC-43A7-936E-AA4A8BD948B4}" = Windows Live Writer
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series" = Canon iP4900 series Printer Driver
"{1B947146-366B-42CD-86D5-219993CE3EE2}" = Windows Live MIME IFilter
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D44D783-D027-4135-AC39-81E320ED2D3A}" = Windows Live Family Safety
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4926AA2D-3C66-443D-A456-53AE3FA44144}" = Windows Live Family Safety
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA2A466-8031-403A-8236-5301B4E391FB}" = Windows Live UX Platform Language Pack
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4F2D3995-1EC5-3C05-B7E5-3449F802E6DE}" = Microsoft .NET Framework 4 Extended NLD Language Pack
"{50E735FE-2EFC-4694-9ED3-6826E0B0C13B}" = Bing Bar
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{743FD554-A73F-4FE8-BE7B-C283D16297F9}" = Photo Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{824563DE-75AD-4166-9DC0-B6482F206954}" = Belgium e-ID middleware 3.5.6 (build 6954)
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{83C9377F-5ED1-4AD8-B113-7C876AEAF3AB}" = Windows Live Messenger
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Framework
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
"{90140000-0015-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
"{90140000-0016-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
"{90140000-0018-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
"{90140000-0019-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
"{90140000-001A-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
"{90140000-001B-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
"{90140000-002C-0413-0000-0000000FF1CE}_Office14.SingleImage_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
"{90140000-006E-0413-0000-0000000FF1CE}_Office14.SingleImage_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
"{90140000-00A1-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E65215B-9DE9-401A-8541-C82FE2D2BC66}" = Acer SmartBoot
"{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI
"{AE8044B5-FCA3-4EBE-AC78-0FB3A6E8DC76}" = Movie Maker
"{B7F31B9C-8775-4500-8E9D-6ABE9AE17CF4}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D3DE876B-97FC-4380-8902-468FE51395B4}" = Nitro Reader 2
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F67CA22C-C11F-4573-8406-57F75BA06B51}" = Photo Gallery
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA75723A-BF4A-40A2-BFCB-BBC320C27DC9}" = Windows Live Mail
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEFD91C5-A25D-48D9-89DA-0FB7BB8B3EF7}" = Windows Live Writer Resources
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"C22EC48700B9B9C08DDC2C12DA3BD6F8EA0DFFDE" = Stuurprogrammapakket voor Windows - Fedict SmartCard (12/08/2009 4.0.0.3)
"Creative PD1130" = Creative WebCam NX Pro Driver (1.03.03.0326)
"eMindMaps" = eMindMaps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.21.504
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"iLivid" = iLivid
"iMesh" = iMesh
"iMesh 1 MediaBar" = MediaBar
"IncrediMail_MediaBar_Nederlands_2 Toolbar" = IncrediMail MediaBar Nederlands 2 Toolbar
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Extended - NLD
"Mozilla Thunderbird 17.0.4 (x86 nl)" = Mozilla Thunderbird 17.0.4 (x86 nl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAV" = Norton AntiVirus
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/23/2013 2:43:43 PM | Computer Name = Computer-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: rundll32.exe_shell32.dll, versie: 6.1.7600.16385,
tijdstempel: 0x4a5bc637 Naam van module met fout: ntdll.dll, versie: 6.1.7600.16915,
tijdstempel: 0x4ec49caf Uitzonderingscode: 0xc0000005 Foutoffset: 0x0002f963 Id van
proces met fout: 0x67c Starttijd van toepassing met fout: 0x01ce27f6573b3142 Pad
naar toepassing met fout: C:\Windows\System32\rundll32.exe Pad naar module met fout:
C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 95f4b7a1-93e9-11e2-b7ea-1078d2a4e77f
Error - 3/23/2013 2:48:29 PM | Computer Name = Computer-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: rundll32.exe_shell32.dll, versie: 6.1.7600.16385,
tijdstempel: 0x4a5bc637 Naam van module met fout: ntdll.dll, versie: 6.1.7600.16915,
tijdstempel: 0x4ec49caf Uitzonderingscode: 0xc0000005 Foutoffset: 0x0002f963 Id van
proces met fout: 0x11c4 Starttijd van toepassing met fout: 0x01ce27f7023609ad Pad
naar toepassing met fout: C:\Windows\System32\rundll32.exe Pad naar module met fout:
C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 406ca45d-93ea-11e2-b7ea-1078d2a4e77f
Error - 3/23/2013 2:53:51 PM | Computer Name = Computer-PC | Source = Schedule | ID = 0
Description =
Error - 3/23/2013 2:54:03 PM | Computer Name = Computer-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: AtService.exe, versie: 8.4.2.5, tijdstempel:
0x4a0ddea4 Naam van module met fout: AtService.exe, versie: 8.4.2.5, tijdstempel:
0x4a0ddea4 Uitzonderingscode: 0x40000015 Foutoffset: 0x000b1adb Id van proces met
fout: 0x340 Starttijd van toepassing met fout: 0x01ce27f7c0b01f57 Pad naar toepassing
met fout: C:\Program Files\Fingerprint Sensor\AtService.exe Pad naar module met
fout: C:\Program Files\Fingerprint Sensor\AtService.exe Rapport-id: 075cde40-93eb-11e2-b924-1078d2a4e77f
Error - 3/23/2013 3:00:25 PM | Computer Name = Computer-PC | Source = Schedule | ID = 0
Description =
Error - 3/23/2013 3:00:37 PM | Computer Name = Computer-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: AtService.exe, versie: 8.4.2.5, tijdstempel:
0x4a0ddea4 Naam van module met fout: AtService.exe, versie: 8.4.2.5, tijdstempel:
0x4a0ddea4 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0001be16 Id van proces met
fout: 0x348 Starttijd van toepassing met fout: 0x01ce27f8ad1fb66f Pad naar toepassing
met fout: C:\Program Files\Fingerprint Sensor\AtService.exe Pad naar module met
fout: C:\Program Files\Fingerprint Sensor\AtService.exe Rapport-id: f2790a86-93eb-11e2-b72f-1078d2a4e77f
Error - 3/23/2013 3:02:55 PM | Computer Name = Computer-PC | Source = Schedule | ID = 0
Description =
Error - 3/28/2013 3:24:18 PM | Computer Name = Computer-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: rundll32.exe_shell32.dll, versie: 6.1.7600.16385,
tijdstempel: 0x4a5bc637 Naam van module met fout: ntdll.dll, versie: 6.1.7600.16915,
tijdstempel: 0x4ec49caf Uitzonderingscode: 0xc0000005 Foutoffset: 0x0002f963 Id van
proces met fout: 0x10ac Starttijd van toepassing met fout: 0x01ce2be9d72fe28f Pad
naar toepassing met fout: C:\Windows\System32\rundll32.exe Pad naar module met fout:
C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 15830dc3-97dd-11e2-b72f-1078d2a4e77f
Error - 3/28/2013 3:36:33 PM | Computer Name = Computer-PC | Source = Schedule | ID = 0
Description =
Error - 3/28/2013 3:36:44 PM | Computer Name = Computer-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: AtService.exe, versie: 8.4.2.5, tijdstempel:
0x4a0ddea4 Naam van module met fout: AtService.exe, versie: 8.4.2.5, tijdstempel:
0x4a0ddea4 Uitzonderingscode: 0x40000015 Foutoffset: 0x000b1adb Id van proces met
fout: 0x348 Starttijd van toepassing met fout: 0x01ce2beb8b7a7c8f Pad naar toepassing
met fout: C:\Program Files\Fingerprint Sensor\AtService.exe Pad naar module met
fout: C:\Program Files\Fingerprint Sensor\AtService.exe Rapport-id: d22b524d-97de-11e2-aa34-1078d2a4e77f
[ System Events ]
Error - 3/30/2013 5:57:02 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = De WinHTTP Web Proxy Auto-Discovery Service-service is afhankelijk
van de DHCP-client-service, die vanwege de volgende fout niet kan worden gestart:
%%1068
Error - 3/30/2013 5:57:07 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7000
Description = De Ancillary Function Driver for Winsock-service kan vanwege de volgende
fout niet worden gestart: %%1058
Error - 3/30/2013 5:57:07 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = De DHCP-client-service is afhankelijk van de Ancillary Function Driver
for Winsock-service, die vanwege de volgende fout niet kan worden gestart: %%1058
Error - 3/30/2013 5:57:07 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = De WinHTTP Web Proxy Auto-Discovery Service-service is afhankelijk
van de DHCP-client-service, die vanwege de volgende fout niet kan worden gestart:
%%1068
Error - 3/30/2013 5:57:23 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7000
Description = De Ancillary Function Driver for Winsock-service kan vanwege de volgende
fout niet worden gestart: %%1058
Error - 3/30/2013 5:57:23 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = De DHCP-client-service is afhankelijk van de Ancillary Function Driver
for Winsock-service, die vanwege de volgende fout niet kan worden gestart: %%1058
Error - 3/30/2013 5:57:23 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = De WinHTTP Web Proxy Auto-Discovery Service-service is afhankelijk
van de DHCP-client-service, die vanwege de volgende fout niet kan worden gestart:
%%1068
Error - 3/30/2013 5:57:54 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7000
Description = De Ancillary Function Driver for Winsock-service kan vanwege de volgende
fout niet worden gestart: %%1058
Error - 3/30/2013 5:57:54 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = De DHCP-client-service is afhankelijk van de Ancillary Function Driver
for Winsock-service, die vanwege de volgende fout niet kan worden gestart: %%1058
Error - 3/30/2013 5:57:54 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = De WinHTTP Web Proxy Auto-Discovery Service-service is afhankelijk
van de DHCP-client-service, die vanwege de volgende fout niet kan worden gestart:
%%1068
< End of report >