Inactive Mebroot/ Torpig - desktop

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows XP Professional Service Pack 2 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
ATA_Read(): DeviceIoControl() ERROR 1
Boot sector MD5 is: 69cccfbb74623f0a8d61f6ab49d5681b

Size Device Name MBR Status
--------------------------------------------
19 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>


Done;
Press any key to quit...

 

won't work in any way
In all 4 cases got the message that "C:\Documents and Settings\Administrator\Desktop points to a location that doesn't exit or isn't accesible"
I AM logged on as Administrator

 

otl.txt 1of2

OTL logfile created on: 24-11-2011 18:46:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Bureaublad
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

511,53 Mb Total Physical Memory | 262,91 Mb Available Physical Memory | 51,40% Memory free
1,22 Gb Paging File | 0,95 Gb Available in Paging File | 77,83% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,13 Gb Total Space | 0,71 Gb Free Space | 3,73% Space Free | Partition Type: NTFS

Computer Name: XP-18 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-11-24 18:43:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Bureaublad\OTL.exe
PRC - [2011-06-29 08:58:40 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-04-28 18:47:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-03-04 13:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-01-14 20:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2007-07-27 20:38:26 | 000,087,416 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
PRC - [2007-06-13 14:24:02 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-04-13 08:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2006-06-06 15:28:35 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\CompuPicPro\scsiaccess.exe
PRC - [2001-07-09 01:11:22 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE
PRC - [2001-03-08 18:22:48 | 000,081,920 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\system32\mgabg.exe


========== Modules (No Company Name) ==========

MOD - [2010-08-09 23:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010-06-17 13:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2007-04-13 08:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2006-06-06 15:28:35 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\CompuPicPro\scsiaccess.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - [2011-06-29 08:58:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-04-28 18:47:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007-07-27 20:38:26 | 000,087,416 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe -- (JuniperAccessService)
SRV - [2007-04-13 08:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006-06-06 15:28:35 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\CompuPicPro\scsiaccess.exe -- (ScsiAccess)
SRV - [2001-07-09 01:11:22 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)
SRV - [2001-03-08 18:22:48 | 000,081,920 | ---- | M] (Matrox Graphics Inc.) [Auto | Running] -- C:\WINDOWS\system32\mgabg.exe -- (MGABGEXE)


========== Driver Services (SafeList) ==========

DRV - [2011-06-29 08:58:44 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-06-29 08:58:44 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 13:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 13:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007-01-25 16:04:24 | 000,054,656 | ---- | M] (Samsung electronics, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camav.sys -- (Camav)
DRV - [2007-01-25 15:33:00 | 000,012,160 | ---- | M] (Devguru Corporation, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camflt.sys -- (camflt)
DRV - [2005-12-14 18:06:46 | 000,078,336 | ---- | M] (Webroot Software (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\SSI.SYS -- (SSI)
DRV - [2005-09-07 16:42:06 | 000,087,792 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005-09-07 16:42:06 | 000,085,664 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005-09-07 16:42:04 | 000,096,224 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005-09-07 16:42:04 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005-09-07 16:42:00 | 000,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005-07-28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2004-08-04 07:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-03-21 11:34:08 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002-03-04 11:10:01 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2001-08-29 03:48:12 | 000,094,688 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\upatc.sys -- (UPATC)
DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001-08-15 00:00:00 | 000,086,330 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(r)
DRV - [2001-08-15 00:00:00 | 000,013,366 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2001-08-10 17:41:54 | 000,323,995 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\g550dhm.sys -- (G550DH)
DRV - [2001-07-09 01:12:20 | 000,057,136 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)
DRV - [2001-05-24 10:14:34 | 000,013,229 | ---- | M] (SCM Microsystems Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\Stltrk2k.sys -- (Stltrk2k)
DRV - [2001-03-08 18:22:16 | 000,005,500 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mgabg.sys -- (mgabg)
DRV - [2000-04-17 23:32:38 | 000,005,533 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utilnt.sys -- (UtilNT)
DRV - [1999-09-10 13:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
IE - HKU\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search... "
FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Engine Customized Web Search "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms} "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.nl/ "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=f0bb4ddb0000000000000004757c2b35&tlver=1.4.31.2&instlRef=sst&affID=100396&q= "
FF - prefs.js..network.proxy.http: "proxy.xs4all.nl "
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, 192.168.178.1, 192.168.1.254 "
FF - prefs.js..network.proxy.type: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 10\components [2011-03-01 09:06:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 10\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-24 00:17:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-14 20:21:27 | 000,000,000 | ---D | M]

[2008-09-03 00:15:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011-08-13 10:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2ed2ukxr.default\extensions
[2011-11-24 00:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-08-25 21:37:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-09-06 13:23:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011-11-24 00:17:41 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008-08-16 16:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2008-08-16 16:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2008-08-16 16:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2008-05-21 07:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2008-05-21 07:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2008-05-21 07:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2008-08-16 16:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2008-08-16 16:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2011-07-31 12:51:28 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-06-14 20:21:11 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011-06-14 20:21:11 | 000,001,892 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2011-06-14 20:21:11 | 000,004,558 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2011-06-14 20:21:11 | 000,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml
[2011-03-26 22:29:52 | 000,001,106 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-nl.xml

O1 HOSTS File: ([2011-11-21 23:08:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKU\S-1-5-21-448539723-630328440-682003330-500\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-630328440-682003330-500\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-630328440-682003330-500\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-630328440-682003330-500\..\Toolbar\WebBrowser: (no name) - {87775FDB-6972-41F9-AE51-8326E38CB206} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-630328440-682003330-500\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-630328440-682003330-500\..\Toolbar\WebBrowser: (LinkedIn Toolbar) - {BB670D0B-5C46-40C7-B38B-40DD26987723} - C:\Program Files\LinkedIn\IE Toolbar\3.2.3.1001\LinkedInIEToolbar.dll File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Sys32VContoller] C:\WINDOWS\system32\mwmmgr32\mwmmgr32.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-630328440-682003330-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akamai.net/7/1540/52...apple.com/sikes/nl/win/QuickTimeInstaller.exe (Reg Error: Key error.)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx (AcDcToday Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file://C:\Program Files\AutoCAD 2002\InstBanr.ocx (Reg Error: Key error.)
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file://C:\Program Files\AutoCAD 2002\InstFred.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab (Java Plug-in 1.3.1_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} http://www.cyclomedia.nl/download/components/CycloScopeLite.cab (CycloScopeLite Control)
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} https://gto.postbank.nl/GTO/PBGNX.cab (PBGNX Control)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD 2002\AcPreview.ocx (AcPreview Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = steenhuis.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E80B353A-F5DC-4CF8-B07E-245A7044178F}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - C:\WINDOWS\System32\WRLogonNtf.dll (Webroot Software, Inc.)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-01-09 14:11:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SsiEfr.e)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSACM.MSNAUDIO - C:\WINDOWS\System32\MSNAUDIO.ACM (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011-11-24 18:43:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Bureaublad\OTL.exe
[2011-11-23 13:02:57 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Documents and Settings\Administrator\Bureaublad\boot_cleaner.exe
[2011-11-22 22:28:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-11-22 20:26:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011-11-21 22:37:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-11-21 22:37:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-11-21 22:37:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-11-21 22:37:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-11-21 22:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-11-21 22:36:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-11-20 20:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Google Earth
[2011-11-20 17:14:14 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Bureaublad\tdsskiller.exe
[2011-11-19 23:50:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programma's\Systeembeheer
[2011-11-19 23:49:16 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrator\Bureaublad\dds.pif
[2011-11-16 18:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware
[2011-11-16 18:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011-11-16 18:57:57 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-11-16 18:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-11-16 18:56:06 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Administrator\Bureaublad\aswMBR.exe
[2007-07-27 20:37:24 | 000,069,632 | ---- | C] (Juniper Networks) -- C:\Documents and Settings\All Users\Application Data\NeoterisSetup.ocx
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-11-24 18:43:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Bureaublad\OTL.exe
[2011-11-24 12:01:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-11-24 10:15:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-11-24 08:09:55 | 000,005,492 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-11-24 08:09:51 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc8dfad2fbf0ee.job
[2011-11-24 08:09:51 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-11-24 07:34:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile
[2011-11-24 07:34:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-11-24 07:28:19 | 000,003,803 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011-11-24 07:25:11 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Administrator\Bureaublad\Snelkoppeling naar ComboFix.lnk
[2011-11-23 14:49:23 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011-11-23 13:53:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-11-21 23:08:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-11-21 22:56:13 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk
[2011-11-20 20:32:28 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Google Earth.lnk
[2011-11-20 17:14:23 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Bureaublad\tdsskiller.exe
[2011-11-19 23:49:20 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Bureaublad\dds.pif
[2011-11-19 14:02:28 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Bureaublad\bnqk76n3.exe
[2011-11-16 18:58:09 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes' Anti-Malware.lnk
[2011-11-16 18:56:17 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Administrator\Bureaublad\aswMBR.exe
[2011-10-31 10:21:23 | 000,508,910 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2011-10-31 10:21:23 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-10-31 10:21:23 | 000,090,586 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2011-10-31 10:21:23 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-11-24 07:25:11 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Administrator\Bureaublad\Snelkoppeling naar ComboFix.lnk
[2011-11-21 22:56:13 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk
[2011-11-21 22:37:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-11-21 22:37:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-11-21 22:37:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-11-21 22:37:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-11-21 22:37:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-11-20 20:32:28 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Google Earth.lnk
[2011-11-19 14:02:24 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Bureaublad\bnqk76n3.exe
[2011-11-16 18:58:09 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes' Anti-Malware.lnk
[2011-09-01 14:46:52 | 000,274,623 | ---- | C] () -- C:\WINDOWS\DJ Music Mixer Uninstaller.exe
[2011-06-17 19:48:48 | 000,172,032 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor2.dll
[2011-06-17 19:48:47 | 000,450,560 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor1.dll
[2010-08-04 10:20:31 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010-08-02 13:23:43 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2010-06-20 16:24:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-01-03 12:21:11 | 000,065,924 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009-10-23 08:40:05 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2009-09-13 10:15:08 | 000,002,900 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Config.nt.bak
[2009-09-13 10:15:07 | 000,265,464 | R--- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\hosts.bak
[2009-09-13 10:15:07 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Autoexec.nt.bak
[2009-04-11 09:39:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009-03-05 16:40:48 | 000,000,020 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008-05-12 19:02:50 | 000,000,669 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008-03-19 16:10:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2008-03-19 16:10:45 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2008-03-14 18:02:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008-02-24 08:24:49 | 000,000,716 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2008-02-23 09:22:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2008-02-09 20:42:38 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008-02-08 23:27:24 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008-02-06 23:11:24 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-01-28 21:06:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-01-16 01:03:47 | 003,686,454 | ---- | C] () -- C:\WINDOWS\CPICWPPR.DAT
[2008-01-09 14:01:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2008-01-09 14:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007-12-20 23:32:20 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2006-11-28 09:46:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\hlduinst.exe
[2006-11-28 09:46:05 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2006-06-07 11:11:15 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\islzma.dll
[2006-06-07 11:11:15 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\wrlzma.dll
[2006-06-07 11:11:10 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006-06-07 11:11:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006-04-17 11:12:58 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2006-02-02 13:46:35 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vcexts.sys
[2005-10-17 15:04:09 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\RXDDI.DLL
[2005-10-17 15:03:40 | 001,205,760 | ---- | C] () -- C:\WINDOWS\System32\GSLIB.DLL
[2005-10-17 15:03:38 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\SmArchive.dll
[2005-06-13 14:18:46 | 000,000,065 | ---- | C] () -- C:\WINDOWS\keyview.ini
[2004-10-21 15:48:47 | 000,000,036 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2004-10-21 15:44:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DYMOCFG.DLL
[2004-09-29 13:38:53 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-09-29 13:37:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004-09-28 15:48:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-15 14:48:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\xpscontrol.dll
[2004-03-04 14:00:53 | 000,000,560 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2003-11-17 17:09:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\DpiGUID.bin
[2003-05-15 12:37:57 | 000,000,788 | ---- | C] () -- C:\WINDOWS\StbView.INI
[2003-03-17 17:07:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqemlsz.INI
[2003-03-17 17:05:44 | 000,000,284 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
[2002-12-19 10:45:26 | 000,000,221 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2002-10-31 11:09:56 | 000,000,287 | ---- | C] () -- C:\WINDOWS\ips.INI
[2002-10-31 11:04:35 | 000,000,188 | ---- | C] () -- C:\WINDOWS\ks_stabu.ini
[2002-07-16 13:18:07 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vcext.sys
[2002-06-12 15:25:40 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2002-06-12 15:19:00 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2002-05-28 14:36:05 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2002-05-14 14:30:00 | 000,000,049 | ---- | C] () -- C:\WINDOWS\Job.ini
[2002-05-14 14:29:49 | 000,000,221 | ---- | C] () -- C:\WINDOWS\hserver.ini
[2002-05-14 14:28:17 | 000,000,222 | ---- | C] () -- C:\WINDOWS\BzUpdate.ini
[2002-05-14 14:28:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\JobComm.ini
[2002-05-14 14:19:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ocemenu.INI
[2002-03-12 17:32:39 | 000,000,420 | ---- | C] () -- C:\WINDOWS\XDCS_DO2.INI
[2002-03-04 11:09:58 | 000,005,678 | ---- | C] () -- C:\WINDOWS\Stabu300.ini
[2002-03-04 11:09:58 | 000,003,847 | ---- | C] () -- C:\WINDOWS\mainddes.ini
[2002-03-04 11:09:58 | 000,002,893 | ---- | C] () -- C:\WINDOWS\calcddes.ini
[2002-03-04 11:09:58 | 000,000,625 | ---- | C] () -- C:\WINDOWS\tradddes.ini
[2002-02-18 16:08:46 | 000,000,614 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2002-02-13 16:43:14 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2002-02-13 16:40:06 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2002-02-12 12:41:29 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2002-02-12 12:16:25 | 000,004,904 | ---- | C] () -- C:\WINDOWS\Stabu.ini
[2002-02-12 12:16:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\BAHASP.INI
[2002-01-29 08:47:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2002-01-24 12:28:54 | 000,003,803 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2002-01-09 14:57:20 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002-01-09 14:56:18 | 000,341,832 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002-01-09 14:35:13 | 000,000,508 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002-01-09 14:30:04 | 000,001,305 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2002-01-09 14:30:03 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2002-01-09 14:14:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002-01-09 14:08:23 | 000,021,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2001-09-07 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-09-07 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-09-07 13:00:00 | 000,508,910 | ---- | C] () -- C:\WINDOWS\System32\perfh013.dat
[2001-09-07 13:00:00 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-09-07 13:00:00 | 000,318,670 | ---- | C] () -- C:\WINDOWS\System32\perfi013.dat
[2001-09-07 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-09-07 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-09-07 13:00:00 | 000,090,586 | ---- | C] () -- C:\WINDOWS\System32\perfc013.dat
[2001-09-07 13:00:00 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-09-07 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-09-07 13:00:00 | 000,039,178 | ---- | C] () -- C:\WINDOWS\System32\perfd013.dat
[2001-09-07 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-09-07 13:00:00 | 000,028,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001-09-07 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-09-07 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-05-02 16:39:12 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\iPiWeb.dll
[2001-04-23 01:07:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\mtstack.exe
[2000-09-18 16:50:28 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

[2010-08-04 10:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Atari
[2008-09-20 21:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Autodesk
[2009-07-04 09:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011-07-31 12:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Babylon
[2011-07-31 16:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BabylonToolbar
[2011-01-24 23:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Belastingdienst
[2010-04-05 19:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2011-09-01 20:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo
[2010-02-08 23:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICAClient
[2010-07-11 16:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Juniper Networks
[2009-03-23 23:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LimeWirePlus
[2008-10-12 20:48:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LinkedIn
[2008-09-14 21:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
[2011-03-07 23:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\QuickScan
[2008-02-09 20:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2009-01-04 08:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sony
[2011-09-29 13:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Spotify
[2003-05-21 13:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Verzendmap van Share-to-Web
[2002-06-12 15:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.DOMAIN\Application Data\InterTrust
[2003-03-17 16:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator.DOMAIN\Application Data\Verzendmap van Share-to-Web
[2005-10-29 12:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\administrator.STEENHUIS\Application Data\Verzendmap van Share-to-Web
[2011-07-31 12:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2010-08-04 12:41:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011-10-24 15:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010-08-04 12:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2010-10-12 13:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2002-01-29 11:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\supervisor\Application Data\Autodesk
[2003-08-04 13:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\supervisor\Application Data\Verzendmap van Share-to-Web
[2011-11-23 13:53:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011-11-24 08:09:51 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011-03-26 18:12:21 | 000,173,019 | ---- | M] () -- C:\aaw7boot.log
[2002-01-09 14:11:55 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-09-16 18:38:54 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2001-09-07 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2002-01-09 14:11:55 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008-08-23 14:26:42 | 000,000,474 | ---- | M] () -- C:\debugInstaller.txt
[2008-09-09 09:44:18 | 000,001,394 | ---- | M] () -- C:\hardcopy.log
[2002-01-09 14:11:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-08-02 13:18:58 | 000,000,181 | ---- | M] () -- C:\LEGO Creator Knights Kingdom Error Log_0.log
[2002-01-09 14:11:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-09-30 11:19:02 | 000,047,564 | ---- | M] () -- C:\ntdetect.com
[2004-09-30 11:19:02 | 000,251,184 | ---- | M] () -- C:\ntldr
[2002-06-12 14:35:35 | 000,000,665 | -H-- | M] () -- C:\os434450.bin
[2011-11-24 07:33:53 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2003-11-18 10:41:02 | 000,000,006 | -H-- | M] () -- C:\SA.DAT
[2003-11-18 10:44:07 | 000,000,344 | ---- | M] () -- C:\tcmdr600.job
[2011-11-20 17:17:18 | 000,050,956 | ---- | M] () -- C:\TDSSKiller.2.6.19.0_20.11.2011_17.15.11_log.txt
[2011-11-20 22:25:56 | 000,050,220 | ---- | M] () -- C:\TDSSKiller.2.6.19.0_20.11.2011_21.50.00_log.txt

< %systemroot%\Fonts\*.com >
[2006-04-18 14:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-06-29 13:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 14:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-06-29 13:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2002-01-09 14:11:21 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007-03-18 21:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
[2007-03-18 21:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
[2008-07-06 13:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008-07-06 11:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2002-01-09 14:55:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2002-01-09 14:55:13 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2002-01-09 14:55:13 | 000,389,120 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2003-05-21 13:34:03 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureaublad weergeven.scf
[2005-03-08 15:23:26 | 000,000,189 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2005-10-29 12:40:24 | 000,002,412 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >
DJ Music Mixer Uninstaller.exe

 

otl.txt 2 of 2

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011-11-24 18:43:07 | 000,212,992 | -HS- | M] () -- C:\Documents and Settings\Administrator\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >
[2003-03-21 11:31:32 | 000,019,994 | ---- | M] () -- C:\WINDOWS\system32\fonts\ACADEMY_.PFB
[2003-03-21 11:31:32 | 000,000,932 | ---- | M] () -- C:\WINDOWS\system32\fonts\ACADEMY_.PFM
[2003-03-21 11:31:34 | 000,032,300 | ---- | M] () -- C:\WINDOWS\system32\fonts\ACADEMY_.TTF

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007-06-27 15:57:10 | 000,317,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
[26 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2004-08-04 09:03:06 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2003-02-05 11:32:34 | 000,014,860 | ---- | M] () -- C:\Program Files\Messenger\license.txt
[2002-12-17 11:23:22 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2002-12-17 11:23:22 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2003-02-05 11:32:34 | 000,000,898 | ---- | M] () -- C:\Program Files\Messenger\mailtmpl.txt
[2008-05-02 15:27:34 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2004-08-04 09:02:14 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2004-10-13 17:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002-09-09 22:08:42 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgsin.exe
[2002-12-17 11:23:18 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2002-12-17 11:23:18 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2002-12-17 11:23:18 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2003-04-14 20:00:56 | 000,203,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\rtcimsp.dll
[2002-12-17 11:23:24 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004-07-17 19:35:46 | 000,118,265 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[1999-09-10 13:06:00 | 000,004,672 | ---- | M] (Adaptec) -- C:\WINDOWS\system\wowpost.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

 

Extras.txt

OTL Extras logfile created on: 24-11-2011 18:46:28 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Bureaublad
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

511,53 Mb Total Physical Memory | 262,91 Mb Available Physical Memory | 51,40% Memory free
1,22 Gb Paging File | 0,95 Gb Available in Paging File | 77,83% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,13 Gb Total Space | 0,71 Gb Free Space | 3,73% Space Free | Partition Type: NTFS

Computer Name: XP-18 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabledxpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabledxpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabledxpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabledxpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabledxpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\wincmd\TOTALCMD.EXE" = C:\wincmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Program Files\sdu\_nti45\bin\search.exe" = C:\Program Files\sdu\_nti45\bin\search.exe:*:Enabled:Verity Publisher

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Hewlett-Packard\HP DeskJet 1220C Toolbox\HPW8TBX.exe" = C:\Program Files\Hewlett-Packard\HP DeskJet 1220C Toolbox\HPW8TBX.exe:*:Enabled:Toolbox for HP Printing System for Windows
"C:\WINDOWS\system32\drivers\svchost.exe" = C:\WINDOWS\system32\drivers\svchost.exe:*isabled:svchost
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\LimeWire Plus\LimeWire.exe" = C:\Program Files\LimeWire Plus\LimeWire.exe:*isabled:LimeWire
"C:\Program Files\Soulseek\slsk.exe" = C:\Program Files\Soulseek\slsk.exe:*isabled:SoulSeek
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*isabled:Azureus
"C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Juniper Citrix Services Client\dsCitrixProxy.exe" = C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Juniper Citrix Services Client\dsCitrixProxy.exe:*isabled:Juniper Citrix Services Client -- (Juniper Networks)
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe" = C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:*isabled:Sony Ericsson Media Manager 1.0 -- (Sony Creative Software Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02D81375-FD07-4BD9-98D1-001F73470B05}" = iPiWebTools
"{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}" = Civilization III
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}" = Microsoft .NET Framework 1.1 Dutch Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25826395-87CB-11D4-A5A9-00902766D8B5}" = Zoeksnoek 4.0.0.10
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{30F37D4B-96F8-4ABE-A4F6-CEEF65BED7F5}" = STABU Catalogus 2005-2
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97BD-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{412033BC-44CF-48D9-B813-4B835101F4D3}" = Adobe Illustrator 10
"{433CA92B-FFA2-4590-B562-E92A6627D4D4}" = DNR Ster
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{48E80C20-00B3-11D4-AA4A-00C0580802FD}" = USB CF Reader
"{5084E38F-D827-4E3F-9273-179EF2A3C080}" = STABU Catalogus 2006-2
"{5783F2D7-0101-0409-0002-0060B0CE6BBA}" = AutoCAD 2002
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C02E991-0A9B-431E-A358-14A3B6E91E50}" = RI&E MKB Bouwnijverheid
"{5F25AD2D-9112-4337-9EBD-341E80E9269E}" = STABU Catalogus 2004-2
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8047DAF8-FB82-11D4-A5AA-00902766D8B5}" = Droomstroom 3.2
"{8169F836-5507-405E-A904-7A20FDA8A44E}" = STABU Catalogus 2006-1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A930FA1-5C79-4649-894D-A037DE6F8298}" = Ambrasoft Familiepakket 0809
"{90300413-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91110413-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91190413-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{990036E7-D647-45A4-8F7F-1CB277EF0ABD}" = RollerCoaster Tycoon 3 Demo
"{9984DF60-1C5B-11D3-ACA1-908A4FC10801}" = Intel Application Accelerator
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A637F36B-2B36-11D4-A322-0001020A6A3D}" = LEGO Creator Knights Kingdom
"{A6871F03-E140-4559-8940-AD1CC3D58CEE}" = Sony Ericsson PC Suite
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1043-7B44-A90000000001}" = Adobe Reader 9 - Nederlands
"{AF1EC979-D1D4-11D5-B96B-0050BA1B9371}" = USB Flash HDD Series Driver v1.17r022
"{B1AD83A0-DC92-41E3-B111-E9472349768C}" = RollerCoaster Tycoon 2
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7666229-351B-47D9-AA6F-DF777CF04BBF}" = Caesar IV
"{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}" = RollerCoaster Tycoon 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D610D81C-36EE-4E1B-8346-1F515A5AF032}" = Microsoft .NET Framework 2.0 Language Pack - NLD
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DC246F7B-89B9-4C5A-94AE-23E71D1E6289}" = FBS-STABU Index 2002-2
"{DC6D93EB-D7E2-4309-B634-7F2A2E50D1D9}_is1" = SpaceTheremin 1.01
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E21781C6-A53F-48DB-905D-6323EFE947BF}" = Sony Ericsson Media Manager 1.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-uitbreiding voor de wizard Cd branden van Microsoft Windows XP
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"ActiveXControlPad" = Microsoft ActiveX Control Pad
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe InDesign 2.0" = Adobe InDesign 2.0
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AdobeESD" = Adobe Download Manager 2.0 (alleen verwijderen)
"AnswerWorks" = AnswerWorks Runtime
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner (remove only)
"CompuPic Pro" = CompuPic Pro
"DeltaPi40_is1" = DeltaPi 4 voor AutoCAD 2002
"DJ Music Mixer" = DJ Music Mixer
"DJMIXPRO1fdp_is1" = DJ Mixer Professional for Win 2.0.3
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Gebruikersregistratie voor Canon MP210 series" = Gebruikersregistratie voor Canon MP210 series
"Google Updater" = Google Updater
"Hardlock Device Drivers" = Hardlock Device Drivers
"HijackThis" = HijackThis 2.0.2
"IBIS-STABU 2.30" = IBIS-STABU 2.30
"IBIS-STABU 3.00" = IBIS-STABU 3.00
"ie8" = Windows Internet Explorer 8
"Jeugdjournaal Screensaver" = Jeugdjournaal Screensaver
"JRE 1.3.1_02" = Java 2 Runtime Environment Standard Edition v1.3.1_02
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Kinderopvangtoeslag 2010" = Kinderopvangtoeslag 2010
"Kinderopvangtoeslag 2011" = Kinderopvangtoeslag 2011
"KRISTAL Audio Engine" = KRISTAL Audio Engine
"LEGO Stunt Rally" = Stuntrally
"LinkedIn Internet Explorer Toolbar" = LinkedIn Internet Explorer Toolbar
"LMS" = C-Dilla Licence Management System
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Matrox Graphics Uninstaller" = Matrox Graphics Software (remove only)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - NLD" = Microsoft .NET Framework 2.0 Language Pack - NLD
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0b12 (x86 nl)" = Mozilla Firefox 4.0b12 (x86 nl)
"Mozilla Firefox 8.0.1 (x86 nl)" = Mozilla Firefox 8.0.1 (x86 nl)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OpenAL" = OpenAL
"Overkill" = Overkill
"PDF-XChange 3_is1" = PDF-XChange 3.0
"PercussionStudio3" = PercussionStudio3
"Picasa 3" = Picasa 3
"Pixillion" = Pixillion Image Converter
"PTRUE2_is1" = PhotoTrue 2.4
"Red Alert 2" = Command & Conquer Red Alert 2
"Repro Desk" = Repro Desk
"RollerCoaster Tycoon Setup" = Roll
"Samsung_SEDG" = Samsung Video Codec 1.2.5009 Uninstall
"SetupService" = Juniper Installer Service
"Shockwave" = Shockwave
"Spotify" = Spotify
"ToggleEN Toolbar" = ToggleEN Toolbar
"ToolBox" = NCH Toolbox
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrentBar_NL Toolbar" = uTorrentBar_NL Toolbar
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"Vopt 9" = Vopt 9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WOLAPI" = Westwood Shared Internet Components
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.1.0.366
"Juniper_Citrix_Services" = Juniper Citrix Services Client
"Juniper_Setup_Client" = Juniper Networks Setup Client

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22-11-2011 19:05:41 | Computer Name = XP-18 | Source = Userenv | ID = 1054
Description = Kan de domeincontrollernaam voor het computernetwerk niet verkrijgen.
Het opgegeven domein bestaat niet of kan geen contact maken met dit domein. . Het
verwerken van het groepsbeleid wordt afgebroken.

Error - 22-11-2011 19:06:51 | Computer Name = XP-18 | Source = AutoEnrollment | ID = 15
Description = De automatische certificaatinschrijving voor lokaal systeem kan geen
contact krijgen met de Active Directory 0x8007054b. Het opgegeven domein bestaat
niet of kan geen contact maken met dit domein. . De inschrijving wordt niet uitgevoerd.

Error - 23-11-2011 7:53:22 | Computer Name = XP-18 | Source = Userenv | ID = 1054
Description = Kan de domeincontrollernaam voor het computernetwerk niet verkrijgen.
Het opgegeven domein bestaat niet of kan geen contact maken met dit domein. . Het
verwerken van het groepsbeleid wordt afgebroken.

Error - 23-11-2011 7:54:23 | Computer Name = XP-18 | Source = AutoEnrollment | ID = 15
Description = De automatische certificaatinschrijving voor lokaal systeem kan geen
contact krijgen met de Active Directory 0x8007054b. Het opgegeven domein bestaat
niet of kan geen contact maken met dit domein. . De inschrijving wordt niet uitgevoerd.

Error - 23-11-2011 15:54:23 | Computer Name = XP-18 | Source = AutoEnrollment | ID = 15
Description = De automatische certificaatinschrijving voor lokaal systeem kan geen
contact krijgen met de Active Directory 0x8007054b. Het opgegeven domein bestaat
niet of kan geen contact maken met dit domein. . De inschrijving wordt niet uitgevoerd.

Error - 23-11-2011 23:54:23 | Computer Name = XP-18 | Source = AutoEnrollment | ID = 15
Description = De automatische certificaatinschrijving voor lokaal systeem kan geen
contact krijgen met de Active Directory 0x8007054b. Het opgegeven domein bestaat
niet of kan geen contact maken met dit domein. . De inschrijving wordt niet uitgevoerd.

Error - 24-11-2011 2:34:21 | Computer Name = XP-18 | Source = Userenv | ID = 1054
Description = Kan de domeincontrollernaam voor het computernetwerk niet verkrijgen.
Het opgegeven domein bestaat niet of kan geen contact maken met dit domein. . Het
verwerken van het groepsbeleid wordt afgebroken.

Error - 24-11-2011 2:35:14 | Computer Name = XP-18 | Source = crypt32 | ID = 131080
Description = Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
opvragen van de automatische update van het basislijstvolgordenummer van derden
is mislukt met de fout: A connection with the server could not be established

Error - 24-11-2011 2:35:25 | Computer Name = XP-18 | Source = AutoEnrollment | ID = 15
Description = De automatische certificaatinschrijving voor lokaal systeem kan geen
contact krijgen met de Active Directory 0x8007054b. Het opgegeven domein bestaat
niet of kan geen contact maken met dit domein. . De inschrijving wordt niet uitgevoerd.

Error - 24-11-2011 10:35:25 | Computer Name = XP-18 | Source = AutoEnrollment | ID = 15
Description = De automatische certificaatinschrijving voor lokaal systeem kan geen
contact krijgen met de Active Directory 0x8007054b. Het opgegeven domein bestaat
niet of kan geen contact maken met dit domein. . De inschrijving wordt niet uitgevoerd.

[ System Events ]
Error - 24-11-2011 2:31:28 | Computer Name = XP-18 | Source = Service Control Manager | ID = 7001
Description = De Mobiel Apple apparaat-service is afhankelijk van de Stuurprogramma
voor TCP/IP-protocol-service, die vanwege de volgende fout niet kan worden gestart:
%%31

Error - 24-11-2011 2:31:28 | Computer Name = XP-18 | Source = Service Control Manager | ID = 7001
Description = De Bonjour-service-service is afhankelijk van de Stuurprogramma voor
TCP/IP-protocol-service, die vanwege de volgende fout niet kan worden gestart:
%%31

Error - 24-11-2011 2:31:28 | Computer Name = XP-18 | Source = Service Control Manager | ID = 7001
Description = De IPSEC-services-service is afhankelijk van de IPSEC-stuurprogramma-service,
die vanwege de volgende fout niet kan worden gestart: %%31

Error - 24-11-2011 2:31:28 | Computer Name = XP-18 | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: AFD avgio avipbb
Beep
Fips
IPSec
Lbd
MRxSmb
NetBIOS
NetBT
Processor
RasAcd
Rdbss
ssmdrv
Tcpip

Error - 24-11-2011 2:31:47 | Computer Name = XP-18 | Source = DCOM | ID = 10005
Description = DCOM kreeg foutmelding '%1084' bij het starten van de EventSystem-service
met de argumenten '' om de server {1BE1F766-5536-11D1-B726-00C04FB926AF} te starten

Error - 24-11-2011 2:32:53 | Computer Name = XP-18 | Source = DCOM | ID = 10005
Description = DCOM kreeg foutmelding '%1084' bij het starten van de EventSystem-service
met de argumenten '' om de server {1BE1F766-5536-11D1-B726-00C04FB926AF} te starten

Error - 24-11-2011 2:34:21 | Computer Name = XP-18 | Source = NETLOGON | ID = 5719
Description = Er is geen domeincontroller beschikbaar voor domein STEENHUIS met
als reden: %%1311. Zorg ervoor dat de computer op het netwerk is aangesloten en probeer
het opnieuw. Neem contact met de domeinbeheerder op als het probleem blijft bestaan.

Error - 24-11-2011 2:35:21 | Computer Name = XP-18 | Source = Service Control Manager | ID = 7026
Description = De volgende opstartstuurprogramma's zijn niet geladen: Beep Lbd

Error - 24-11-2011 6:34:23 | Computer Name = XP-18 | Source = NETLOGON | ID = 5719
Description = Er is geen domeincontroller beschikbaar voor domein STEENHUIS met
als reden: %%1311. Zorg ervoor dat de computer op het netwerk is aangesloten en probeer
het opnieuw. Neem contact met de domeinbeheerder op als het probleem blijft bestaan.

Error - 24-11-2011 10:34:24 | Computer Name = XP-18 | Source = NETLOGON | ID = 5719
Description = Er is geen domeincontroller beschikbaar voor domein STEENHUIS met
als reden: %%1311. Zorg ervoor dat de computer op het netwerk is aangesloten en probeer
het opnieuw. Neem contact met de domeinbeheerder op als het probleem blijft bestaan.


< End of report >

 

11252011_012309

All processes killed
Error: Unable to interpret <Code:> in the current context!
========== OTL ==========
Service PEVSystemStart stopped successfully!
Service PEVSystemStart deleted successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5}\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{038CB5C7-48EA-4AF9-94E0-A1646542E62B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{87775FDB-6972-41F9-AE51-8326E38CB206} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87775FDB-6972-41F9-AE51-8326E38CB206}\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-630328440-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BB670D0B-5C46-40C7-B38B-40DD26987723} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB670D0B-5C46-40C7-B38B-40DD26987723}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Sys32VContoller deleted successfully.
Starting removal of ActiveX control {41F17733-B041-4099-A042-B518BB6A408C}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{41F17733-B041-4099-A042-B518BB6A408C}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{41F17733-B041-4099-A042-B518BB6A408C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41F17733-B041-4099-A042-B518BB6A408C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{41F17733-B041-4099-A042-B518BB6A408C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41F17733-B041-4099-A042-B518BB6A408C}\ not found.
File 720-B4F5-11D4-A415-00108302FDFD} file://C:\Program Files\AutoCAD 2002\InstBanr.ocx not found.
Starting removal of ActiveX control {AE563720-B4F5-11D4-A415-00108302FDFD}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{AE563720-B4F5-11D4-A415-00108302FDFD}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{AE563720-B4F5-11D4-A415-00108302FDFD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE563720-B4F5-11D4-A415-00108302FDFD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{AE563720-B4F5-11D4-A415-00108302FDFD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE563720-B4F5-11D4-A415-00108302FDFD}\ not found.
File 286-300D-11D4-AE0A-0010830243BD} file://C:\Program Files\AutoCAD 2002\InstFred.ocx not found.
Starting removal of ActiveX control {C6637286-300D-11D4-AE0A-0010830243BD}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C6637286-300D-11D4-AE0A-0010830243BD}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C6637286-300D-11D4-AE0A-0010830243BD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C6637286-300D-11D4-AE0A-0010830243BD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C6637286-300D-11D4-AE0A-0010830243BD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C6637286-300D-11D4-AE0A-0010830243BD}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 3607569 bytes
->Temporary Internet Files folder emptied: 1571883 bytes
->Java cache emptied: 5747803 bytes
->FireFox cache emptied: 53327734 bytes
->Flash cache emptied: 2934704 bytes

User: Administrator.DOMAIN
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: administrator.STEENHUIS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: ADMINI~1~DOM

User: ahi.STEENHUIS
->Temporary Internet Files folder emptied: 7857 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: scan
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: supervisor
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1158191 bytes
%systemroot%\System32 .tmp files removed: 5555229 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49906 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 514016 bytes
RecycleBin emptied: 44611187 bytes

Total Files Cleaned = 114,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Administrator.DOMAIN

User: administrator.STEENHUIS

User: ADMINI~1~DOM

User: ahi.STEENHUIS

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: scan

User: supervisor

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11252011_012309

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\ahi.STEENHUIS\Local Settings\Temporary Internet Files\Content.IE5\VPYUXD6P\253Atom%252520tom%253Bto%253A1%253Blt%253Azip%253Blx%253A%253Bly%253A%253Bosi%253A2%26rc%3D1&u_h=1024&u_w=1280&u_ah=994&u_aw=1280&u_cd=32&u_tz=120&u_his=11&u_java=true not found!
File\Folder C:\Documents and Settings\ahi.STEENHUIS\Local Settings\Temporary Internet Files\Content.IE5\K9KROR8J\%253Atom%252520tom%253Bto%253A1%253Blt%253Azip%253Blx%253A%253Bly%253A%253Bosi%253A2%26rc%3D1&u_h=1024&u_w=1280&u_ah=994&u_aw=1280&u_cd=32&u_tz=120&u_his=9&u_java=true not found!
File\Folder C:\Documents and Settings\ahi.STEENHUIS\Local Settings\Temporary Internet Files\Content.IE5\CVC9P0HH\cx%3D1280%26scy%3D1024%26scc%3D32%26sta%3D%2C%2C%2C1%2C%2C%2C%2C%2C%2C%2C0%2C6%2C0%2C5318%2C5278%2C5029%2C10242%2C0%26iid%3D205035%26bid%3D760286%26dat%3D;ord=00423694 not found!
File\Folder C:\Documents and Settings\ahi.STEENHUIS\Local Settings\Temporary Internet Files\Content.IE5\2V8R6JAH\ad.ilse[1]. not found!
File\Folder C:\Documents and Settings\ahi.STEENHUIS\Local Settings\Temporary Internet Files\Content.IE5\0D2R05MN\520tom%253Bto%253A1%253Blt%253Azip%253Blx%253A%253Bly%253A%253Bosi%253A2%3Bl1%3A48%3Bl2%3A53&u_h=1024&u_w=1280&u_ah=994&u_aw=1280&u_cd=32&u_tz=120&u_his=10&u_java=true not found!

Registry entries deleted on Reboot...

 

OTL.txt

OTL logfile created on: 25-11-2011 1:34:24 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Bureaublad
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

511,53 Mb Total Physical Memory | 48,51 Mb Available Physical Memory | 9,48% Memory free
1,22 Gb Paging File | 0,78 Gb Available in Paging File | 63,65% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,13 Gb Total Space | 0,91 Gb Free Space | 4,78% Space Free | Partition Type: NTFS

Computer Name: XP-18 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-11-24 18:43:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Bureaublad\OTL.exe
PRC - [2011-11-24 00:17:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-06-29 08:58:40 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-04-28 18:47:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-03-04 13:36:51 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-01-14 20:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2007-07-27 20:38:26 | 000,087,416 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
PRC - [2007-06-13 14:24:02 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-04-13 08:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2006-06-06 15:28:35 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\CompuPicPro\scsiaccess.exe
PRC - [2001-07-09 01:11:22 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE
PRC - [2001-03-08 18:22:48 | 000,081,920 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\system32\mgabg.exe


========== Modules (No Company Name) ==========

MOD - [2011-11-24 00:17:37 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-09-01 20:11:55 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010-08-09 23:01:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010-06-17 13:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2007-04-13 08:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2006-06-06 15:28:35 | 000,181,312 | ---- | M] () -- C:\Program Files\Photodex\CompuPicPro\scsiaccess.exe


========== Win32 Services (SafeList) ==========

SRV - [2011-06-29 08:58:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-04-28 18:47:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007-07-27 20:38:26 | 000,087,416 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe -- (JuniperAccessService)
SRV - [2007-04-13 08:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006-06-06 15:28:35 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\CompuPicPro\scsiaccess.exe -- (ScsiAccess)
SRV - [2001-07-09 01:11:22 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)
SRV - [2001-03-08 18:22:48 | 000,081,920 | ---- | M] (Matrox Graphics Inc.) [Auto | Running] -- C:\WINDOWS\system32\mgabg.exe -- (MGABGEXE)


========== Driver Services (SafeList) ==========

DRV - [2011-06-29 08:58:44 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-06-29 08:58:44 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 13:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 13:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007-01-25 16:04:24 | 000,054,656 | ---- | M] (Samsung electronics, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camav.sys -- (Camav)
DRV - [2007-01-25 15:33:00 | 000,012,160 | ---- | M] (Devguru Corporation, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camflt.sys -- (camflt)
DRV - [2005-12-14 18:06:46 | 000,078,336 | ---- | M] (Webroot Software (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\SSI.SYS -- (SSI)
DRV - [2005-09-07 16:42:06 | 000,087,792 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mgmt.sys -- (w800mgmt)
DRV - [2005-09-07 16:42:06 | 000,085,664 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800obex.sys -- (w800obex)
DRV - [2005-09-07 16:42:04 | 000,096,224 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdm.sys -- (w800mdm)
DRV - [2005-09-07 16:42:04 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800mdfl.sys -- (w800mdfl)
DRV - [2005-09-07 16:42:00 | 000,060,768 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w800bus.sys -- (w800bus) Sony Ericsson W800 driver (WDM)
DRV - [2005-07-28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2004-08-04 07:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003-03-21 11:34:08 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002-03-04 11:10:01 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2001-08-29 03:48:12 | 000,094,688 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\upatc.sys -- (UPATC)
DRV - [2001-08-17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2001-08-15 00:00:00 | 000,086,330 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(r)
DRV - [2001-08-15 00:00:00 | 000,013,366 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2001-08-10 17:41:54 | 000,323,995 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\g550dhm.sys -- (G550DH)
DRV - [2001-07-09 01:12:20 | 000,057,136 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)
DRV - [2001-05-24 10:14:34 | 000,013,229 | ---- | M] (SCM Microsystems Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\Stltrk2k.sys -- (Stltrk2k)
DRV - [2001-03-08 18:22:16 | 000,005,500 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mgabg.sys -- (mgabg)
DRV - [2000-04-17 23:32:38 | 000,005,533 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utilnt.sys -- (UtilNT)
DRV - [1999-09-10 13:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search... "
FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Engine Customized Web Search "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms} "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.nl/ "
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://search.babylon.com/?babsrc=SP_ss&mntrId=f0bb4ddb0000000000000004757c2b35&tlver=1.4.31.2&instlRef=sst&affID=100396&q= "
FF - prefs.js..network.proxy.http: "proxy.xs4all.nl "
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, 192.168.178.1, 192.168.1.254 "
FF - prefs.js..network.proxy.type: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 10\components [2011-03-01 09:06:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b12\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 10\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-24 00:17:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-14 20:21:27 | 000,000,000 | ---D | M]

[2008-09-03 00:15:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011-08-13 10:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2ed2ukxr.default\extensions
[2011-11-24 00:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009-08-25 21:37:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-09-06 13:23:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011-11-24 00:17:41 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008-08-16 16:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2008-08-16 16:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2008-08-16 16:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2008-05-21 07:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2008-05-21 07:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2008-05-21 07:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2008-08-16 16:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2008-08-16 16:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2011-07-31 12:51:28 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-06-14 20:21:11 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011-06-14 20:21:11 | 000,001,892 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2011-06-14 20:21:11 | 000,004,558 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2011-06-14 20:21:11 | 000,001,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml
[2011-03-26 22:29:52 | 000,001,106 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-nl.xml

O1 HOSTS File: ([2011-11-21 23:08:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx (AcDcToday Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab (Java Plug-in 1.3.1_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} http://www.cyclomedia.nl/download/components/CycloScopeLite.cab (CycloScopeLite Control)
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} https://gto.postbank.nl/GTO/PBGNX.cab (PBGNX Control)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file://C:\Program Files\AutoCAD 2002\AcPreview.ocx (AcPreview Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = steenhuis.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E80B353A-F5DC-4CF8-B07E-245A7044178F}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WRNotifier: DllName - (WRLogonNTF.dll) - C:\WINDOWS\System32\WRLogonNtf.dll (Webroot Software, Inc.)
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002-01-09 14:11:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SsiEfr.e)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-11-25 01:23:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-11-24 18:43:43 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Bureaublad\OTL.exe
[2011-11-23 13:02:57 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Documents and Settings\Administrator\Bureaublad\boot_cleaner.exe
[2011-11-22 22:28:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011-11-22 20:26:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011-11-21 22:37:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011-11-21 22:37:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011-11-21 22:37:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011-11-21 22:37:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011-11-21 22:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011-11-21 22:36:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011-11-20 20:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Google Earth
[2011-11-20 17:14:14 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Bureaublad\tdsskiller.exe
[2011-11-19 23:50:02 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programma's\Systeembeheer
[2011-11-19 23:49:16 | 000,607,017 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrator\Bureaublad\dds.pif
[2011-11-16 18:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware
[2011-11-16 18:58:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011-11-16 18:57:57 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011-11-16 18:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-11-16 18:56:06 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Administrator\Bureaublad\aswMBR.exe
[2007-07-27 20:37:24 | 000,069,632 | ---- | C] (Juniper Networks) -- C:\Documents and Settings\All Users\Application Data\NeoterisSetup.ocx

========== Files - Modified Within 30 Days ==========

[2011-11-25 01:26:39 | 000,005,492 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-11-25 01:26:32 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc8dfad2fbf0ee.job
[2011-11-25 01:26:32 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011-11-25 01:26:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TempFile
[2011-11-25 01:26:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-11-24 18:43:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Bureaublad\OTL.exe
[2011-11-24 12:01:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011-11-24 10:15:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011-11-24 07:28:19 | 000,003,803 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011-11-24 07:25:11 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Administrator\Bureaublad\Snelkoppeling naar ComboFix.lnk
[2011-11-23 14:49:23 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011-11-23 13:53:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011-11-21 23:08:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011-11-21 22:56:13 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk
[2011-11-20 20:32:28 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Google Earth.lnk
[2011-11-20 17:14:23 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Bureaublad\tdsskiller.exe
[2011-11-19 23:49:20 | 000,607,017 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Bureaublad\dds.pif
[2011-11-19 14:02:28 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Bureaublad\bnqk76n3.exe
[2011-11-16 18:58:09 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes' Anti-Malware.lnk
[2011-11-16 18:56:17 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Administrator\Bureaublad\aswMBR.exe
[2011-10-31 10:21:23 | 000,508,910 | ---- | M] () -- C:\WINDOWS\System32\perfh013.dat
[2011-10-31 10:21:23 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-10-31 10:21:23 | 000,090,586 | ---- | M] () -- C:\WINDOWS\System32\perfc013.dat
[2011-10-31 10:21:23 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2011-11-24 07:25:11 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Administrator\Bureaublad\Snelkoppeling naar ComboFix.lnk
[2011-11-21 22:56:13 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk
[2011-11-21 22:37:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011-11-21 22:37:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011-11-21 22:37:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011-11-21 22:37:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011-11-21 22:37:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011-11-20 20:32:28 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Google Earth.lnk
[2011-11-19 14:02:24 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Bureaublad\bnqk76n3.exe
[2011-11-16 18:58:09 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Bureaublad\Malwarebytes' Anti-Malware.lnk
[2011-09-01 14:46:52 | 000,274,623 | ---- | C] () -- C:\WINDOWS\DJ Music Mixer Uninstaller.exe
[2011-06-17 19:48:48 | 000,172,032 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor2.dll
[2011-06-17 19:48:47 | 000,450,560 | R--- | C] () -- C:\WINDOWS\System32\mcs_cor1.dll
[2010-08-04 10:20:31 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010-08-02 13:23:43 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2010-06-20 16:24:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-01-03 12:21:11 | 000,065,924 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009-10-23 08:40:05 | 000,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2009-09-13 10:15:08 | 000,002,900 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Config.nt.bak
[2009-09-13 10:15:07 | 000,265,464 | R--- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\hosts.bak
[2009-09-13 10:15:07 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Autoexec.nt.bak
[2009-04-11 09:39:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009-03-05 16:40:48 | 000,000,020 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008-05-12 19:02:50 | 000,000,669 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008-03-19 16:10:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2008-03-19 16:10:45 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2008-03-14 18:02:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008-02-24 08:24:49 | 000,000,716 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2008-02-23 09:22:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2008-02-09 20:42:38 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2008-02-08 23:27:24 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2008-02-06 23:11:24 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-01-28 21:06:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008-01-16 01:03:47 | 003,686,454 | ---- | C] () -- C:\WINDOWS\CPICWPPR.DAT
[2008-01-09 14:01:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2008-01-09 14:01:48 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007-12-20 23:32:20 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2006-11-28 09:46:06 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\hlduinst.exe
[2006-11-28 09:46:05 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2006-06-07 11:11:15 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\islzma.dll
[2006-06-07 11:11:15 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\wrlzma.dll
[2006-06-07 11:11:10 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006-06-07 11:11:10 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006-04-17 11:12:58 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2006-02-02 13:46:35 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vcexts.sys
[2005-10-17 15:04:09 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\RXDDI.DLL
[2005-10-17 15:03:40 | 001,205,760 | ---- | C] () -- C:\WINDOWS\System32\GSLIB.DLL
[2005-10-17 15:03:38 | 000,150,016 | ---- | C] () -- C:\WINDOWS\System32\SmArchive.dll
[2005-06-13 14:18:46 | 000,000,065 | ---- | C] () -- C:\WINDOWS\keyview.ini
[2004-10-21 15:48:47 | 000,000,036 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2004-10-21 15:44:22 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\DYMOCFG.DLL
[2004-09-29 13:38:53 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004-09-29 13:37:55 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004-09-28 15:48:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004-07-15 14:48:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\xpscontrol.dll
[2004-03-04 14:00:53 | 000,000,560 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2003-11-17 17:09:14 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\DpiGUID.bin
[2003-05-15 12:37:57 | 000,000,788 | ---- | C] () -- C:\WINDOWS\StbView.INI
[2003-03-17 17:07:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqemlsz.INI
[2003-03-17 17:05:44 | 000,000,284 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
[2002-12-19 10:45:26 | 000,000,221 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2002-10-31 11:09:56 | 000,000,287 | ---- | C] () -- C:\WINDOWS\ips.INI
[2002-10-31 11:04:35 | 000,000,188 | ---- | C] () -- C:\WINDOWS\ks_stabu.ini
[2002-07-16 13:18:07 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vcext.sys
[2002-06-12 15:25:40 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2002-06-12 15:19:00 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2002-05-28 14:36:05 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\vchelpex.sys
[2002-05-14 14:30:00 | 000,000,049 | ---- | C] () -- C:\WINDOWS\Job.ini
[2002-05-14 14:29:49 | 000,000,221 | ---- | C] () -- C:\WINDOWS\hserver.ini
[2002-05-14 14:28:17 | 000,000,222 | ---- | C] () -- C:\WINDOWS\BzUpdate.ini
[2002-05-14 14:28:17 | 000,000,029 | ---- | C] () -- C:\WINDOWS\JobComm.ini
[2002-05-14 14:19:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ocemenu.INI
[2002-03-12 17:32:39 | 000,000,420 | ---- | C] () -- C:\WINDOWS\XDCS_DO2.INI
[2002-03-04 11:09:58 | 000,005,678 | ---- | C] () -- C:\WINDOWS\Stabu300.ini
[2002-03-04 11:09:58 | 000,003,847 | ---- | C] () -- C:\WINDOWS\mainddes.ini
[2002-03-04 11:09:58 | 000,002,893 | ---- | C] () -- C:\WINDOWS\calcddes.ini
[2002-03-04 11:09:58 | 000,000,625 | ---- | C] () -- C:\WINDOWS\tradddes.ini
[2002-02-18 16:08:46 | 000,000,614 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2002-02-13 16:43:14 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2002-02-13 16:40:06 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2002-02-12 12:41:29 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2002-02-12 12:16:25 | 000,004,904 | ---- | C] () -- C:\WINDOWS\Stabu.ini
[2002-02-12 12:16:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\BAHASP.INI
[2002-01-29 08:47:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2002-01-24 12:28:54 | 000,003,803 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2002-01-09 14:57:20 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002-01-09 14:56:18 | 000,341,832 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002-01-09 14:35:13 | 000,000,508 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002-01-09 14:30:04 | 000,001,305 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2002-01-09 14:30:03 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2002-01-09 14:14:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002-01-09 14:08:23 | 000,021,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2001-09-07 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001-09-07 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001-09-07 13:00:00 | 000,508,910 | ---- | C] () -- C:\WINDOWS\System32\perfh013.dat
[2001-09-07 13:00:00 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001-09-07 13:00:00 | 000,318,670 | ---- | C] () -- C:\WINDOWS\System32\perfi013.dat
[2001-09-07 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001-09-07 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001-09-07 13:00:00 | 000,090,586 | ---- | C] () -- C:\WINDOWS\System32\perfc013.dat
[2001-09-07 13:00:00 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001-09-07 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001-09-07 13:00:00 | 000,039,178 | ---- | C] () -- C:\WINDOWS\System32\perfd013.dat
[2001-09-07 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001-09-07 13:00:00 | 000,028,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001-09-07 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001-09-07 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001-05-02 16:39:12 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\iPiWeb.dll
[2001-04-23 01:07:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\mtstack.exe
[2000-09-18 16:50:28 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

========== LOP Check ==========

[2010-08-04 10:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Atari
[2008-09-20 21:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Autodesk
[2009-07-04 09:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011-07-31 12:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Babylon
[2011-07-31 16:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BabylonToolbar
[2011-01-24 23:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Belastingdienst
[2010-04-05 19:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Canon
[2011-09-01 20:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GetRightToGo
[2010-02-08 23:24:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICAClient
[2010-07-11 16:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Juniper Networks
[2009-03-23 23:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LimeWirePlus
[2008-10-12 20:48:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\LinkedIn
[2008-09-14 21:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
[2011-03-07 23:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\QuickScan
[2008-02-09 20:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ScanSoft
[2009-01-04 08:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sony
[2011-09-29 13:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Spotify
[2003-05-21 13:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Verzendmap van Share-to-Web
[2011-07-31 12:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2010-08-04 12:41:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011-10-24 15:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010-08-04 12:53:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2010-10-12 13:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011-11-23 13:53:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011-11-25 01:26:32 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



< End of report >

 

great you work on a holiday!

 

Broni,
On restart I did't get the screen you mentioned. I must say that I rebooted before I had read your post, so I wasn't there when the machine rebooted, just clicked reboot and went on with business (i.e. breakfast ;-))
Tried again reboot via 'start', still normal reboot.
Third time I tried F8, but I wasn't sure if I was going the right way, so I left it there. I couldn't find anything to match "Recovery Console ". The options I saw (tried to translate from Dutch)
1. safe mode
2. safe mode w networkoption
3. safe mode w command prompt

4. enable logging for boot procedure
5. last known right configuration (recent settings that worked)
6. re-install active directory
7. errordetection mode
8. switch off automatic reboot after system crash

9. start windows normally
10. reboot
11. back to menu with operating systeem

 

....
didn't work
downloaded the rc.iso
downloaded the imgburn to my laptop, burned a cd (I wasn't totally sure which option to choose from, but I picked 'burn image fileto cd')
rebooted my desktop with the cd in drive D, when rebooting first the 3.5" came on, then I saw the green led of the cd-station flashing.....
-but reboot was no different from normal reboot, no loading, no welcome to setup. the cd didn't run...

To be honest, Broni, I'm growing a little tired . It seems to me that to fix the problem, another problem has te be solved fisrt, and in order to be able to solve thatproblem, another one has te be moved out of the way, and pop! there comes another one. The time difference doesn't help either. there's so little possible contact time, the steps to be taken take days and days. AND my desktop is very slow, especially rebooting...

Is it worth the try?
As I said before. I have another ex-office desktop waiting to be connected. I only want the connection to my ISP to be normal (no proxyserver) before doing that. The desktop we're dealing with contains data I want to safely transfer to the newer one. I first thought it would be great for my daughter to have this old one, but... well I cannot see trough how much trouble we still have to go to reach that goal...
Can you shed some light on this please, Broni?

 

I understand it's all up to me

With ctrl-alt-B my computer gets me to a boot menu
options:
Boot Method: PXE/ TCP-IP/ Netware/ RPL
Default boot: Local/ Network
Local Boot: En-/ Disabled
Config Messag: En-/ Disabeld
Mess timeout: 3/ 6/ 12 / forever
Boot failure prompt: wait for timeout
Boot Failure: next boot device

...don't see no options to choose disk to boot from...

 

I know I have to acces the BIOS, this is pointed out in the link you posted.All I'm telling you, Broni, is all I can see on my screen;
CTRL-ALT_B whicht brings me to the Managed Boot Agent I described in my last post, with no option to point to a drive
and there is an option N, to boot from network, which must be a residu of my computer's first life, and which I didn't try.