Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Still fault message when startup laptop


  • Please log in to reply
4 replies to this topic

#1 Vision25

Vision25

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 03 January 2010 - 05:12 PM

Hello bleeping members.
After many forums and reading i still got some problems fixing things on the computer not my own.
The problem is when i start the computer and logging in windows xp i get a fault messages 3 of them got them a long time.
Two of them i got solved they dont appeared anymore,but 1 not see photo here (the text is in dutch)i'm from the netherlands.
The message i will try to translate:
There is a fault while loading C:\WINDOWS\systeem32\dkjyarbu.dll

Attached File  messages_startup.bmp   370.62KB   6 downloads

How can i fixed this?
The two other fault messages and many other virus i solved with a registry cleaner and maleware(i guess)
My software i have,
-I use nod32 [legal version]
-Eusing free registry cleaner [Since today after reading forums ] and,
-Malewarebytes Anti-Maleware

I have a hijackthis-log if needed,somewhere else i saw its needed to know what the problem is.
Grtz Jordy

BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:38 AM

Posted 11 January 2010 - 07:09 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
  • Please download OTL from following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 Vision25

Vision25
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 16 January 2010 - 01:44 PM

Hello myrti
First i wanna say sorry didnt knew the rules so far here and i understand there are many topics here which must be finished.
The log you needed is that a hijack-log file?

Here first the OTL.txt file:
OTL logfile created on: 16-1-2010 19:30:10 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Guustaaf\Bureaublad
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

512,00 Mb Total Physical Memory | 186,00 Mb Available Physical Memory | 36,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 57,23 Gb Total Space | 43,09 Gb Free Space | 75,28% Space Free | Partition Type: FAT32
Drive D: | 57,23 Gb Total Space | 57,07 Gb Free Space | 99,72% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GUUS-E8HYOK83KK
Current User Name: Guustaaf
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-01-16 19:29:34 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Guustaaf\Bureaublad\OTL.exe
PRC - [2010-01-02 20:15:30 | 01,643,272 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
PRC - [2010-01-02 20:15:28 | 01,181,328 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010-01-02 20:15:28 | 00,788,880 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009-10-11 04:17:36 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009-10-11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-05-19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009-03-08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-02-06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009-02-06 14:23:36 | 00,727,720 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-02-06 14:23:12 | 02,021,400 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe
PRC - [2008-04-14 19:02:58 | 01,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-10-22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2004-01-13 19:00:00 | 00,099,840 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I0T1.EXE
PRC - [2002-09-20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2002-07-12 09:33:12 | 01,581,056 | R--- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
PRC - [2001-09-07 13:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe


========== Modules (SafeList) ==========

MOD - [2010-01-16 19:29:34 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Guustaaf\Bureaublad\OTL.exe
MOD - [2006-05-03 22:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-01-02 20:15:28 | 01,181,328 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009-10-11 04:17:36 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009-08-05 22:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009-05-19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009-02-06 14:27:06 | 00,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-02-06 14:23:36 | 00,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008-04-14 19:02:36 | 00,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2006-10-22 12:22:00 | 00,159,810 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002-09-20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2009-09-23 13:55:24 | 00,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009-08-31 03:51:16 | 00,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-08-05 22:48:42 | 00,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009-02-06 14:24:24 | 00,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-02-06 14:23:18 | 00,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-02-06 14:19:52 | 00,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008-04-13 20:56:06 | 00,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008-04-13 20:53:10 | 00,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008-04-13 20:45:30 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 20:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Stuurprogramma voor USB-audio (WDM)
DRV - [2008-04-13 20:36:40 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008-04-13 20:34:12 | 00,163,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR)
DRV - [2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-08-06 15:29:46 | 00,094,720 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camfilt2.sys -- (camfilt2)
DRV - [2007-07-17 18:07:42 | 10,371,072 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2006-10-22 12:22:00 | 03,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005-08-30 17:59:00 | 00,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005-08-30 17:58:56 | 00,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005-08-30 17:57:18 | 00,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2004-08-03 22:31:36 | 00,032,768 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004-01-12 16:51:44 | 01,252,474 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1120Vid.sys -- (P1120VID)
DRV - [2003-08-29 15:09:00 | 00,578,304 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)
DRV - [2003-01-29 08:29:34 | 00,008,703 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2002-10-21 05:40:04 | 00,006,016 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\windows\System32\DRIVERS\siside.sys -- (SiSide)
DRV - [2002-10-17 08:14:46 | 00,049,024 | R--- | M] (Windows ® 2000 DDK provider) [File_System | Boot | Running] -- C:\windows\system32\drivers\sisidex.sys -- (sisidex)
DRV - [2002-08-20 10:19:08 | 00,009,472 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sisperf.sys -- (sisperf)
DRV - [2002-07-16 03:58:12 | 00,379,726 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2002-04-01 07:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)
DRV - [2001-09-07 12:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001-09-07 12:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001-09-07 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001-09-07 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2001-08-17 20:11:06 | 00,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2000478354-682003330-839522115-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2000478354-682003330-839522115-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2000478354-682003330-839522115-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-2000478354-682003330-839522115-1009\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FE 0D 2F 97 D5 8B CA 01 [binary data]
IE - HKU\S-1-5-21-2000478354-682003330-839522115-1009\S-1-5-21-2000478354-682003330-839522115-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007-06-25 14:13:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2007-06-25 14:13:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-03-19 20:45:50 | 00,000,000 | ---D | M]

[2009-03-19 19:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guustaaf\Application Data\Mozilla\Extensions
[2009-03-19 19:34:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guustaaf\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2009-03-19 20:11:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Guustaaf\Application Data\Mozilla\Firefox\Profiles\mopwq24t.default\extensions
[2009-09-16 19:22:52 | 00,002,171 | ---- | M] () -- C:\Documents and Settings\Guustaaf\Application Data\Mozilla\Firefox\Profiles\mopwq24t.default\searchplugins\bing.xml
[2007-06-25 14:13:54 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-08-31 21:09:10 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\PremiereAdvertisingPlatform@PremiereAdvertisingPlatform

O1 HOSTS File: ([2001-09-07 12:00:00 | 00,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6D729EDE-77A3-43D3-B127-68E6F789AEC1} - Reg Error: Value error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-2000478354-682003330-839522115-1009\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [C-Media Mixer] C:\windows\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EPSON Stylus C46 Series (Kopie 1)] C:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [SearchIndexer] C:\windows\System32\dkjyarbu.DLL File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Poort voor Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1043\OLFSNT40.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-682003330-839522115-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1163426321984 (WUWebControl Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} http://cache.hyves-static.net/statics/Auri...geUploader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppD...ap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} http://ak.imgag.com/imgag/cp/install/Crusher.cab (Creative Toolbox Plug-in)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} http://www.chat-united.com/controls/msnchat45.cab (MSN Chat Control 4.5)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/dow...llerControl.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.228.196 62.179.104.196
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\__c009D553.dat) - C:\windows\System32\__c009D553.dat File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\mllmj: DllName - C:\WINDOWS\system32\mllmj.dll - C:\windows\System32\mllmj.dll File not found
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop Components:0 (Mijn huidige introductiepagina) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Guustaaf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Guustaaf\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\windows\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004-11-20 23:46:36 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2008-12-13 18:04:18 | 00,000,095 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setupSNK.exe -- [2008-04-14 22:33:20 | 00,028,672 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\windows\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-01-16 19:29:33 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Guustaaf\Bureaublad\OTL.exe
[2010-01-13 20:41:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureaublad
[2010-01-13 20:28:56 | 00,000,000 | -HSD | C] -- C:\FOUND.026
[2010-01-13 15:58:12 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dllcache\aclayers.dll
[2010-01-10 15:57:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Guustaaf\Application Data\OpenOffice.org
[2010-01-10 15:53:59 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010-01-10 15:52:51 | 00,000,000 | ---D | C] -- C:\Program Files\WordsOffice.gratis
[2010-01-10 15:36:16 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010-01-10 15:36:01 | 00,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2010-01-10 15:13:54 | 00,000,000 | -HSD | C] -- C:\FOUND.025
[2010-01-03 16:56:12 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Guustaaf\Bureaublad\Gezondheid
[2010-01-03 16:54:57 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Guustaaf\Bureaublad\Pc Fixer Tips
[2010-01-03 15:56:26 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-01-03 15:26:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Guustaaf\Application Data\Malwarebytes
[2010-01-03 15:26:19 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2010-01-03 15:26:16 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2010-01-03 15:26:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-01-03 15:26:14 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-01-03 15:06:01 | 00,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2010-01-03 14:38:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2010-01-03 14:07:12 | 00,000,000 | ---D | C] -- C:\windows\pss
[2010-01-03 13:45:24 | 00,000,000 | ---D | C] -- C:\windows\System32\NtmsData
[2010-01-03 13:16:22 | 00,000,000 | ---D | C] -- C:\windows\System32\GroupPolicy
[2010-01-02 20:16:12 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\windows\System32\drivers\Lbd.sys
[2010-01-02 20:14:05 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2010-01-02 20:13:39 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010-01-02 20:13:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2009-08-31 21:15:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2009-04-07 18:53:05 | 00,057,344 | ---- | C] ( ) -- C:\windows\System32\vsnpstd3.dll
[2009-04-07 18:53:05 | 00,053,248 | ---- | C] ( ) -- C:\windows\System32\csnpstd3.dll
[2004-11-20 23:50:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2004-11-20 23:50:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2004-11-20 23:37:18 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2004-11-20 23:37:18 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[1999-04-06 18:19:58 | 00,099,840 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRAABOUT.DLL
[1998-12-09 03:53:54 | 00,186,368 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAREG.DLL
[1998-12-09 03:53:54 | 00,070,144 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAMDMTR.DLL
[1998-12-09 03:53:54 | 00,048,640 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRALPTTR.DLL
[1998-12-09 03:53:54 | 00,031,744 | ---- | C] (Symantec Corp., Peter Norton Computing Group) -- C:\Program Files\Common Files\IRAWEBTR.DLL
[1998-12-09 03:53:54 | 00,017,920 | ---- | C] (Symantec Corp.) -- C:\Program Files\Common Files\IRASRIAL.DLL
[9 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-01-16 19:29:34 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Guustaaf\Bureaublad\OTL.exe
[2010-01-16 19:22:24 | 00,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2010-01-16 19:22:22 | 00,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Daily 4).job
[2010-01-16 19:22:22 | 00,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Daily 3).job
[2010-01-16 19:22:22 | 00,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Daily 2).job
[2010-01-16 19:22:22 | 00,000,472 | ---- | M] () -- C:\windows\tasks\Ad-Aware Update (Daily 1).job
[2010-01-16 19:04:42 | 00,000,260 | ---- | M] () -- C:\windows\tasks\WGASetup.job
[2010-01-16 19:04:36 | 00,087,959 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2010-01-16 19:02:52 | 00,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010-01-16 19:02:50 | 00,002,262 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2010-01-16 19:02:46 | 00,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2010-01-13 22:07:32 | 02,973,696 | ---- | M] () -- C:\Documents and Settings\Guustaaf\ntuser.dat
[2010-01-13 22:07:32 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Guustaaf\ntuser.ini
[2010-01-13 21:35:20 | 04,297,002 | -H-- | M] () -- C:\Documents and Settings\Guustaaf\Local Settings\Application Data\IconCache.db
[2010-01-13 20:47:04 | 00,143,624 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010-01-13 20:42:58 | 00,001,374 | ---- | M] () -- C:\windows\imsins.BAK
[2010-01-10 16:57:12 | 00,025,944 | ---- | M] () -- C:\Documents and Settings\Guustaaf\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010-01-10 15:15:32 | 00,000,735 | ---- | M] () -- C:\windows\win.ini
[2010-01-10 15:15:32 | 00,000,246 | ---- | M] () -- C:\windows\system.ini
[2010-01-03 19:22:54 | 00,000,552 | ---- | M] () -- C:\windows\System32\d3d8caps.dat
[2010-01-02 20:15:54 | 00,015,880 | ---- | M] () -- C:\windows\System32\lsdelete.exe
[2009-12-30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2009-12-30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[9 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-01-10 17:12:43 | 02,973,696 | ---- | C] () -- C:\Documents and Settings\Guustaaf\ntuser.dat
[2010-01-10 15:01:39 | 00,001,633 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk
[2010-01-03 19:22:52 | 00,000,552 | ---- | C] () -- C:\windows\System32\d3d8caps.dat
[2010-01-03 13:20:41 | 00,160,217 | ---- | C] () -- C:\windows\System32\PowerToysLicense.rtf
[2010-01-02 21:08:59 | 00,015,880 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2010-01-02 20:23:03 | 00,000,472 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Weekly).job
[2010-01-02 20:23:03 | 00,000,472 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Daily 4).job
[2010-01-02 20:23:03 | 00,000,472 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Daily 3).job
[2010-01-02 20:23:03 | 00,000,472 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Daily 2).job
[2010-01-02 20:23:02 | 00,000,472 | ---- | C] () -- C:\windows\tasks\Ad-Aware Update (Daily 1).job
[2009-12-02 17:15:39 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Guustaaf\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-31 03:52:37 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009-08-31 03:36:07 | 00,005,632 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2009-04-07 18:53:05 | 00,015,478 | ---- | C] () -- C:\windows\snpstd3.ini
[2008-10-22 15:12:33 | 00,552,960 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2008-10-22 15:12:33 | 00,159,744 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2008-07-22 14:44:52 | 00,000,025 | ---- | C] () -- C:\windows\cdplayer.ini
[2007-11-14 23:25:33 | 00,000,118 | ---- | C] () -- C:\windows\System32\MRT.INI
[2007-07-02 22:07:23 | 00,000,736 | ---- | C] () -- C:\windows\DigimaxMaster.INI
[2006-11-12 15:35:15 | 00,043,520 | ---- | C] () -- C:\windows\System32\CmdLineExt03.dll
[2006-10-22 12:22:00 | 00,212,992 | ---- | C] () -- C:\windows\System32\nvapi.dll
[2005-05-31 12:09:11 | 00,000,052 | ---- | C] () -- C:\windows\pex.INI
[2005-05-31 00:43:56 | 00,000,440 | ---- | C] () -- C:\windows\Ulead32.ini
[2005-04-02 22:11:45 | 00,069,632 | R--- | C] () -- C:\windows\System32\xmltok.dll
[2005-04-02 22:11:45 | 00,036,864 | R--- | C] () -- C:\windows\System32\xmlparse.dll
[2005-02-24 07:32:00 | 01,662,976 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2005-02-24 07:32:00 | 01,470,464 | ---- | C] () -- C:\windows\System32\nview.dll
[2005-02-24 07:32:00 | 01,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2005-02-24 07:32:00 | 00,581,632 | ---- | C] () -- C:\windows\System32\nvhwvid.dll
[2005-02-24 07:32:00 | 00,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2005-02-24 07:32:00 | 00,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2004-11-22 20:04:05 | 00,000,025 | ---- | C] () -- C:\windows\CDEC46Euro.ini
[2004-11-21 01:13:21 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameE.txt
[2004-11-21 00:37:32 | 00,000,395 | ---- | C] () -- C:\windows\ODBC.INI
[2004-11-21 00:37:32 | 00,000,063 | ---- | C] () -- C:\windows\mdm.ini
[2004-11-21 00:37:27 | 00,000,000 | ---- | C] () -- C:\windows\NSREX.INI
[2004-11-21 00:06:14 | 00,000,044 | ---- | C] () -- C:\windows\System32\msssc.dll
[2004-11-21 00:05:42 | 00,139,264 | R--- | C] () -- C:\windows\System32\IDEproperty.dll
[2004-11-21 00:05:12 | 00,003,019 | ---- | C] () -- C:\windows\Ascd_tmp.ini
[2004-11-21 00:05:11 | 00,005,824 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2004-11-21 00:02:42 | 00,363,520 | ---- | C] () -- C:\windows\System32\psisdecd.dll
[2004-11-21 00:02:27 | 00,002,048 | R--- | C] () -- C:\windows\System32\anvcinst.dll
[2004-11-21 00:02:23 | 00,006,272 | ---- | C] () -- C:\windows\System32\drivers\ASLM75.SYS
[2004-11-20 23:55:42 | 00,020,333 | ---- | C] () -- C:\windows\cmaudio.ini
[2004-11-20 23:54:59 | 00,004,333 | ---- | C] () -- C:\windows\mixerdef.ini
[1999-01-22 19:46:58 | 00,065,536 | ---- | C] () -- C:\windows\System32\MSRTEDIT.DLL
< End of report >

Here the Extras.txt file:
OTL Extras logfile created on: 16-1-2010 19:30:10 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Guustaaf\Bureaublad
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

512,00 Mb Total Physical Memory | 186,00 Mb Available Physical Memory | 36,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 57,23 Gb Total Space | 43,09 Gb Free Space | 75,28% Space Free | Partition Type: FAT32
Drive D: | 57,23 Gb Total Space | 57,07 Gb Free Space | 99,72% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GUUS-E8HYOK83KK
Current User Name: Guustaaf
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"2:TCP" = 2:TCP:LocalSubNet:Enabled:TomTom Home
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\swat4\Content\System\Swat4.exe" = D:\swat4\Content\System\Swat4.exe:*:Enabled:SWAT 4 -- File not found
"C:\Program Files\Ubisoft\Blue Byte\THE SETTLERS - Heritage of Kings\Bin\settlershok.exe" = C:\Program Files\Ubisoft\Blue Byte\THE SETTLERS - Heritage of Kings\Bin\settlershok.exe:*:Enabled:THE SETTLERS - Heritage of Kings -- (Blue Byte Software)
"C:\WINDOWS\System32\dpvsetup.exe" = C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Steam\SteamApps\serialkillerrr\counter-strike source\hl2.exe" = C:\Program Files\Steam\SteamApps\serialkillerrr\counter-strike source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Program Files\Steam\SteamApps\serialkillerrr\day of defeat source\hl2.exe" = C:\Program Files\Steam\SteamApps\serialkillerrr\day of defeat source\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Steam\SteamApps\serialkillerrr\half-life 2 deathmatch\hl2.exe" = C:\Program Files\Steam\SteamApps\serialkillerrr\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2 -- File not found
"C:\Program Files\MSN Messenger\msrr.exe" = C:\Program Files\MSN Messenger\msrr.exe:*:Disabled:Messenger -- File not found
"C:\WINDOWS\system32\hscpylow.exe" = C:\WINDOWS\system32\hscpsenger\msrr.exe -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe" = C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza -- File not found
"D:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe" = D:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza -- File not found
"C:\Program Files\Joost\xulrunner\tvprunner.exe" = C:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner -- File not found
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- File not found
"D:\LimeWire Plus\LimeWire.exe" = D:\LimeWire Plus\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Hercules\Classic Silver\Station2.exe" = C:\Program Files\Hercules\Classic Silver\Station2.exe:*:Enabled:Hercules Webcam Station Evolution -- File not found
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10F5387D-1728-423A-A578-B00982CF2646}" = Windows Live Messenger
"{11005483-57F9-400C-BF9F-CBC47540705A}" = Windows Live Photo Gallery
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 17
"{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}" = Windows Live Call
"{30ED8F74-4222-4500-95A4-89651D56D349}" = OpenOffice.org 3.1
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97BD-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CA031C-D3CD-4A28-8D9B-C71466C4F045}" = Windows Live Writer
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}" = Windows Live Essentials
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{66867BB8-FBC5-450B-8533-C6BE2C9C4068}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD19EDD9-1632-4002-9212-7478E4BA0423}" = Windows Live Sync
"{CDF97135-7FD2-4289-96B8-DD4505267ACD}" = ESET NOD32 Antivirus
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E51109E7-3818-4BC2-B3FD-A59AC2378A2B}" = Windows Live Toolbar
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Creative PD1120" = Creative WebCam NX Ultra Driver (1.01.03.0112)
"EPSON Printer and Utilities" = EPSON-printersoftware
"ESC46 Gebruikershandleiding" = ESC46 Gebruikershandleiding
"ESC46 Softwarehandleiding" = ESC46 Softwarehandleiding
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LimeWire" = LimeWire 5.1.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PCI Audio Driver" = PCI Audio Driver
"PremiereAdvertisingPlatformFF" = FFPremiereAdvertisingPlatform
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"SystemRequirementsLab" = System Requirements Lab
"TomTom HOME" = TomTom HOME 2.6.1.1549
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2000478354-682003330-839522115-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DealAssistant" = DealAssistant

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2-1-2010 15:14:24 | Computer Name = GUUS-E8HYOK83KK | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 3-1-2010 10:11:37 | Computer Name = GUUS-E8HYOK83KK | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: Regcleaner.exe, versie: 0.0.0.0, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error - 3-1-2010 10:11:37 | Computer Name = GUUS-E8HYOK83KK | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: Regcleaner.exe, versie: 0.0.0.0, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error - 3-1-2010 12:13:23 | Computer Name = GUUS-E8HYOK83KK | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 Premium -- Fout 1706. Kan geen geldige
bron vinden voor product Microsoft Office 2000 Premium. Windows Installer kan niet
worden voortgezet.

Error - 3-1-2010 12:20:21 | Computer Name = GUUS-E8HYOK83KK | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: Regcleaner.exe, versie: 0.0.0.0, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error - 6-1-2010 17:30:44 | Computer Name = GUUS-E8HYOK83KK | Source = Application Hang | ID = 1002
Description = Vastgelopen toepassing: Regcleaner.exe, versie: 0.0.0.0, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error - 9-1-2010 15:20:22 | Computer Name = GUUS-E8HYOK83KK | Source = crypt32 | ID = 131080
Description = Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
opvragen van de automatische update van het basislijstvolgordenummer van derden
is mislukt met de fout: Deze bewerking is geretourneerd omdat de time-outperiode
verlopen is.

Error - 9-1-2010 15:20:23 | Computer Name = GUUS-E8HYOK83KK | Source = crypt32 | ID = 131080
Description = Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
opvragen van de automatische update van het basislijstvolgordenummer van derden
is mislukt met de fout: De opgegeven server kan de aangevraagde bewerking niet
uitvoeren.

Error - 10-1-2010 10:38:00 | Computer Name = GUUS-E8HYOK83KK | Source = VBRuntime | ID = 1
Description = The VB Application identified by the event source logged this Application
MSICUU: Thread ID: 2688 ,Logged: Success: C:\Program Files\Windows Installer Clean
Up\msizap.exe TW! {00000413-78E1-11D2-B60F-006097C998E7}

Error - 10-1-2010 11:13:29 | Computer Name = GUUS-E8HYOK83KK | Source = Application Error | ID = 1000
Description = Vastgelopen toepassing: iexplore.exe, versie: 8.0.6001.18702, vastgelopen
module: mshtml.dll, versie: 8.0.6001.18854, vastgelopen op: 0x001f1308.

[ System Events ]
Error - 13-1-2010 15:13:19 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7023
Description = De Apparaattoegang via menselijke interface-service is gestopt met
de volgende foutcode: %%126.

Error - 13-1-2010 15:17:18 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7000
Description = De Cam 3200, WDM Video Capture-service kan vanwege de volgende fout
niet worden gestart: %%2

Error - 13-1-2010 15:17:18 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7023
Description = De Apparaattoegang via menselijke interface-service is gestopt met
de volgende foutcode: %%126.

Error - 13-1-2010 15:19:51 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7034
Description = De Windows Installer-service is onverwacht beëindigd. Dit is nu 1
keer gebeurd.

Error - 13-1-2010 15:29:41 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7000
Description = De Cam 3200, WDM Video Capture-service kan vanwege de volgende fout
niet worden gestart: %%2

Error - 13-1-2010 15:29:41 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7023
Description = De Apparaattoegang via menselijke interface-service is gestopt met
de volgende foutcode: %%126.

Error - 13-1-2010 15:47:32 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7000
Description = De Cam 3200, WDM Video Capture-service kan vanwege de volgende fout
niet worden gestart: %%2

Error - 13-1-2010 15:47:32 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7023
Description = De Apparaattoegang via menselijke interface-service is gestopt met
de volgende foutcode: %%126.

Error - 16-1-2010 14:03:18 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7000
Description = De Cam 3200, WDM Video Capture-service kan vanwege de volgende fout
niet worden gestart: %%2

Error - 16-1-2010 14:03:18 | Computer Name = GUUS-E8HYOK83KK | Source = Service Control Manager | ID = 7023
Description = De Apparaattoegang via menselijke interface-service is gestopt met
de volgende foutcode: %%126.


< End of report >

-The First problem is the messages i get when i logged in this computer see my first post in this topic.
Two of them i solved with Maleware program,but the last one ''C:\WINDOWS\systeem32\dkjyarbu.dll'' not.
Second problem i have is the computer is lag,but its a old one maybe thats the problem to old and illegal windows version?
I have a illegal copied windows xp version




Greetz Vision

Edited by Vision25, 16 January 2010 - 01:53 PM.


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:38 AM

Posted 17 January 2010 - 09:09 AM

Hi,

Your log(s) show that you are using so called peer-to-peer or file-sharing programmes (in your case LimeWire). These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

http://www.trendmicro.com/vinfo/grayware/v...=CRCK_KEYGEN.BB

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

http://blog.trendmicro.com/crack-sites-dis...rux-and-fakeav/


When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a lot of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :otl
    O4 - HKLM..\Run: [SearchIndexer] C:\windows\System32\dkjyarbu.DLL File not found
    O20 - AppInit_DLLs: (C:\WINDOWS\system32\__c009D553.dat) - C:\windows\System32\__c009D553.dat File not found
    O20 - Winlogon\Notify\mllmj: DllName - C:\WINDOWS\system32\mllmj.dll - C:\windows\System32\mllmj.dll File not found
    :files
    C:\Windows\tasks\at*.job
  • Then click the Run Fix button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply.

    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
    If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
================================Follow up scan=================================
  • Double click on OTL to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open one notepad window. OTL.Txt a This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it with your next reply.
It would probably be best though if you removed the cracked XP and buy yourself a legal copy of Vista or Windows 7. If you don't want to do that, maybe consider a linux distribution. They are completely free.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 Vision25

Vision25
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:38 AM

Posted 20 January 2010 - 02:31 PM

Thx for the message.
I'm gonna do this and going to see what it brings,but i keep this windows xp, it is only needed for internet,msn etc it is not a computer for many thing,but it's irritating because its slow and the message when start up.
If im not respond after 5 days i think this would be closed? if so i let you know on chat if its already better.
Friendly greetz
Vision




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users