Geel icoontje bij internettoegang

anoniem · 25 januari 2013

Sinds gisteren heb ik een geel icoontje (het lijkt wel een klein zonnetje) bij de internettoegang op mijn taakbalk. Dit nog nooit eerder gezien; vreemd....? Voor de volledigheid meld ik nog even dat de Taakplanner niet werkt; ik heb hier reeds een topic voor gestart in OS Windows maar het probleem is ondanks een aantal aanbevelingen nog niet opgelost. http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=219288&highlight= Voor de zekerheid misschien even een check-up? Alvast een MBAM-log hieronder: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.01.25.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Jos H :: LAPTOP [administrator] 25-1-2013 9:17:43 mbam-log-2013-01-25 (09-17-43).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 210711 Verstreken tijd: 3 minuut/minuten, 8 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

anoniem · 30 januari 2013

Tijdens een scan van MBAM kreeg ik het volgende resultaat. Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.01.30.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Jos H :: LAPTOP [administrator] 30-1-2013 16:19:06 mbam-log-2013-01-30 (16-19-06).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 219882 Verstreken tijd: 3 minuut/minuten, 9 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 3 HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Slecht: (1) Goed: (0) -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

anoniem · 30 januari 2013

Doe het volgende: [b:fac2808809]Welk programma[/b:fac2808809]: [color=#008000:fac2808809][b:fac2808809]OTL.exe[/b:fac2808809][/color:fac2808809] [b:fac2808809]Waarvoor/waarom[/b:fac2808809]: multifunktioneel tool - analyse en fix [b:fac2808809]Moeilijkheidsgraad[/b:fac2808809]: geen. [b:fac2808809]Download[/b:fac2808809]: [url=http://oldtimer.geekstogo.com/OTL.exe][b:fac2808809][color=red:fac2808809]OTL.exe[/color:fac2808809][/b:fac2808809][/url] en plaats het bestand op het bureaublad. [b:fac2808809]Sluit voordat [color=#008000:fac2808809]OTL.exe[/color:fac2808809] gaat scannen, eerst alle andere openstaande vensters![/b:fac2808809] [b:fac2808809][color=#008000:fac2808809]OTL.exe[/color:fac2808809] gebruiken[/b:fac2808809]: [list:fac2808809][*:fac2808809] [b:fac2808809][color=#FF0000:fac2808809]Sluit nu eerst alle nog openstaande programmavensters![/color:fac2808809][/b:fac2808809] [list:fac2808809][*:fac2808809][b:fac2808809][color=#0000FF:fac2808809]Windows 2000[/color:fac2808809][/b:fac2808809] en [color=#0000FF:fac2808809][b:fac2808809]Windows XP[/b:fac2808809][/color:fac2808809]: dubbelklik op [color=#008000:fac2808809][b:fac2808809]OTL.exe[/b:fac2808809][/color:fac2808809]. [*:fac2808809][color=#0000FF:fac2808809][b:fac2808809]Windows Vista[/b:fac2808809][/color:fac2808809], [color=#0000FF:fac2808809][b:fac2808809]Windows 7[/b:fac2808809][/color:fac2808809] en [color=#0000FF:fac2808809][b:fac2808809]Windows 8[/b:fac2808809][/color:fac2808809]: via rechtsklik op [color=#008000:fac2808809][b:fac2808809]OTL.exe[/b:fac2808809][/color:fac2808809] en kies voor "Als Administrator uitvoeren".[/list:u:fac2808809][/list:u:fac2808809] [list:fac2808809][*:fac2808809]Zet een vinkje bij [color=#0000FF:fac2808809][b:fac2808809]Scan All Users[/b:fac2808809][/color:fac2808809], [color=#0000FF:fac2808809][b:fac2808809]LOP Check[/b:fac2808809][/color:fac2808809] en bij [color=#0000FF:fac2808809][b:fac2808809]PURITY Check[/b:fac2808809][/color:fac2808809]. [*:fac2808809]Kopieer en plak ondervermelde (vetgedrukte, blauwe tekst) in het kader onder [img:fac2808809]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:fac2808809] [color=#0000FF:fac2808809][b:fac2808809] services.* explorer.exe winlogon.exe Userinit.exe svchost.exe netsvcs BASESERVICES DRIVES msconfig %SYSTEMDRIVE%\*.exe %SYSTEMDRIVE%\*.* %systemroot%\system32\Spool\prtprocs\w32x86\*.dll %systemroot%\*. /mp /s %systemroot%\system32\*.sys /90 %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\system32\*.exe /lockedfiles %systemroot%\System32\config\*.sav %PROGRAMFILES%\* %USERPROFILE%\..|smtmp;true;true;true /FP HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT[/color:fac2808809][/b:fac2808809] [*:fac2808809]Klik vervolgens op de knop [img:fac2808809]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:fac2808809]. [*:fac2808809]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:fac2808809]De scan zal niet heel erg lang duren. [list:fac2808809][*:fac2808809]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:fac2808809]OTL.Txt[/b:fac2808809] en [b:fac2808809]Extras.txt[/b:fac2808809]. [*:fac2808809]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:fac2808809] [*:fac2808809][color=#008000:fac2808809][b:fac2808809]Notabene:[/b:fac2808809][/color:fac2808809] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:fac2808809]

anoniem · 30 januari 2013

Hierbij het logbestand van OTL text: OTL logfile created on: 30-1-2013 19:09:03 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jos H\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,22% Memory free 5,99 Gb Paging File | 4,54 Gb Available in Paging File | 75,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 93,06 Gb Total Space | 63,45 Gb Free Space | 68,18% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jos H | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:6f7a66360a]========== Processes (SafeList) ==========[/color:6f7a66360a] PRC - [2013-01-30 19:04:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-09-24 13:46:16 | 000,656,480 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2012-09-17 04:24:10 | 000,995,352 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2012-09-12 08:32:32 | 004,679,672 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe PRC - [2012-08-23 14:46:08 | 001,542,680 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [color=#E56717:6f7a66360a]========== Modules (No Company Name) ==========[/color:6f7a66360a] MOD - [2013-01-30 13:10:14 | 000,192,512 | ---- | M] () -- C:\Users\JOSH~1\AppData\Local\Temp\sfamcc00001.dll MOD - [2013-01-30 13:10:13 | 000,158,720 | ---- | M] () -- C:\Users\JOSH~1\AppData\Local\Temp\sfareca00001.dll [color=#E56717:6f7a66360a]========== Services (SafeList) ==========[/color:6f7a66360a] SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-04-01 12:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-12-02 23:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-01-19 08:29:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-18 13:25:33 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-09-24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2012-09-24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2012-08-30 04:06:20 | 002,011,568 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2012-08-23 14:46:08 | 001,542,680 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2012-06-04 10:50:22 | 001,766,464 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:6f7a66360a]========== Driver Services (SafeList) ==========[/color:6f7a66360a] DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-12-06 16:29:31 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-12-05 14:08:21 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-12-05 14:08:20 | 000,126,880 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-12-05 14:08:19 | 000,054,176 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-12-05 14:08:16 | 000,064,416 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-12-05 12:51:20 | 000,060,320 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-11-19 12:24:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-11-19 12:24:26 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-11-19 12:24:26 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-11-19 12:24:26 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-11-19 12:24:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-10-18 11:12:06 | 001,111,856 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-10-06 14:26:46 | 000,766,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-09-18 11:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-09-18 11:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-12-16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-10-20 11:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-10-07 12:11:52 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwLv64.sys -- (NETwLv64) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-08-16 16:26:42 | 007,442,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwLx64.sys -- (NETwLx64) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-03-15 20:14:08 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-01-23 22:00:56 | 000,132,608 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2008-02-13 11:35:46 | 012,379,136 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2007-12-11 16:38:04 | 000,021,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtmTempSense.sys -- (EtmTempSense) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2007-08-15 14:20:22 | 000,088,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EMS7SK.sys -- (EMSCR) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2007-08-15 14:20:06 | 000,059,392 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESD7SK.sys -- (ESDCR) DRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2007-07-31 08:40:06 | 000,207,488 | ---- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TridVidx64.sys -- (TridVidx64) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-02-13 11:34:50 | 012,067,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD) [color=#E56717:6f7a66360a]========== Standard Registry (SafeList) ==========[/color:6f7a66360a] [color=#E56717:6f7a66360a]========== Internet Explorer ==========[/color:6f7a66360a] IE:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 71 C9 B0 E0 E8 CD 01 [binary data] IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:6f7a66360a]========== FireFox ==========[/color:6f7a66360a] FF - prefs.js..browser.startup.homepage: "http://www.google.nl/ig?hl=nl" FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.0.9 FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.0 FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.0 FF - prefs.js..extensions.enabledAddons: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11215.1124 FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.1.3 FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - user.js - File not found FF:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-19 08:29:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-19 08:29:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-19 11:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Extensions [2013-01-30 19:02:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions [2013-01-30 19:02:49 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012-12-16 10:51:16 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\2020Player_IKEA@2020Technologies.com [2013-01-19 11:10:54 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org [2012-12-23 06:54:31 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com [2012-12-15 05:46:56 | 000,363,832 | ---- | M] () (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\smarterwiki@wikiatic.com.xpi [2012-11-23 15:15:15 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-19 08:29:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013-01-19 08:29:42 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2013-01-19 08:29:46 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-10-24 19:30:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-11-21 13:15:15 | 000,002,616 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml [2012-11-21 13:15:15 | 000,004,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml [2012-11-21 13:15:15 | 000,001,262 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml O1 HOSTS File: ([2013-01-29 09:21:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b:6f7a66360a]64bit:[/b:6f7a66360a] - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O2:[b:6f7a66360a]64bit:[/b:6f7a66360a] - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O3:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b:6f7a66360a]64bit:[/b:6f7a66360a] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b:6f7a66360a]64bit:[/b:6f7a66360a] - Extra context menu item: LastPass - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8:[b:6f7a66360a]64bit:[/b:6f7a66360a] - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: LastPass - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O9:[b:6f7a66360a]64bit:[/b:6f7a66360a] - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O9:[b:6f7a66360a]64bit:[/b:6f7a66360a] - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.197.28.3 213.197.30.28 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB62B43F-3E62-4B8F-8FC6-23FB31765272}: DhcpNameServer = 213.197.28.3 213.197.30.28 O18:[b:6f7a66360a]64bit:[/b:6f7a66360a] - Protocol\Handler\ms-help - No CLSID value found O20:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:[b:6f7a66360a]64bit:[/b:6f7a66360a] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\..comfile [open] -- "%1" %* O35:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:6f7a66360a]64bit:[/b:6f7a66360a] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpReg: [b:6f7a66360a]@OnlineArmor GUI[/b:6f7a66360a] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b:6f7a66360a]Adobe ARM[/b:6f7a66360a] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b:6f7a66360a]BCSSync[/b:6f7a66360a] - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b:6f7a66360a]DriverMax[/b:6f7a66360a] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b:6f7a66360a]DriverMax_RESTART[/b:6f7a66360a] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b:6f7a66360a]NvCplDaemon[/b:6f7a66360a] - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b:6f7a66360a]NvMediaCenter[/b:6f7a66360a] - hkey= - key= - C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b:6f7a66360a]OODefragTray[/b:6f7a66360a] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b:6f7a66360a]RTHDVCPL[/b:6f7a66360a] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) MsConfig:64bit - StartUpReg: [b:6f7a66360a]snp2std[/b:6f7a66360a] - hkey= - key= - C:\Windows\vsnp2std.exe (Sonix) MsConfig:64bit - StartUpReg: [b:6f7a66360a]Sysinternals Desktops[/b:6f7a66360a] - hkey= - key= - File not found MsConfig:64bit - State: "startup" - Reg Error: Key error. MsConfig:64bit - State: "bootini" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717:6f7a66360a]========== Files/Folders - Created Within 30 Days ==========[/color:6f7a66360a] [2013-01-30 19:04:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe [2013-01-30 11:57:45 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013-01-30 11:56:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2013-01-30 11:21:51 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs [2013-01-29 09:21:07 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013-01-29 06:44:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013-01-28 13:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013-01-27 19:00:28 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2013-01-27 19:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013-01-27 19:00:02 | 000,000,000 | ---D | C] -- C:\Intel [2013-01-27 18:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2013-01-27 18:47:45 | 000,000,000 | ---D | C] -- C:\Users\Jos H\AppData\Roaming\SystemRequirementsLab [2013-01-27 18:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013-01-27 18:42:31 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-01-27 18:42:31 | 000,780,192 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-01-25 06:19:19 | 000,000,000 | ---D | C] -- C:\Windows\MiniDump [2013-01-22 14:42:00 | 000,000,000 | ---D | C] -- C:\ATISupport [2013-01-19 08:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-01-09 14:36:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2013-01-09 10:22:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-01-09 10:22:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-01-09 10:22:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-01-09 10:22:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-01-09 10:22:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-01-09 10:22:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-01-09 10:22:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-01-09 10:22:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-01-09 10:22:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-01-09 10:22:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-01-09 10:22:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-01-09 10:22:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-01-09 10:22:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-01-09 10:22:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-01-09 10:22:28 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-01-09 10:22:28 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-01-09 10:22:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-01-09 10:22:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-01-09 10:22:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-01-09 10:22:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-01-09 10:22:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-01-09 10:22:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-01-09 10:22:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-01-09 10:22:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-01-09 10:22:27 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-01-09 10:22:27 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-01-09 10:22:27 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-01-09 10:22:27 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-01-09 10:22:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-01-09 10:22:10 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-01-09 10:22:09 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-01-09 10:22:09 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-01-09 10:22:09 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-01-09 10:22:09 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-01-09 10:22:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-01-09 10:22:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-01-09 10:22:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-01-09 10:22:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 10:22:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-01-09 10:22:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-01-09 10:22:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013-01-09 10:22:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-01-09 10:21:55 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 10:21:55 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 10:21:48 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-01-09 10:21:47 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 10:21:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013-01-07 09:19:28 | 000,000,000 | ---D | C] -- C:\Users\Jos H\AppData\Local\O&O [2012-12-23 06:54:30 | 014,794,312 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe [color=#E56717:6f7a66360a]========== Files - Modified Within 30 Days ==========[/color:6f7a66360a] [2013-01-30 19:04:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe [2013-01-30 19:03:52 | 001,663,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-01-30 19:03:52 | 000,743,222 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2013-01-30 19:03:52 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-01-30 19:03:52 | 000,152,382 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2013-01-30 19:03:52 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-01-30 18:25:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-30 13:12:05 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-30 13:12:05 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-30 12:02:34 | 000,416,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-30 12:02:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-30 12:02:12 | 2414,436,352 | -HS- | M] () -- C:\hiberfil.sys [2013-01-30 12:00:42 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013-01-30 11:20:55 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe [2013-01-30 11:20:55 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe [2013-01-30 10:32:51 | 000,962,934 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2013-01-30 10:32:51 | 000,051,585 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2013-01-29 09:21:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013-01-27 18:42:18 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-01-27 18:42:18 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-01-18 13:25:31 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-01-18 13:25:31 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-01-17 11:31:19 | 000,048,212 | ---- | M] () -- C:\Users\Jos H\Documents\BTW 4e kwrt.2012.pdf [2013-01-09 10:42:55 | 001,641,044 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-01-08 10:26:43 | 000,007,675 | ---- | M] () -- C:\Users\Jos H\AppData\Local\Resmon.ResmonCfg [color=#E56717:6f7a66360a]========== Files Created - No Company Name ==========[/color:6f7a66360a] [2013-01-30 11:51:07 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe [2013-01-17 11:31:19 | 000,048,212 | ---- | C] () -- C:\Users\Jos H\Documents\BTW 4e kwrt.2012.pdf [2012-12-14 10:09:11 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-LAPTOP-Microsoft-Windows-7-Home-Premium-(64-bits).dat [2012-12-14 08:04:28 | 000,007,675 | ---- | C] () -- C:\Users\Jos H\AppData\Local\Resmon.ResmonCfg [2012-12-05 14:30:16 | 000,962,934 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2012-12-02 18:19:27 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini [2012-12-02 18:19:26 | 012,067,328 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys [2012-12-02 18:19:26 | 000,025,472 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys [2012-12-02 18:19:25 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll [2012-11-19 12:32:38 | 001,641,044 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [color=#E56717:6f7a66360a]========== ZeroAccess Check ==========[/color:6f7a66360a] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-08-21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-08-21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-08-21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717:6f7a66360a]========== LOP Check ==========[/color:6f7a66360a] [2012-11-20 17:40:31 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\Hard Disk Sentinel [2012-12-08 08:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\OnlineArmor [2013-01-27 18:47:45 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\SystemRequirementsLab [2012-11-19 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\TuneUp Software [color=#E56717:6f7a66360a]========== Purity Check ==========[/color:6f7a66360a] [color=#E56717:6f7a66360a]========== Custom Scans ==========[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< services.* >[/color:6f7a66360a] [2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009-07-14 06:08:49 | 000,031,404 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012-11-19 14:09:37 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [color=#A23BEC:6f7a66360a]< explorer.exe >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< winlogon.exe >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< Userinit.exe >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< svchost.exe >[/color:6f7a66360a] [color=#E56717:6f7a66360a]========== Base Services ==========[/color:6f7a66360a] SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:25:40 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-11-17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem) SRV - [2009-07-14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-07-04 23:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-06-02 06:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc) SRV - [2012-06-02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp) SRV - [2010-11-20 13:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-03-03 07:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv) SRV - [2009-07-14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent) No service found with a name of MsMpSvc No service found with a name of NisSrv SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm) SRV - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-10-03 18:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-05-24 12:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-02-11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-11-17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage) No service found with a name of EMDMgmt SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2011-11-17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection) SRV - [2010-11-20 13:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection) No service found with a name of slsvc SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv) SRV - [2010-11-20 13:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-05-01 06:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver) SRV - [2010-11-20 13:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-08-21 14:09:40 | 000,219,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2012-06-02 23:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2009-07-14 02:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc) SRV:[b:6f7a66360a]64bit:[/b:6f7a66360a] - [2010-11-20 14:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation) [color=#E56717:6f7a66360a]========== Drive Information ==========[/color:6f7a66360a] Physical Drives --------------- Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media Interface type: IDE Media Type: Fixed hard disk media Model: HTS721010G9SA00 ATA Device Partitions: 1 Status: OK Status Info: 0 Partitions --------------- DeviceID: Disk #0, Partition #0 PartitionType: Installable File System Bootable: True BootPartition: True PrimaryPartition: True Size: 93,00GB Starting Offset: 105906176 Hidden sectors: 0 [color=#A23BEC:6f7a66360a]< %SYSTEMDRIVE%\*.exe >[/color:6f7a66360a] [2013-01-30 11:20:55 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe [2013-01-30 11:20:55 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe [color=#A23BEC:6f7a66360a]< %SYSTEMDRIVE%\*.* >[/color:6f7a66360a] [2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2012-11-19 09:14:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-12-10 10:16:56 | 000,007,088 | ---- | M] () -- C:\bootsqm.dat [2013-01-30 12:02:12 | 2414,436,352 | -HS- | M] () -- C:\hiberfil.sys [2013-01-30 12:02:16 | 3219,251,200 | -HS- | M] () -- C:\pagefile.sys [2013-01-30 11:20:55 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe [2013-01-30 11:20:55 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe [color=#A23BEC:6f7a66360a]< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %systemroot%\*. /mp /s >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %systemroot%\system32\*.sys /90 >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %systemroot%\system32\*.dll /lockedfiles >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %systemroot%\Tasks\*.job /lockedfiles >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %systemroot%\system32\*.exe /lockedfiles >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %systemroot%\System32\config\*.sav >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< %PROGRAMFILES%\* >[/color:6f7a66360a] [2009-07-14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC:6f7a66360a]< %USERPROFILE%\..|smtmp;true;true;true /FP >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color:6f7a66360a] [color=#A23BEC:6f7a66360a]< hklm\software\clients\startmenuinternet|command /rs >[/color:6f7a66360a] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013-01-19 08:29:46 | 000,866,360 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013-01-19 08:29:46 | 000,866,360 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013-01-19 08:29:46 | 000,866,360 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-01-19 08:29:46 | 000,917,400 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla

anoniem · 30 januari 2013

En hierbij de Extras.txt: OTL Extras logfile created on: 30-1-2013 19:09:03 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jos H\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,22% Memory free 5,99 Gb Paging File | 4,54 Gb Available in Paging File | 75,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 93,06 Gb Total Space | 63,45 Gb Free Space | 68,18% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jos H | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:c07202e475]========== Extra Registry (SafeList) ==========[/color:c07202e475] [color=#E56717:c07202e475]========== File Associations ==========[/color:c07202e475] [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717:c07202e475]========== Shell Spawning ==========[/color:c07202e475] [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717:c07202e475]========== Security Center Settings ==========[/color:c07202e475] [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "FirewallOverride" = 1 "UpdatesDisableNotify" = 0 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717:c07202e475]========== System Restore Settings ==========[/color:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717:c07202e475]========== Firewall Settings ==========[/color:c07202e475] [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b:c07202e475]64bit:[/b:c07202e475] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 1 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717:c07202e475]========== Authorized Applications List ==========[/color:c07202e475] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\32788R22FWJFW\EN-US\iexplore.exe" = C:\32788R22FWJFW\EN-US\iexplore.exe:*:Enabled:ipsec "C:\Program Files (x86)\SpeedFan\speedfan.exe" = C:\Program Files (x86)\SpeedFan\speedfan.exe:*:Enabled:ipsec -- (Almico Software (www.almico.com)) "C:\32788R22FWJFW\EN-US\iexplore.exe" = C:\32788R22FWJFW\EN-US\iexplore.exe:*:Enabled:ipsec "C:\Program Files (x86)\SpeedFan\speedfan.exe" = C:\Program Files (x86)\SpeedFan\speedfan.exe:*:Enabled:ipsec -- (Almico Software (www.almico.com)) [color=#E56717:c07202e475]========== Vista Active Open Ports Exception List ==========[/color:c07202e475] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02819E2D-B857-47D8-9DA4-33B82AA41166}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | "{039EDDDA-E038-4E48-9A97-5DB783EB2EA9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{03C348AC-A66E-4AA4-8FCF-F1F784260420}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | "{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | "{0D78FFDC-D4B2-4AE1-8635-DBAAD3B14F3A}" = lport=2869 | protocol=6 | dir=in | app=system | "{18D87F76-542A-446D-8D13-77242A67F413}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1AC7BDB3-2034-4D4D-8DBC-20412046B203}" = lport=138 | protocol=17 | dir=in | app=system | "{206D99CD-C72B-4787-8556-A3F1C35A7445}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{231FE20F-E332-4CB2-B126-16F7D534B9B0}" = lport=137 | protocol=17 | dir=in | app=system | "{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{266D27B0-A7DA-46B4-95BD-17FD3F29ADE8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | "{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3775FB7E-CB17-4043-A34C-8C5BB86F3B7D}" = lport=445 | protocol=6 | dir=in | app=system | "{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{451FA336-F24E-44DE-96F1-2B2CE5755539}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{4D0AF16F-D26C-4592-A9D5-EDB315BDBE22}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | "{5DA85C2D-69D9-459E-A4ED-3230254081DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{625A5AE8-CDC0-4CD5-AD17-6E3F378E2785}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | "{67CFDA3A-C16E-4D8F-A4F6-2E6C8CC071DF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7460E2D0-98E3-4CF2-BF14-DF8E8392B2CA}" = lport=138 | protocol=17 | dir=in | app=system | "{773A6AF6-5F0B-4204-8AF7-2D72ABBBE1AB}" = lport=139 | protocol=6 | dir=in | app=system | "{79291E3C-6F83-4117-BDD3-5D07D62BD50E}" = rport=10243 | protocol=6 | dir=out | app=system | "{7AAF0500-A92C-4791-8416-25E391962CE4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7B402CFA-B748-4EC6-97F7-139E0CFBFF72}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | "{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{98FE121D-25EE-4944-873E-7BB94CA2658C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9D869234-9815-4641-B296-1359A3F48A46}" = rport=445 | protocol=6 | dir=out | app=system | "{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | "{B947F223-8640-4038-83B4-E17E990C726B}" = rport=138 | protocol=17 | dir=out | app=system | "{BA47C022-2076-4CE3-A68D-96011690DF7C}" = rport=139 | protocol=6 | dir=out | app=system | "{BC332F5F-33E3-4F71-ADB0-28108346F945}" = lport=137 | protocol=17 | dir=in | app=system | "{BD21A340-B50F-4B31-B559-7B328A1941C0}" = lport=445 | protocol=6 | dir=in | app=system | "{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | "{C1DFA2D2-AE9A-4054-892E-341FC861501F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | "{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C9DCC64F-CFE7-4428-9A8E-0C21D99DE081}" = rport=445 | protocol=6 | dir=out | app=system | "{CA8A6B74-2B80-4462-8A36-DFD7EE43AB97}" = rport=138 | protocol=17 | dir=out | app=system | "{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D6E72862-682E-4B9D-AF81-8BD9EE598A60}" = rport=137 | protocol=17 | dir=out | app=system | "{D75DB104-E865-495B-8233-361A52F8E0FF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D77F23B9-81B5-46DF-B165-40CB47F75C04}" = lport=139 | protocol=6 | dir=in | app=system | "{DDBA2BFE-AA08-410D-BA69-B494AE038CE4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EC9FD19F-2543-41FF-8882-B98EBF87DC16}" = lport=10243 | protocol=6 | dir=in | app=system | "{F09D12FC-58B9-45D0-A9D0-F1704723636C}" = rport=139 | protocol=6 | dir=out | app=system | "{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | "{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FCFD3B66-A0DE-4D83-B806-937933C1894A}" = rport=137 | protocol=17 | dir=out | app=system | [color=#E56717:c07202e475]========== Vista Active Application Exception List ==========[/color:c07202e475] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0715B05E-42C2-4028-90EF-AB5E44DDFCA1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0A9BA2CA-397D-46D7-AA61-5277AF75F360}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1986A1C4-D7CD-42D4-8FE9-1AB91E83C625}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{1BFB3C46-8EF0-4176-8859-2B1D83878970}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{235A1715-388E-4E69-B2BB-F7D8A0A03CDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2931F067-CB9D-46CE-833C-DA16162137F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2A987F88-53CB-41A0-9D66-C32DDFF4169E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2FE62BD9-E198-46B1-9B99-76700CEF3CB8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{30717933-426C-4C87-B0FB-4A8422956E3F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{32DC5DBA-1E96-443C-8726-870263447272}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3330E046-2606-477A-ACD7-59FA8C118DF6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{507CD5BD-FDF7-4116-A592-D8452FBB31EF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{58742052-4F8C-469C-A26C-2DAF2679C1C8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{58934707-FD88-4701-A5E9-EAF314A624C8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{61C5EC67-8494-4237-92B7-4A9044DBDEE0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7F995B7D-A05C-446D-9694-BA6001B4CE65}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{83F179BD-0497-474D-97CC-E0459D845D0F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{93910212-53F0-436F-B663-D369F2148B5F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9BDDD7E5-7594-4192-A095-6C749422488A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A4B0A3BF-52C5-4B23-90A8-D56DB94D5DFD}" = protocol=6 | dir=out | app=system | "{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AD3A7E81-7163-466F-96D8-C90B54A51B93}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BB794CF1-32E2-4DBD-87EE-75E30DE6FA65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | "{BCC2077D-1396-4691-8909-B23A663CDACA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{C1A10BDE-20AA-426D-95FE-30B3C469F309}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{C99E9C9E-C0BF-4203-AC8D-061050A7D2ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DE2FCDEB-1CE9-4B87-80D9-E8B2B66111E3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EF2FCFC1-189F-4FBF-8C1A-1995CC2C07D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{EE498E48-1C30-4448-ACBA-0061B6FF0979}C:\windows\syswow64\rundll32.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\rundll32.exe | "UDP Query User{05CBA4B1-02A4-47FF-B344-5DF1E5850FE6}C:\windows\syswow64\rundll32.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\rundll32.exe | [color=#E56717:c07202e475]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:c07202e475] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010 "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "2AAF31169678BA1C4809F99E9A7AD20389F922AA" = Windows-stuurprogrammapakket - Intel (NETwNx64) net (09/30/2012 15.3.1.2) "38F140F0BC3A26BAD127CAF77DF58B2C8737DEFE" = Windows-stuurprogrammapakket - Intel net (09/30/2012 15.3.1.2) "51D6BB49B8BBE406DF6F39E05F7FC407B492593F" = Windows-stuurprogrammapakket - Intel net (10/07/2010 13.4.0.139) "CA9BFE2C91E4B3C985B5BE22DA99BDFCC97DF105" = Windows-stuurprogrammapakket - Intel (NETwLx64) net (10/07/2010 13.4.0.139) "CCleaner" = CCleaner "ECC2978FE61566103F43F498FBE2377E39AF25B0" = Windows-stuurprogrammapakket - Intel net (01/22/2012 14.3.2.1) "FEAD5CC490EEA9B9BEAC60BBC1A3515147737742" = Windows-stuurprogrammapakket - Intel (NETwNx64) net (01/22/2012 14.3.2.1) "LSI Soft Modem" = LSI HDA Modem "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202) "{86107E2D-DFB9-46BC-99ED-07EACAEE0923}" = G Data InternetSecurity 2013 COMPUTER!TOTAAL Edition "{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010 "{90140000-0015-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010 "{90140000-0016-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010 "{90140000-0018-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010 "{90140000-0019-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010 "{90140000-001A-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010 "{90140000-001B-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0413-1000-0000000FF1CE}_Office14.PROPLUSR_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010 "{90140000-002C-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010 "{90140000-0044-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010 "{90140000-006E-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010 "{90140000-00A1-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010 "{90140000-00BA-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Nederlands "{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "FileHippo.com" = FileHippo.com Update Checker "LastPass" = LastPass(alleen deïnstalleren) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Mozilla Firefox 18.0.1 (x86 nl)" = Mozilla Firefox 18.0.1 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MyTomTom" = MyTomTom 3.2.0.802 "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "Picasa 3" = Picasa 3 "Secunia PSI" = Secunia PSI (3.0.0.4001) "SpeedFan" = SpeedFan (remove only) [color=#E56717:c07202e475]========== Last 20 Event Log Errors ==========[/color:c07202e475] [ Application Events ] Error - 30-1-2013 2:25:32 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 2:38:17 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 2:40:35 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 2:40:59 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:34:22 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:34:22 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:36:41 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:37:10 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 4:23:16 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 4:24:58 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. [ Media Center Events ] Error - 24-11-2012 3:56:33 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 8:56:33 - Fout bij verbinden met internet. 8:56:33 - Kan geen contact maken met server.. Error - 25-11-2012 2:53:57 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 7:53:57 - Fout bij verbinden met internet. 7:53:57 - Kan geen contact maken met server.. Error - 25-11-2012 2:54:44 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 7:54:03 - Fout bij verbinden met internet. 7:54:03 - Kan geen contact maken met server.. Error - 25-11-2012 3:55:06 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 8:55:06 - Fout bij verbinden met internet. 8:55:06 - Kan geen contact maken met server.. Error - 25-11-2012 3:55:23 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 8:55:12 - Fout bij verbinden met internet. 8:55:12 - Kan geen contact maken met server.. Error - 25-11-2012 4:55:35 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 9:55:35 - Fout bij verbinden met internet. 9:55:35 - Kan geen contact maken met server.. Error - 25-11-2012 4:55:52 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 9:55:41 - Fout bij verbinden met internet. 9:55:41 - Kan geen contact maken met server.. Error - 25-11-2012 5:56:32 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 10:56:31 - Fout bij verbinden met internet. 10:56:31 - Kan geen contact maken met server.. Error - 25-11-2012 5:56:50 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 10:56:37 - Fout bij verbinden met internet. 10:56:37 - Kan geen contact maken met server.. [ System Events ] Error - 30-1-2013 3:36:55 | Computer Name = Laptop | Source = Service Control Manager | ID = 7001 Description = De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart: %%1068 Error - 30-1-2013 4:22:56 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Msmq Listener Adapter-service is afhankelijk van deze service: msmq. Deze service is mogelijk niet geïnstalleerd. Error - 30-1-2013 4:22:56 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Pipe Listener Adapter-service is afhankelijk van deze service: was. Deze service is mogelijk niet geïnstalleerd. Error - 30-1-2013 4:22:56 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Tcp Listener Adapter-service is afhankelijk van deze service: was. Deze service is mogelijk niet geïnstalleerd. Error - 30-1-2013 4:23:27 | Computer Name = Laptop | Source = Service Control Manager | ID = 7024 Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout %%-2147023143. Error - 30-1-2013 7:02:24 | Computer Name = Laptop | Source = ACPI | ID = 327693 Description = : de EC (embedded controller) heeft niet binnen de opgegeven time-outperiode gereageerd. Dit kan duiden op een fout in de EC-hardware of -firmware, of dat de BIOS op een onjuiste manier toegang de EC probeert te krijgen. U dient de fabrikant van uw computer om een bijgewerkte BIOS te vragen. In sommige situaties kan deze fout leiden tot problemen met de computer. Error - 30-1-2013 7:02:38 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Msmq Listener Adapter-service is afhankelijk van deze service: msmq. Deze service is mogelijk niet geïnstalleerd. Error - 30-1-2013 7:02:38 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Pipe Listener Adapter-service is afhankelijk van deze service: was. Deze service is mogelijk niet geïnstalleerd. Error - 30-1-2013 7:02:38 | Computer Name = Laptop | Source = Service Control Manager | ID = 7001 Description = De Net.Tcp Listener Adapter-service is afhankelijk van de Net.Tcp Port Sharing Service-service, die vanwege de volgende fout niet kan worden gestart: %%1058 Error - 30-1-2013 7:04:13 | Computer Name = Laptop | Source = Service Control Manager | ID = 7022 Description = De G Data Personal Firewall-service is bij het starten vastgelopen. < End of report >

anoniem · 30 januari 2013

Hallo Jos, wat is het merk en type PC wat jij gebruikt. Want zo te lezen dient het Bios opgewaardeerd te worden! [b:2b042e7995]Sluit voordat [color=#008000:2b042e7995]OTL[/color:2b042e7995] de fix gaat doen, eerst alle andere openstaande vensters![/b:2b042e7995] [list:2b042e7995][*:2b042e7995][b:2b042e7995][color=#0000FF:2b042e7995]Windows 2000[/color:2b042e7995][/b:2b042e7995] en [color=#0000FF:2b042e7995][b:2b042e7995]Windows XP[/b:2b042e7995][/color:2b042e7995]: dubbelklik op [color=#008000:2b042e7995][b:2b042e7995]OTL.exe[/b:2b042e7995][/color:2b042e7995]. [*:2b042e7995][color=#0000FF:2b042e7995][b:2b042e7995]Windows Vista[/b:2b042e7995][/color:2b042e7995], [color=#0000FF:2b042e7995][b:2b042e7995]Windows 7[/b:2b042e7995][/color:2b042e7995] en [color=#0000FF:2b042e7995][b:2b042e7995]Windows 8[/b:2b042e7995][/color:2b042e7995]: via rechtsklik op [color=#008000:2b042e7995][b:2b042e7995]OTL.exe[/b:2b042e7995][/color:2b042e7995] en kies voor "Als Administrator uitvoeren". [list:2b042e7995][*:2b042e7995][b:2b042e7995][color=#008000:2b042e7995]Kopieer en plak de volgende (vetgedrukte,[/color:2b042e7995] [color=#0000FF:2b042e7995]blauwe tekst[/color:2b042e7995][color=#008000:2b042e7995]) in het kader onder [/color:2b042e7995][/b:2b042e7995][img:2b042e7995]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:2b042e7995][/list:u:2b042e7995][/list:u:2b042e7995] [b:2b042e7995][color=#0000FF:2b042e7995] :OTL [2012-11-19 11:38:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Extensions [2013-01-30 19:02:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions [2012-12-15 05:46:56 | 000,363,832 | ---- | M] () (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\smarterwiki@wikiatic.com.xpi [2012-11-23 15:15:15 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-19 08:29:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions MsConfig:64bit - StartUpReg: @OnlineArmor GUI - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DriverMax - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DriverMax_RESTART - hkey= - key= - File not found MsConfig:64bit - StartUpReg: OODefragTray - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Sysinternals Desktops - hkey= - key= - File not found [2012-12-08 08:44:51 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\OnlineArmor :Services :Reg :Files ipconfig /flushdns /c C:\Users\Jos H\AppData\Roaming\OnlineArmor :Commands [purity] [emptytemp] [resethosts] [emptyjava] [emptyflash] [createrestorepoint] [reboot][/color:2b042e7995][/b:2b042e7995] [list:2b042e7995][*:2b042e7995]Klik daarna bovenaan op [img:2b042e7995]http://www.imgdumper.nl/uploads5/4f911cee9de47/4f911cee9da59-OTL-4.png[/img:2b042e7995] [*:2b042e7995]Laat het programma ongestoord zijn werk doen. [*:2b042e7995][color=#FF0000:2b042e7995][b:2b042e7995]OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.[/b:2b042e7995][/color:2b042e7995] [*:2b042e7995]Klik op [b:2b042e7995]OK[/b:2b042e7995] [*:2b042e7995]Na het opnieuw opstarten wordt enkel een nieuw log geopend. [*:2b042e7995]Post via kopiëren en plakken de inhoud van dat OTL-scanlog.[/list:u:2b042e7995]

anoniem · 31 januari 2013

OTL de fix laten doen; ik ben nu echter wel Last Pass kwijt (in Firefox). Hoe krijg ik die weer terug? Het is een BTO Laptop (aanschafdatum 25-5-2007): BTO 15W23+ notebook 15,4 inch WSXGA + TFT Ik heb al even op de support site van BTO gekeken maar kan hem niet vinden; http://www.btodownloads.nl/index.php?dir= Hierbij het logbestand: All processes killed ========== OTL ========== C:\Users\Jos H\AppData\Roaming\mozilla\Extensions folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\META-INF folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\chrome folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\WINNT_x86_64-msvc\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\WINNT_x86_64-msvc folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Linux_x86_64-gcc3\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Linux_x86_64-gcc3 folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Linux_x86-gcc3\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Linux_x86-gcc3 folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Darwin_x86_64-gcc3\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Darwin_x86_64-gcc3 folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Darwin\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform\Darwin folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\platform folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\defaults\preferences folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\defaults folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com\chrome folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\defaults\preferences folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\defaults folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\components folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\skin folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\zh-TW folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\zh-CN folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\tr folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\sv folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\sk folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\ru folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\pt folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\pl folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\nl folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\ms folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\lv folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\lt folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\ko folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\it folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\hu folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\hr folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\he folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\fr folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\fa folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\eu folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\es folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\en folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\el folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\de folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\da folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\cs folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale\ar folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\locale folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\content\rules folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\content\code folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome\content folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org\chrome folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\https-everywhere@eff.org folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\2020Player_IKEA@2020Technologies.com\plugins folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\2020Player_IKEA@2020Technologies.com\META-INF folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\2020Player_IKEA@2020Technologies.com folder moved successfully. C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions folder moved successfully. File C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\smarterwiki@wikiatic.com.xpi not found. File C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found. C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}\Components folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}\chrome folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\@OnlineArmor GUI\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DriverMax\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\DriverMax_RESTART\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\OODefragTray\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Sysinternals Desktops\ not found. C:\Users\Jos H\AppData\Roaming\OnlineArmor folder moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== [color=#A23BEC:444873c73c]< ipconfig /flushdns /c >[/color:444873c73c] Windows IP-configuratie De DNS-omzettingscache is leeggemaakt. C:\Users\Jos H\Desktop\cmd.bat deleted successfully. C:\Users\Jos H\Desktop\cmd.txt deleted successfully. File\Folder C:\Users\Jos H\AppData\Roaming\OnlineArmor not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 58264 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Jos H ->Temp folder emptied: 10292756 bytes ->Temporary Internet Files folder emptied: 38316 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 65960916 bytes ->Flash cache emptied: 58792 bytes User: Public ->Temp folder emptied: 0 bytes User: SysinternalsSuite ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4256 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 73,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYJAVA] User: All Users User: Default User: Default User User: Jos H ->Java cache emptied: 0 bytes User: Public User: SysinternalsSuite Total Java Files Cleaned = 0,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Jos H ->Flash cache emptied: 0 bytes User: Public User: SysinternalsSuite Total Flash Files Cleaned = 0,00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 01312013_070302 Files\Folders moved on Reboot... C:\Users\Jos H\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...

anoniem · 31 januari 2013

Vreemd dat LastPass dan onder noname in FF stond. Normaal zijn dat juist dubieuze invoegingen! Maar ga naar https://addons.mozilla.org/nl/firefox/addon/lastpass-password-manager/ dan is LastPass zo weer in FF beschikbaar. Op deze wijze overigens, heb je geen LastPass in Windows nodig!

anoniem · 31 januari 2013

Dank voor je reactie; Last Pass staat weer in Firefox . Is het logbestand van OTL goed? Moet er verder nog iets uitgevoerd worden? Moet de BIOS vervangen worden? Ik kon geen nieuwere BIOS vinden op de website van de fabrikant (zie ook vorige posting).

anoniem · 31 januari 2013

Dit was de foutmelding die OTL gaf: "Error - 30-1-2013 7:02:24 | Computer Name = Laptop | Source = ACPI | ID = 327693 Description = : de EC (embedded controller) heeft niet binnen de opgegeven time-outperiode gereageerd. Dit kan duiden op een fout in de EC-hardware of -firmware, of dat de BIOS op een onjuiste manier toegang de EC probeert te krijgen. U dient de fabrikant van uw computer om een bijgewerkte BIOS te vragen. In sommige situaties kan deze fout leiden tot problemen met de computer. '. Wat is het merk en de typeaanduiding van jouw notebook?

anoniem · 31 januari 2013

Het is een BTO Laptop (aanschafdatum 25-5-2007): BTO 15W23+ notebook 15,4 inch WSXGA + TFT Ik heb al even op de support site van BTO gekeken maar kan hem niet vinden; http://www.btodownloads.nl/index.php?dir=

anoniem · 31 januari 2013

Ik heb daar op 15W23 gezocht en ttoen kwam deze link naar voren: http://www.btodownloads.nl/index.php?dir=Notebooks%20%28Drivers%29/1.%20VORIGE%20MODELLEN%20-%20PREVIOUS%20MODELS/15W12%20-%2015W23%20%28HEL81-HEL80%29/BIOS/ Ik ben Dell gewend en dat BTO-gedoe vind ik min of meer amateuristisch!

anoniem · 31 januari 2013

Dank voor je antwoord. Hoe kan ik het BIOS vervangen/installeren? Ik heb dit nog niet eerder gedaan.

anoniem · 31 januari 2013

Ik denk dat je daarover eerst met BTO zelf contact zoekt. Want via https://www.google.nl/search?q=bto+15W23+biosupdate&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:nl:unofficial&client=firefox-aurora wordt ik ook niet wijzer!

anoniem · 31 januari 2013

Ik heb een batch bestand uitgevoerd maar weet niet zeker of ik het BIOS nu vervangen heb. Kan ik OTL nog een keer laten scannen om te zien of de foutmelding nu weg is? Zo ja, met welke opties?

anoniem · 31 januari 2013

Doe het volgende: [color=#FF0000:426bdda079][b:426bdda079]Stap •1•[/b:426bdda079][/color:426bdda079] Start OTL en klik dan op de knop [b:426bdda079]CleanUp[/b:426bdda079]. [list:426bdda079][*:426bdda079]OTL zal ondrzoeken of er nog een tool of log opgeruimd moet worden. [*:426bdda079]Na een reboot is dan OTL ook opgeruimd.[/list:u:426bdda079] [color=#FF0000:426bdda079][b:426bdda079]Stap •2•[/b:426bdda079][/color:426bdda079] [b:426bdda079]Welk programma[/b:426bdda079]: [color=#008000:426bdda079][b:426bdda079]OTL.exe[/b:426bdda079][/color:426bdda079] [b:426bdda079]Waarvoor/waarom[/b:426bdda079]: multifunktioneel tool - analyse en fix [b:426bdda079]Moeilijkheidsgraad[/b:426bdda079]: geen. [b:426bdda079]Download[/b:426bdda079]: [url=http://oldtimer.geekstogo.com/OTL.exe][b:426bdda079][color=red:426bdda079]OTL.exe[/color:426bdda079][/b:426bdda079][/url] en plaats het bestand op het bureaublad. [b:426bdda079]Sluit voordat [color=#008000:426bdda079]OTL.exe[/color:426bdda079] gaat scannen, eerst alle andere openstaande vensters![/b:426bdda079] [b:426bdda079][color=#008000:426bdda079]OTL.exe[/color:426bdda079] gebruiken[/b:426bdda079]: [list:426bdda079][*:426bdda079] [b:426bdda079][color=#FF0000:426bdda079]Sluit nu eerst alle nog openstaande programmavensters![/color:426bdda079][/b:426bdda079] [list:426bdda079][*:426bdda079][b:426bdda079][color=#0000FF:426bdda079]Windows 2000[/color:426bdda079][/b:426bdda079] en [color=#0000FF:426bdda079][b:426bdda079]Windows XP[/b:426bdda079][/color:426bdda079]: dubbelklik op [color=#008000:426bdda079][b:426bdda079]OTL.exe[/b:426bdda079][/color:426bdda079]. [*:426bdda079][color=#0000FF:426bdda079][b:426bdda079]Windows Vista[/b:426bdda079][/color:426bdda079], [color=#0000FF:426bdda079][b:426bdda079]Windows 7[/b:426bdda079][/color:426bdda079] en [color=#0000FF:426bdda079][b:426bdda079]Windows 8[/b:426bdda079][/color:426bdda079]: via rechtsklik op [color=#008000:426bdda079][b:426bdda079]OTL.exe[/b:426bdda079][/color:426bdda079] en kies voor "Als Administrator uitvoeren".[/list:u:426bdda079][/list:u:426bdda079] [list:426bdda079][*:426bdda079]Zet een vinkje bij [color=#0000FF:426bdda079][b:426bdda079]Scan All Users[/b:426bdda079][/color:426bdda079], [color=#0000FF:426bdda079][b:426bdda079]LOP Check[/b:426bdda079][/color:426bdda079] en bij [color=#0000FF:426bdda079][b:426bdda079]PURITY Check[/b:426bdda079][/color:426bdda079]. [*:426bdda079]Klik vervolgens op de knop [img:426bdda079]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:426bdda079]. [*:426bdda079]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef. [*:426bdda079]De scan zal niet heel erg lang duren. [list:426bdda079][*:426bdda079]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:426bdda079]OTL.Txt[/b:426bdda079] en [b:426bdda079]Extras.txt[/b:426bdda079]. [*:426bdda079]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:426bdda079] [*:426bdda079][color=#008000:426bdda079][b:426bdda079]Notabene:[/b:426bdda079][/color:426bdda079] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:426bdda079]

anoniem · 31 januari 2013

Hierbij het logbestand; ben benieuwd of het BIOS veranderd is: OTL logfile created on: 31-1-2013 17:57:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jos H\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,80% Memory free 5,99 Gb Paging File | 4,59 Gb Available in Paging File | 76,62% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 93,06 Gb Total Space | 61,95 Gb Free Space | 66,57% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jos H | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:babc468eda]========== Processes (SafeList) ==========[/color:babc468eda] PRC - [2013-01-31 17:17:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-09-24 13:46:16 | 000,656,480 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2012-09-17 04:24:10 | 000,995,352 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2012-08-23 14:46:08 | 001,542,680 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [color=#E56717:babc468eda]========== Modules (No Company Name) ==========[/color:babc468eda] [color=#E56717:babc468eda]========== Services (SafeList) ==========[/color:babc468eda] SRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-04-01 12:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-12-02 23:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-01-19 08:29:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-18 13:25:33 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-09-24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2012-09-24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2012-08-30 04:06:20 | 002,011,568 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2012-08-23 14:46:08 | 001,542,680 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2012-06-04 10:50:22 | 001,766,464 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:babc468eda]========== Driver Services (SafeList) ==========[/color:babc468eda] DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-12-06 16:29:31 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-12-05 14:08:21 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-12-05 14:08:20 | 000,126,880 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-12-05 14:08:19 | 000,054,176 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-12-05 14:08:16 | 000,064,416 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-12-05 12:51:20 | 000,060,320 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-11-19 12:24:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-11-19 12:24:26 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-11-19 12:24:26 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-11-19 12:24:26 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-11-19 12:24:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-10-18 11:12:06 | 001,111,856 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-10-06 14:26:46 | 000,766,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-09-18 11:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-09-18 11:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2011-12-16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2011-10-20 11:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2010-11-20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2010-10-07 12:11:52 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwLv64.sys -- (NETwLv64) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2010-08-16 16:26:42 | 007,442,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwLx64.sys -- (NETwLx64) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2010-03-15 20:14:08 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2010-01-23 22:00:56 | 000,132,608 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-07-14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2008-02-13 11:35:46 | 012,379,136 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2007-12-11 16:38:04 | 000,021,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtmTempSense.sys -- (EtmTempSense) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2007-08-15 14:20:22 | 000,088,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EMS7SK.sys -- (EMSCR) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2007-08-15 14:20:06 | 000,059,392 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESD7SK.sys -- (ESDCR) DRV:[b:babc468eda]64bit:[/b:babc468eda] - [2007-07-31 08:40:06 | 000,207,488 | ---- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TridVidx64.sys -- (TridVidx64) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-02-13 11:34:50 | 012,067,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD) [color=#E56717:babc468eda]========== Standard Registry (All) ==========[/color:babc468eda] [color=#E56717:babc468eda]========== Internet Explorer ==========[/color:babc468eda] IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 71 C9 B0 E0 E8 CD 01 [binary data] IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:babc468eda]========== FireFox ==========[/color:babc468eda] FF - prefs.js..browser.startup.homepage: "http://www.google.nl/ig?hl=nl" FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129 FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.0 FF - user.js - File not found FF:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-19 08:29:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-19 08:29:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-31 07:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Extensions [2013-01-31 17:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions [2013-01-31 07:40:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-01-31 10:05:56 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com [2013-01-31 17:15:27 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-19 08:29:46 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-10-24 19:30:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-11-21 13:15:15 | 000,002,616 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml [2013-01-09 10:07:17 | 000,002,669 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2012-11-21 13:15:15 | 000,004,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml [2012-11-21 13:15:15 | 000,001,262 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml O1 HOSTS File: ([2013-01-31 07:03:23 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b:babc468eda]64bit:[/b:babc468eda] - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O2:[b:babc468eda]64bit:[/b:babc468eda] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:[b:babc468eda]64bit:[/b:babc468eda] - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O3:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b:babc468eda]64bit:[/b:babc468eda] - Extra context menu item: &Verzenden naar OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:[b:babc468eda]64bit:[/b:babc468eda] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b:babc468eda]64bit:[/b:babc468eda] - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8:[b:babc468eda]64bit:[/b:babc468eda] - Extra context menu item: LastPass - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8:[b:babc468eda]64bit:[/b:babc468eda] - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8 - Extra context menu item: &Verzenden naar OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: LastPass - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O9:[b:babc468eda]64bit:[/b:babc468eda] - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b:babc468eda]64bit:[/b:babc468eda] - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b:babc468eda]64bit:[/b:babc468eda] - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O9:[b:babc468eda]64bit:[/b:babc468eda] - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O9:[b:babc468eda]64bit:[/b:babc468eda] - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b:babc468eda]64bit:[/b:babc468eda] - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O9 - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:babc468eda]64bit:[/b:babc468eda] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.197.28.3 213.197.30.28 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB62B43F-3E62-4B8F-8FC6-23FB31765272}: DhcpNameServer = 213.197.28.3 213.197.30.28 O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\ms-help - No CLSID value found O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:babc468eda]64bit:[/b:babc468eda] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:[b:babc468eda]64bit:[/b:babc468eda] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:babc468eda]64bit:[/b:babc468eda] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b:babc468eda]64bit:[/b:babc468eda] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O21:[b:babc468eda]64bit:[/b:babc468eda] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b:babc468eda]64bit:[/b:babc468eda] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O29:[b:babc468eda]64bit:[/b:babc468eda] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:[b:babc468eda]64bit:[/b:babc468eda] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:[b:babc468eda]64bit:[/b:babc468eda] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:[b:babc468eda]64bit:[/b:babc468eda] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:[b:babc468eda]64bit:[/b:babc468eda] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:[b:babc468eda]64bit:[/b:babc468eda] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:[b:babc468eda]64bit:[/b:babc468eda] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:[b:babc468eda]64bit:[/b:babc468eda] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\..comfile [open] -- "%1" %* O35:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:babc468eda]64bit:[/b:babc468eda] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717:babc468eda]========== Files/Folders - Created Within 30 Days ==========[/color:babc468eda] [2013-01-31 17:17:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe [2013-01-31 14:25:45 | 000,000,000 | ---D | C] -- C:\Users\Jos H\Desktop\HEL80_81 BIOS V119B [2013-01-30 11:57:45 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013-01-30 11:56:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2013-01-30 11:21:51 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs [2013-01-29 09:21:07 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013-01-29 06:44:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013-01-28 13:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013-01-27 19:00:28 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2013-01-27 19:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013-01-27 19:00:02 | 000,000,000 | ---D | C] -- C:\Intel [2013-01-27 18:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2013-01-27 18:47:45 | 000,000,000 | ---D | C] -- C:\Users\Jos H\AppData\Roaming\SystemRequirementsLab [2013-01-27 18:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013-01-27 18:42:31 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-01-27 18:42:31 | 000,780,192 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-01-25 06:19:19 | 000,000,000 | ---D | C] -- C:\Windows\MiniDump [2013-01-22 14:42:00 | 000,000,000 | ---D | C] -- C:\ATISupport [2013-01-19 08:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-01-09 14:36:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2013-01-09 10:22:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-01-09 10:22:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-01-09 10:22:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-01-09 10:22:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-01-09 10:22:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-01-09 10:22:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-01-09 10:22:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-01-09 10:22:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-01-09 10:22:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-01-09 10:22:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-01-09 10:22:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-01-09 10:22:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-01-09 10:22:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-01-09 10:22:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-01-09 10:22:28 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-01-09 10:22:28 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-01-09 10:22:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-01-09 10:22:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-01-09 10:22:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-01-09 10:22:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-01-09 10:22:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-01-09 10:22:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-01-09 10:22:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-01-09 10:22:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-01-09 10:22:27 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-01-09 10:22:27 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-01-09 10:22:27 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-01-09 10:22:27 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-01-09 10:22:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-01-09 10:22:10 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-01-09 10:22:09 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-01-09 10:22:09 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-01-09 10:22:09 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-01-09 10:22:09 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-01-09 10:22:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-01-09 10:22:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-01-09 10:22:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-01-09 10:22:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 10:22:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-01-09 10:22:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-01-09 10:22:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013-01-09 10:22:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-01-09 10:21:55 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 10:21:55 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 10:21:48 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-01-09 10:21:47 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 10:21:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013-01-07 09:19:28 | 000,000,000 | ---D | C] -- C:\Users\Jos H\AppData\Local\O&O [2012-12-23 06:54:30 | 014,794,312 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe [color=#E56717:babc468eda]========== Files - Modified Within 30 Days ==========[/color:babc468eda] [2013-01-31 18:06:21 | 001,663,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-01-31 18:06:21 | 000,743,222 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2013-01-31 18:06:21 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-01-31 18:06:21 | 000,152,382 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2013-01-31 18:06:21 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-01-31 17:25:04 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-31 17:17:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe [2013-01-31 17:15:23 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-31 17:15:23 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-31 17:10:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-31 17:10:01 | 2414,436,352 | -HS- | M] () -- C:\hiberfil.sys [2013-01-31 16:14:47 | 000,964,406 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2013-01-31 16:14:47 | 000,051,625 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2013-01-31 14:17:22 | 001,251,625 | ---- | M] () -- C:\Users\Jos H\Desktop\HEL80_81 BIOS V119B.ZIP [2013-01-31 07:03:23 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2013-01-30 12:02:34 | 000,416,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-30 12:00:42 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013-01-30 11:20:55 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe [2013-01-30 11:20:55 | 000,2

anoniem · 31 januari 2013

Nogmaals OTL.text i.v.m. niet volledig zijn: OTL logfile created on: 31-1-2013 17:57:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jos H\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,80% Memory free 5,99 Gb Paging File | 4,59 Gb Available in Paging File | 76,62% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 93,06 Gb Total Space | 61,95 Gb Free Space | 66,57% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jos H | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:aef16ad70f]========== Processes (SafeList) ==========[/color:aef16ad70f] PRC - [2013-01-31 17:17:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-09-24 13:46:16 | 000,656,480 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2012-09-17 04:24:10 | 000,995,352 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2012-08-23 14:46:08 | 001,542,680 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2012-01-27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [color=#E56717:aef16ad70f]========== Modules (No Company Name) ==========[/color:aef16ad70f] [color=#E56717:aef16ad70f]========== Services (SafeList) ==========[/color:aef16ad70f] SRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-04-01 12:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-12-02 23:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) SRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-01-19 08:29:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-18 13:25:33 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-09-24 13:46:16 | 001,328,736 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2012-09-24 13:46:16 | 000,656,480 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2012-08-30 04:06:20 | 002,011,568 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2012-08-23 14:46:08 | 001,542,680 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2012-06-04 10:50:22 | 001,766,464 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2012-03-29 03:42:28 | 000,470,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2012-01-27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717:aef16ad70f]========== Driver Services (SafeList) ==========[/color:aef16ad70f] DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-12-06 16:29:31 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-12-05 14:08:21 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-12-05 14:08:20 | 000,126,880 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-12-05 14:08:19 | 000,054,176 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-12-05 14:08:16 | 000,064,416 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-12-05 12:51:20 | 000,060,320 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-11-19 12:24:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-11-19 12:24:26 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-11-19 12:24:26 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-11-19 12:24:26 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-11-19 12:24:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-10-18 11:12:06 | 001,111,856 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-10-06 14:26:46 | 000,766,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-09-18 11:32:32 | 000,075,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-09-18 11:32:32 | 000,061,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2011-12-16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2011-10-20 11:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2010-11-20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2010-10-07 12:11:52 | 007,533,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwLv64.sys -- (NETwLv64) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2010-08-16 16:26:42 | 007,442,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwLx64.sys -- (NETwLx64) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2010-03-15 20:14:08 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2010-01-23 22:00:56 | 000,132,608 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-07-14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2008-02-13 11:35:46 | 012,379,136 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2007-12-11 16:38:04 | 000,021,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtmTempSense.sys -- (EtmTempSense) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2007-08-15 14:20:22 | 000,088,064 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EMS7SK.sys -- (EMSCR) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2007-08-15 14:20:06 | 000,059,392 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESD7SK.sys -- (ESDCR) DRV:[b:aef16ad70f]64bit:[/b:aef16ad70f] - [2007-07-31 08:40:06 | 000,207,488 | ---- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TridVidx64.sys -- (TridVidx64) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008-02-13 11:34:50 | 012,067,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD) [color=#E56717:aef16ad70f]========== Standard Registry (All) ==========[/color:aef16ad70f] [color=#E56717:aef16ad70f]========== Internet Explorer ==========[/color:aef16ad70f] IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 71 C9 B0 E0 E8 CD 01 [binary data] IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:aef16ad70f]========== FireFox ==========[/color:aef16ad70f] FF - prefs.js..browser.startup.homepage: "http://www.google.nl/ig?hl=nl" FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129 FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.0.0 FF - user.js - File not found FF:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-19 08:29:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-01-19 08:29:46 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-01-31 07:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Extensions [2013-01-31 17:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions [2013-01-31 07:40:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-01-31 10:05:56 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Jos H\AppData\Roaming\mozilla\Firefox\Profiles\vx95oueb.default\extensions\support@lastpass.com [2013-01-31 17:15:27 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Jos H\AppData\Roaming\mozilla\firefox\profiles\vx95oueb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-19 08:29:46 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-10-24 19:30:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-11-21 13:15:15 | 000,002,616 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml [2013-01-09 10:07:17 | 000,002,669 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml [2012-11-21 13:15:15 | 000,004,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml [2012-11-21 13:15:15 | 000,001,262 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml O1 HOSTS File: ([2013-01-31 07:03:23 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b:aef16ad70f]64bit:[/b:aef16ad70f] - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O2:[b:aef16ad70f]64bit:[/b:aef16ad70f] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:[b:aef16ad70f]64bit:[/b:aef16ad70f] - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O3:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra context menu item: &Verzenden naar OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra context menu item: LastPass - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O8 - Extra context menu item: &Verzenden naar OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: LastPass - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Jos H\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found O9:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O9:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll () O9:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll () O9 - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.197.28.3 213.197.30.28 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB62B43F-3E62-4B8F-8FC6-23FB31765272}: DhcpNameServer = 213.197.28.3 213.197.30.28 O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\ms-help - No CLSID value found O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation) O18:[b:aef16ad70f]64bit:[/b:aef16ad70f] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O21:[b:aef16ad70f]64bit:[/b:aef16ad70f] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O29:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation) O30:[b:aef16ad70f]64bit:[/b:aef16ad70f] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30:[b:aef16ad70f]64bit:[/b:aef16ad70f] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation) O30:[b:aef16ad70f]64bit:[/b:aef16ad70f] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation) O30:[b:aef16ad70f]64bit:[/b:aef16ad70f] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation) O30:[b:aef16ad70f]64bit:[/b:aef16ad70f] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation) O30:[b:aef16ad70f]64bit:[/b:aef16ad70f] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation) O30:[b:aef16ad70f]64bit:[/b:aef16ad70f] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation) O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\..comfile [open] -- "%1" %* O35:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b:aef16ad70f]64bit:[/b:aef16ad70f] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717:aef16ad70f]========== Files/Folders - Created Within 30 Days ==========[/color:aef16ad70f] [2013-01-31 17:17:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe [2013-01-31 14:25:45 | 000,000,000 | ---D | C] -- C:\Users\Jos H\Desktop\HEL80_81 BIOS V119B [2013-01-30 11:57:45 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013-01-30 11:56:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2013-01-30 11:21:51 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs [2013-01-29 09:21:07 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013-01-29 06:44:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013-01-28 13:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013-01-27 19:00:28 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2013-01-27 19:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013-01-27 19:00:02 | 000,000,000 | ---D | C] -- C:\Intel [2013-01-27 18:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2013-01-27 18:47:45 | 000,000,000 | ---D | C] -- C:\Users\Jos H\AppData\Roaming\SystemRequirementsLab [2013-01-27 18:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013-01-27 18:42:31 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-01-27 18:42:31 | 000,780,192 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-01-25 06:19:19 | 000,000,000 | ---D | C] -- C:\Windows\MiniDump [2013-01-22 14:42:00 | 000,000,000 | ---D | C] -- C:\ATISupport [2013-01-19 08:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013-01-09 14:36:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2013-01-09 10:22:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013-01-09 10:22:29 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013-01-09 10:22:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013-01-09 10:22:29 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013-01-09 10:22:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013-01-09 10:22:29 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013-01-09 10:22:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013-01-09 10:22:29 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013-01-09 10:22:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013-01-09 10:22:29 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013-01-09 10:22:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013-01-09 10:22:29 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013-01-09 10:22:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013-01-09 10:22:29 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013-01-09 10:22:28 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013-01-09 10:22:28 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013-01-09 10:22:28 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013-01-09 10:22:28 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013-01-09 10:22:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013-01-09 10:22:28 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013-01-09 10:22:28 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013-01-09 10:22:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013-01-09 10:22:27 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013-01-09 10:22:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013-01-09 10:22:27 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013-01-09 10:22:27 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013-01-09 10:22:27 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013-01-09 10:22:27 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013-01-09 10:22:27 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013-01-09 10:22:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013-01-09 10:22:10 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013-01-09 10:22:09 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013-01-09 10:22:09 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013-01-09 10:22:09 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013-01-09 10:22:09 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013-01-09 10:22:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013-01-09 10:22:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013-01-09 10:22:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013-01-09 10:22:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013-01-09 10:22:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 10:22:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 10:22:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013-01-09 10:22:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013-01-09 10:22:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013-01-09 10:22:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 10:22:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013-01-09 10:22:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013-01-09 10:22:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013-01-09 10:21:55 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-01-09 10:21:55 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-01-09 10:21:48 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013-01-09 10:21:47 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013-01-09 10:21:46 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013-01-07 09:19:28 | 000,000,000 | ---D | C] -- C:\Users\Jos H\AppData\Local\O&O [2012-12-23 06:54:30 | 014,794,312 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe [color=#E56717:aef16ad70f]========== Files - Modified Within 30 Days ==========[/color:aef16ad70f] [2013-01-31 18:06:21 | 001,663,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-01-31 18:06:21 | 000,743,222 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2013-01-31 18:06:21 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-01-31 18:06:21 | 000,152,382 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2013-01-31 18:06:21 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-01-31 17:25:04 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-31 17:17:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jos H\Desktop\OTL.exe [2013-01-31 17:15:23 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-31 17:15:23 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-31 17:10:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-31 17:10:01 | 2414,436,352 | -HS- | M] () -- C:\hiberfil.sys [2013-01-31 16:14:47 | 000,964,406 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2013-01-31 16:14:47 | 000,051,625 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2013-01-31 14:17:22 | 001,251,625 | ---- | M] () -- C:\Users\Jos H\Desktop\HEL80_81 BIOS V119B.ZIP [2013-01-31 07:03:23 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2013-01-30 12:02:34 | 000,416,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-30 12:00:42 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013-01-30 11:20:55 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe [2013-01-30 11:20:55 | 000,290,304 | ---- | M]

anoniem · 31 januari 2013

Sorry, hier het 2e deel (lukt anders niet): [2013-01-30 11:20:55 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe [2013-01-30 11:20:55 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe [2013-01-27 18:42:18 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2013-01-27 18:42:18 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2013-01-18 13:25:31 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-01-18 13:25:31 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-01-17 11:31:19 | 000,048,212 | ---- | M] () -- C:\Users\Jos H\Documents\BTW 4e kwrt.2012.pdf [2013-01-09 10:42:55 | 001,641,044 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-01-08 10:26:43 | 000,007,675 | ---- | M] () -- C:\Users\Jos H\AppData\Local\Resmon.ResmonCfg [color=#E56717:bfa7db97fb]========== Files Created - No Company Name ==========[/color:bfa7db97fb] [2013-01-31 14:17:20 | 001,251,625 | ---- | C] () -- C:\Users\Jos H\Desktop\HEL80_81 BIOS V119B.ZIP [2013-01-30 11:51:07 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe [2013-01-17 11:31:19 | 000,048,212 | ---- | C] () -- C:\Users\Jos H\Documents\BTW 4e kwrt.2012.pdf [2012-12-14 10:09:11 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-LAPTOP-Microsoft-Windows-7-Home-Premium-(64-bits).dat [2012-12-14 08:04:28 | 000,007,675 | ---- | C] () -- C:\Users\Jos H\AppData\Local\Resmon.ResmonCfg [2012-12-05 14:30:16 | 000,964,406 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2012-12-02 18:19:27 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini [2012-12-02 18:19:26 | 012,067,328 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys [2012-12-02 18:19:26 | 000,025,472 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys [2012-12-02 18:19:25 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll [2012-11-19 12:32:38 | 001,641,044 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [color=#E56717:bfa7db97fb]========== ZeroAccess Check ==========[/color:bfa7db97fb] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-08-21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012-08-21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-08-21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717:bfa7db97fb]========== LOP Check ==========[/color:bfa7db97fb] [2012-11-20 17:40:31 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\Hard Disk Sentinel [2013-01-27 18:47:45 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\SystemRequirementsLab [2012-11-19 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\Jos H\AppData\Roaming\TuneUp Software [color=#E56717:bfa7db97fb]========== Purity Check ==========[/color:bfa7db97fb] < End of report >

anoniem · 31 januari 2013

Hierbij de extras text: OTL Extras logfile created on: 31-1-2013 17:57:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jos H\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,80% Memory free 5,99 Gb Paging File | 4,59 Gb Available in Paging File | 76,62% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 93,06 Gb Total Space | 61,95 Gb Free Space | 66,57% Space Free | Partition Type: NTFS Computer Name: LAPTOP | User Name: Jos H | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:20f4b00dab]========== Extra Registry (SafeList) ==========[/color:20f4b00dab] [color=#E56717:20f4b00dab]========== File Associations ==========[/color:20f4b00dab] [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3936649928-4177311411-4009730775-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717:20f4b00dab]========== Shell Spawning ==========[/color:20f4b00dab] [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717:20f4b00dab]========== Security Center Settings ==========[/color:20f4b00dab] [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverride" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "FirewallOverride" = 1 "UpdatesDisableNotify" = 0 "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717:20f4b00dab]========== System Restore Settings ==========[/color:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717:20f4b00dab]========== Firewall Settings ==========[/color:20f4b00dab] [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b:20f4b00dab]64bit:[/b:20f4b00dab] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 1 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717:20f4b00dab]========== Authorized Applications List ==========[/color:20f4b00dab] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\32788R22FWJFW\EN-US\iexplore.exe" = C:\32788R22FWJFW\EN-US\iexplore.exe:*:Enabled:ipsec "C:\Program Files (x86)\SpeedFan\speedfan.exe" = C:\Program Files (x86)\SpeedFan\speedfan.exe:*:Enabled:ipsec -- (Almico Software (www.almico.com)) "C:\32788R22FWJFW\EN-US\iexplore.exe" = C:\32788R22FWJFW\EN-US\iexplore.exe:*:Enabled:ipsec "C:\Program Files (x86)\SpeedFan\speedfan.exe" = C:\Program Files (x86)\SpeedFan\speedfan.exe:*:Enabled:ipsec -- (Almico Software (www.almico.com)) [color=#E56717:20f4b00dab]========== Vista Active Open Ports Exception List ==========[/color:20f4b00dab] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02819E2D-B857-47D8-9DA4-33B82AA41166}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | "{039EDDDA-E038-4E48-9A97-5DB783EB2EA9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{03C348AC-A66E-4AA4-8FCF-F1F784260420}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | "{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | "{0D78FFDC-D4B2-4AE1-8635-DBAAD3B14F3A}" = lport=2869 | protocol=6 | dir=in | app=system | "{18D87F76-542A-446D-8D13-77242A67F413}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1AC7BDB3-2034-4D4D-8DBC-20412046B203}" = lport=138 | protocol=17 | dir=in | app=system | "{206D99CD-C72B-4787-8556-A3F1C35A7445}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{231FE20F-E332-4CB2-B126-16F7D534B9B0}" = lport=137 | protocol=17 | dir=in | app=system | "{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{266D27B0-A7DA-46B4-95BD-17FD3F29ADE8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | "{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3775FB7E-CB17-4043-A34C-8C5BB86F3B7D}" = lport=445 | protocol=6 | dir=in | app=system | "{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{451FA336-F24E-44DE-96F1-2B2CE5755539}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{4D0AF16F-D26C-4592-A9D5-EDB315BDBE22}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | "{5DA85C2D-69D9-459E-A4ED-3230254081DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{625A5AE8-CDC0-4CD5-AD17-6E3F378E2785}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | "{67CFDA3A-C16E-4D8F-A4F6-2E6C8CC071DF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7460E2D0-98E3-4CF2-BF14-DF8E8392B2CA}" = lport=138 | protocol=17 | dir=in | app=system | "{773A6AF6-5F0B-4204-8AF7-2D72ABBBE1AB}" = lport=139 | protocol=6 | dir=in | app=system | "{79291E3C-6F83-4117-BDD3-5D07D62BD50E}" = rport=10243 | protocol=6 | dir=out | app=system | "{7AAF0500-A92C-4791-8416-25E391962CE4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7B402CFA-B748-4EC6-97F7-139E0CFBFF72}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | "{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{98FE121D-25EE-4944-873E-7BB94CA2658C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9D869234-9815-4641-B296-1359A3F48A46}" = rport=445 | protocol=6 | dir=out | app=system | "{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | "{B947F223-8640-4038-83B4-E17E990C726B}" = rport=138 | protocol=17 | dir=out | app=system | "{BA47C022-2076-4CE3-A68D-96011690DF7C}" = rport=139 | protocol=6 | dir=out | app=system | "{BC332F5F-33E3-4F71-ADB0-28108346F945}" = lport=137 | protocol=17 | dir=in | app=system | "{BD21A340-B50F-4B31-B559-7B328A1941C0}" = lport=445 | protocol=6 | dir=in | app=system | "{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | "{C1DFA2D2-AE9A-4054-892E-341FC861501F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | "{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C9DCC64F-CFE7-4428-9A8E-0C21D99DE081}" = rport=445 | protocol=6 | dir=out | app=system | "{CA8A6B74-2B80-4462-8A36-DFD7EE43AB97}" = rport=138 | protocol=17 | dir=out | app=system | "{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D6E72862-682E-4B9D-AF81-8BD9EE598A60}" = rport=137 | protocol=17 | dir=out | app=system | "{D75DB104-E865-495B-8233-361A52F8E0FF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D77F23B9-81B5-46DF-B165-40CB47F75C04}" = lport=139 | protocol=6 | dir=in | app=system | "{DDBA2BFE-AA08-410D-BA69-B494AE038CE4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EC9FD19F-2543-41FF-8882-B98EBF87DC16}" = lport=10243 | protocol=6 | dir=in | app=system | "{F09D12FC-58B9-45D0-A9D0-F1704723636C}" = rport=139 | protocol=6 | dir=out | app=system | "{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | "{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FCFD3B66-A0DE-4D83-B806-937933C1894A}" = rport=137 | protocol=17 | dir=out | app=system | [color=#E56717:20f4b00dab]========== Vista Active Application Exception List ==========[/color:20f4b00dab] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0715B05E-42C2-4028-90EF-AB5E44DDFCA1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0A9BA2CA-397D-46D7-AA61-5277AF75F360}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1986A1C4-D7CD-42D4-8FE9-1AB91E83C625}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{1BFB3C46-8EF0-4176-8859-2B1D83878970}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{235A1715-388E-4E69-B2BB-F7D8A0A03CDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2931F067-CB9D-46CE-833C-DA16162137F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2A987F88-53CB-41A0-9D66-C32DDFF4169E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2FE62BD9-E198-46B1-9B99-76700CEF3CB8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{30717933-426C-4C87-B0FB-4A8422956E3F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{32DC5DBA-1E96-443C-8726-870263447272}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3330E046-2606-477A-ACD7-59FA8C118DF6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{507CD5BD-FDF7-4116-A592-D8452FBB31EF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{58742052-4F8C-469C-A26C-2DAF2679C1C8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{58934707-FD88-4701-A5E9-EAF314A624C8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{61C5EC67-8494-4237-92B7-4A9044DBDEE0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7F995B7D-A05C-446D-9694-BA6001B4CE65}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{83F179BD-0497-474D-97CC-E0459D845D0F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{93910212-53F0-436F-B663-D369F2148B5F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9BDDD7E5-7594-4192-A095-6C749422488A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A4B0A3BF-52C5-4B23-90A8-D56DB94D5DFD}" = protocol=6 | dir=out | app=system | "{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AD3A7E81-7163-466F-96D8-C90B54A51B93}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BB794CF1-32E2-4DBD-87EE-75E30DE6FA65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | "{BCC2077D-1396-4691-8909-B23A663CDACA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{C1A10BDE-20AA-426D-95FE-30B3C469F309}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{C99E9C9E-C0BF-4203-AC8D-061050A7D2ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DE2FCDEB-1CE9-4B87-80D9-E8B2B66111E3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{EF2FCFC1-189F-4FBF-8C1A-1995CC2C07D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{EE498E48-1C30-4448-ACBA-0061B6FF0979}C:\windows\syswow64\rundll32.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\rundll32.exe | "UDP Query User{05CBA4B1-02A4-47FF-B344-5DF1E5850FE6}C:\windows\syswow64\rundll32.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\rundll32.exe | [color=#E56717:20f4b00dab]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:20f4b00dab] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010 "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "2AAF31169678BA1C4809F99E9A7AD20389F922AA" = Windows-stuurprogrammapakket - Intel (NETwNx64) net (09/30/2012 15.3.1.2) "38F140F0BC3A26BAD127CAF77DF58B2C8737DEFE" = Windows-stuurprogrammapakket - Intel net (09/30/2012 15.3.1.2) "51D6BB49B8BBE406DF6F39E05F7FC407B492593F" = Windows-stuurprogrammapakket - Intel net (10/07/2010 13.4.0.139) "CA9BFE2C91E4B3C985B5BE22DA99BDFCC97DF105" = Windows-stuurprogrammapakket - Intel (NETwLx64) net (10/07/2010 13.4.0.139) "CCleaner" = CCleaner "ECC2978FE61566103F43F498FBE2377E39AF25B0" = Windows-stuurprogrammapakket - Intel net (01/22/2012 14.3.2.1) "FEAD5CC490EEA9B9BEAC60BBC1A3515147737742" = Windows-stuurprogrammapakket - Intel (NETwNx64) net (01/22/2012 14.3.2.1) "LSI Soft Modem" = LSI HDA Modem "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202) "{86107E2D-DFB9-46BC-99ED-07EACAEE0923}" = G Data InternetSecurity 2013 COMPUTER!TOTAAL Edition "{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010 "{90140000-0015-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010 "{90140000-0016-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010 "{90140000-0018-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010 "{90140000-0019-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010 "{90140000-001A-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010 "{90140000-001B-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0413-1000-0000000FF1CE}_Office14.PROPLUSR_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010 "{90140000-002C-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010 "{90140000-0044-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010 "{90140000-006E-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010 "{90140000-00A1-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010 "{90140000-00BA-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Nederlands "{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "FileHippo.com" = FileHippo.com Update Checker "LastPass" = LastPass(alleen deïnstalleren) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100 "Mozilla Firefox 18.0.1 (x86 nl)" = Mozilla Firefox 18.0.1 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MyTomTom" = MyTomTom 3.2.0.802 "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "Picasa 3" = Picasa 3 "Secunia PSI" = Secunia PSI (3.0.0.4001) "SpeedFan" = SpeedFan (remove only) [color=#E56717:20f4b00dab]========== Last 20 Event Log Errors ==========[/color:20f4b00dab] [ Application Events ] Error - 30-1-2013 2:25:32 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 2:38:17 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 2:40:35 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 2:40:59 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:34:22 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:34:22 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:36:41 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 3:37:10 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 4:23:16 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Jos H\Desktop\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 30-1-2013 4:24:58 | Computer Name = Laptop | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. [ Media Center Events ] Error - 24-11-2012 3:56:33 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 8:56:33 - Fout bij verbinden met internet. 8:56:33 - Kan geen contact maken met server.. Error - 25-11-2012 2:53:57 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 7:53:57 - Fout bij verbinden met internet. 7:53:57 - Kan geen contact maken met server.. Error - 25-11-2012 2:54:44 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 7:54:03 - Fout bij verbinden met internet. 7:54:03 - Kan geen contact maken met server.. Error - 25-11-2012 3:55:06 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 8:55:06 - Fout bij verbinden met internet. 8:55:06 - Kan geen contact maken met server.. Error - 25-11-2012 3:55:23 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 8:55:12 - Fout bij verbinden met internet. 8:55:12 - Kan geen contact maken met server.. Error - 25-11-2012 4:55:35 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 9:55:35 - Fout bij verbinden met internet. 9:55:35 - Kan geen contact maken met server.. Error - 25-11-2012 4:55:52 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 9:55:41 - Fout bij verbinden met internet. 9:55:41 - Kan geen contact maken met server.. Error - 25-11-2012 5:56:32 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 10:56:31 - Fout bij verbinden met internet. 10:56:31 - Kan geen contact maken met server.. Error - 25-11-2012 5:56:50 | Computer Name = Laptop | Source = MCUpdate | ID = 0 Description = 10:56:37 - Fout bij verbinden met internet. 10:56:37 - Kan geen contact maken met server.. [ System Events ] Error - 31-1-2013 9:55:17 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Msmq Listener Adapter-service is afhankelijk van deze service: msmq. Deze service is mogelijk niet geïnstalleerd. Error - 31-1-2013 9:55:17 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Pipe Listener Adapter-service is afhankelijk van deze service: was. Deze service is mogelijk niet geïnstalleerd. Error - 31-1-2013 9:55:17 | Computer Name = Laptop | Source = Service Control Manager | ID = 7001 Description = De Net.Tcp Listener Adapter-service is afhankelijk van de Net.Tcp Port Sharing Service-service, die vanwege de volgende fout niet kan worden gestart: %%1058 Error - 31-1-2013 9:56:52 | Computer Name = Laptop | Source = Service Control Manager | ID = 7022 Description = De G Data Personal Firewall-service is bij het starten vastgelopen. Error - 31-1-2013 9:56:54 | Computer Name = Laptop | Source = Service Control Manager | ID = 7024 Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout %%-2147023143. Error - 31-1-2013 12:10:16 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Msmq Listener Adapter-service is afhankelijk van deze service: msmq. Deze service is mogelijk niet geïnstalleerd. Error - 31-1-2013 12:10:16 | Computer Name = Laptop | Source = Service Control Manager | ID = 7003 Description = Net.Pipe Listener Adapter-service is afhankelijk van deze service: was. Deze service is mogelijk niet geïnstalleerd. Error - 31-1-2013 12:10:16 | Computer Name = Laptop | Source = Service Control Manager | ID = 7001 Description = De Net.Tcp Listener Adapter-service is afhankelijk van de Net.Tcp Port Sharing Service-service, die vanwege de volgende fout niet kan worden gestart: %%1058 Error - 31-1-2013 12:11:52 | Computer Name = Laptop | Source = Service Control Manager | ID = 7022 Description = De G Data Personal Firewall-service is bij het starten vastgelopen. Error - 31-1-2013 12:11:55 | Computer Name = Laptop | Source = Service Control Manager | ID = 7024 Description = De HomeGroup Listener-service is gestopt met de specifieke servicefout %%-2147023143. < End of report >

anoniem · 31 januari 2013

Geen Biosmelding. [b:678fdfb8b0]Welk programma[/b:678fdfb8b0]: [color=#008000:678fdfb8b0][b:678fdfb8b0]HitmanPro 3.7[/b:678fdfb8b0][/color:678fdfb8b0] [b:678fdfb8b0]Waarvoor/waarom[/b:678fdfb8b0]: Specialistische ondemandscanner om Windows diepgaand te onderzoeken en op te schonen. [b:678fdfb8b0]Moeilijkheidsgraad[/b:678fdfb8b0]: Geen, maar lees alles eerst goed. [b:678fdfb8b0]Downloadlokatie[/b:678fdfb8b0]: Dit programma absoluut naar het bureaublad downloaden! [b:678fdfb8b0]Download [color=#008000:678fdfb8b0]HitmanPro 3.7[/color:678fdfb8b0] als 32- of als 64-bit versie[/b:678fdfb8b0]: [list:678fdfb8b0][*:678fdfb8b0][url=http://dl.surfright.nl/HitmanPro.exe][color=#FF0000:678fdfb8b0][b:678fdfb8b0]HimanPro 3,7 32-bit-versie[/b:678fdfb8b0][/color:678fdfb8b0][/url] [*:678fdfb8b0][url=http://dl.surfright.nl/HitmanPro_x64.exe][color=#FF0000:678fdfb8b0][b:678fdfb8b0]HimanPro 3,7 64-bit-versie[/b:678fdfb8b0][/color:678fdfb8b0][/url][/list:u:678fdfb8b0] [b:678fdfb8b0]HitmanPro 3.7 opstarten[/b:678fdfb8b0] [list:678fdfb8b0][*:678fdfb8b0] [b:678fdfb8b0][color=#FF0000:678fdfb8b0]Sluit nu eerst alle nog openstaande programmavensters![/color:678fdfb8b0][/b:678fdfb8b0] [*:678fdfb8b0][b:678fdfb8b0][color=#0000FF:678fdfb8b0]Windows 2000[/color:678fdfb8b0][/b:678fdfb8b0] en [color=#0000FF:678fdfb8b0][b:678fdfb8b0]Windows XP[/b:678fdfb8b0][/color:678fdfb8b0]: dubbelklik op HitmanPro 3.7. [*:678fdfb8b0][color=#0000FF:678fdfb8b0][b:678fdfb8b0]Windows Vista[/b:678fdfb8b0][/color:678fdfb8b0] en [color=#0000FF:678fdfb8b0][b:678fdfb8b0]Windows 7[/b:678fdfb8b0][/color:678fdfb8b0]: rechtsklik op HitmanPro 3.7 en kies voor "Als Administrator uitvoeren".[/list:u:678fdfb8b0] [b:678fdfb8b0]HitmanPro 3.7 is opgestart[/b:678fdfb8b0]: [list:678fdfb8b0][*:678fdfb8b0] Vink de optie "[b:678fdfb8b0]Ik accepteer de voorwaarden van de gebruikersovereenkomst aan[/b:678fdfb8b0]" en klik op "[b:678fdfb8b0]Volgende[/b:678fdfb8b0]" [*:678fdfb8b0] Selecteer de optie "[b:678fdfb8b0]Nee, ik wil deze computer slechts eenmalig controleren[/b:678fdfb8b0]" en klik op "[b:678fdfb8b0]Volgende[/b:678fdfb8b0]" [*:678fdfb8b0] De scan zal nu gestart worden, doe verder niets op de computer totdat de scan gereed is. [*:678fdfb8b0] Als de scan gereed is klik dan op "[b:678fdfb8b0]Activeer gratis licentie[/b:678fdfb8b0]" nu komt de melding "[b:678fdfb8b0]Het product is succesvol geactiveerd[/b:678fdfb8b0]" [*:678fdfb8b0] klik nu op "[b:678fdfb8b0]Ok[/b:678fdfb8b0]" en daarna op "[b:678fdfb8b0]Volgende[/b:678fdfb8b0]" [*:678fdfb8b0] Klik onderin het scherm op "[b:678fdfb8b0]Save log[/b:678fdfb8b0]" en sla deze op bijvoorbeeld het bureaublad op. [img:678fdfb8b0]http://www.imgdumper.nl/uploads5/500bf1a109315/500bf1a10837f-hmp.png[/img:678fdfb8b0][/list:u:678fdfb8b0] [b:678fdfb8b0]HitmanPro 3.7 scanlog postent[/b:678fdfb8b0]: [list:678fdfb8b0][*:678fdfb8b0] Plaats aansluitend de inhoud van het scan-log in het volgende bericht.[/list:u:678fdfb8b0]

Geel icoontje bij internettoegang

Vraag

Link naar reactie

Beste reacties voor deze vraag

Populaire dagen

Beste reacties voor deze vraag

Populaire dagen

105 antwoorden op deze vraag

Aanbevolen berichten

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Link naar reactie

Om een reactie te plaatsen, moet je eerst inloggen

Populaire leden

Leden

Recente topics