Ga naar inhoud

JoachimVDE

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    33

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door JoachimVDE

  1. JoachimVDE
    en het tweede log OTL Extras logfile created on: 25-1-2015 18:23:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katrien & Joachim\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000413 | Country: België | Language: NLB | Date Format: d/MM/yyyy 3,97 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 49,12% Memory free 7,93 Gb Paging File | 5,73 Gb Available in Paging File | 72,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,61 Gb Total Space | 96,60 Gb Free Space | 21,34% Space Free | Partition Type: NTFS Drive D: | 13,05 Gb Total Space | 2,29 Gb Free Space | 17,57% Space Free | Partition Type: NTFS Computer Name: 1980PC | User Name: Katrien & Joachim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-748706070-3823825615-209406529-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.) "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.) ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{004234B5-6AD0-4D9E-8241-8FDDF3BB3BBD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0B8B8A18-0119-4637-A247-3D6F51A93B50}" = lport=50005 | protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{0F27C4DE-1859-4DA3-8914-93F2F8D4642B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1958C227-70F7-4C09-B1CA-C7D234417C80}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1E1911F5-F1A4-43D1-B1BA-91C481B1DA02}" = rport=445 | protocol=6 | dir=out | app=system | "{230C7CD0-6A53-4437-9900-E64E359D9E84}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3102F026-D801-4DEB-BFDB-66A12D49A7D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{398CD8E8-6583-4273-9023-318164196DD7}" = rport=139 | protocol=6 | dir=out | app=system | "{42739D91-F336-4265-BCD1-EEA26C5A61B0}" = lport=10243 | protocol=6 | dir=in | app=system | "{4BD42D15-3345-4ADA-B63F-4FF8A13A42C5}" = rport=138 | protocol=17 | dir=out | app=system | "{6944D121-2088-43CB-B5B3-DC9229A8C3D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7336017B-C70E-43D0-B28F-5F2D4537CFB7}" = lport=137 | protocol=17 | dir=in | app=system | "{7C2772A2-5BD8-4AAD-9493-0814EF967A85}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7D8E9115-7009-4037-A228-02C6E3C0FC6B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{8ABFEA00-DFB0-478E-865B-C4A74201947E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8F62346C-90B8-4D1F-9E1B-CB1165603DA4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{97375B1F-9634-4B7C-BFAE-BB390F6A4CF5}" = rport=137 | protocol=17 | dir=out | app=system | "{BF6A3430-60BA-478D-932A-4A2CDECE1A5E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CBE11D97-55E7-413F-B491-DD0DEF683FDD}" = lport=50005 | protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{D330E9BB-CD9A-4C65-BE77-6D4ACABBE9E2}" = rport=10243 | protocol=6 | dir=out | app=system | "{D90ED85D-687C-4890-8E9E-7B845AD7F414}" = lport=445 | protocol=6 | dir=in | app=system | "{DAAD360F-A339-41ED-9C4A-9E8B2B9F43F9}" = lport=2869 | protocol=6 | dir=in | app=system | "{DDDBA411-0715-4493-8849-2F954AEB3591}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DE194F5F-4EE3-44DE-84C8-2C2B5C42ECA6}" = lport=139 | protocol=6 | dir=in | app=system | "{EEFF69D6-8A42-46E4-B20D-92D375EB5561}" = lport=138 | protocol=17 | dir=in | app=system | "{FE928E08-94FE-4B01-854A-635271CF72EB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{008E6A58-5592-4427-9689-CF5403FE107B}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe | "{0A49A701-8AB7-42E4-B973-820B616E6801}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1FFB4206-2DCB-4D60-9E32-239ABDBADF81}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe | "{205B08C7-1C76-4EAC-9D5F-F357AAD3D88F}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{2BA31A48-4AA8-4241-B7A5-D8ACD41A0A0C}" = protocol=17 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe | "{30678D90-7237-4D05-8AD2-CDECF3333A5D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{377937BF-D383-408E-BAFF-291CF757228D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{38BAF450-32FA-4DED-B1F5-F6F52ED0465E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{3C041BE7-F65E-4B3F-AA8E-156ACC719B84}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe | "{443FC3CF-8237-4AF0-9277-16F9632886CC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{4693781E-088C-4947-9E99-CAB34217C41A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{47905B67-C1FB-4405-AA71-BD2A68E51E65}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe | "{50D7A4FA-836E-4CF6-9182-21C4F78BF839}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe | "{54B87CC3-2C30-4302-9594-DFA277117B8A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5A5CCF4F-EB7B-45A8-AD89-522CB3FBC803}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5ADB8B91-A3A5-46B5-8E3B-A4BF06E94298}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe | "{5C96B38D-E171-4AEF-A461-7570ACB57FCA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{671E0F77-CB18-498C-A32A-6205F38FD8B3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{72219613-8B40-4716-BEBF-EB8E2FD85A82}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{756A3ABA-6F23-4DAF-87FB-FFEFAD6F2B1C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe | "{82729B95-9346-4768-920C-7C573EA6FC84}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{85402639-DEE2-459A-A448-395AF360AA78}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{8BC64F29-7469-485A-A5A1-2A28AA00B299}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8E0ACA4C-BB23-4ADE-A186-8A7CC617C5F9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe | "{918DB268-08AF-49B7-A0E9-C8FF6945DA8A}" = protocol=6 | dir=out | app=system | "{9E2B175B-9D47-4CF5-87B6-14CBC413C03A}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{A418D834-09CF-411E-ACA5-7BC31A339E8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A44CDA78-2B6E-44BE-99BF-7500DCF667F8}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | "{B6D1BA9C-CFD0-480F-AACC-18906F5691EE}" = protocol=6 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe | "{BA4415DC-11C1-4226-B823-FF7A6BE65751}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe | "{BC7C6CD2-4ED4-4E75-838E-AA95E923538B}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe | "{C13778AB-8ECB-4928-8DDC-906BFE3A3835}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe | "{D2937F42-B59A-4504-B35C-547B2A4C955A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D521FAF2-EC81-4FF5-AAD6-EBEACF1A645C}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe | "{DB9F6E7A-31C7-4F0A-8134-4B7218817837}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | "{DC4DF893-57DB-4201-BC29-675E1351C780}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{DDB31CF5-92B2-40F6-BB84-623A0411F8D2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe | "{DFEA41A1-1DB2-49B7-AA31-26E8B9E2ABCE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{E0A6EEDF-D78B-43CC-BE4D-00DBBF5A2106}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{E1EAC595-C911-4740-B2A2-51CF0E9D13F9}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{E45A65AC-C17F-443A-BD7A-C37101A1FE6A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{E4E2A09C-9943-42FD-A62A-704E4A885779}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E623FF19-3B92-463C-AFDA-D9D2F3105786}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E9E0CBD8-9BE5-4F82-A0C2-EA13FD36D0BD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{EAD84FFB-67C5-41F4-954B-4BC5F0448D64}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe | "{EB41BA84-221F-4128-BA69-54048FCF2862}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EDC2CD8A-2F93-4498-B193-E1C69B96FA9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F1FB7E97-43C8-4540-995E-20518E8CAA02}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F24FA300-B678-47B0-956F-4F6C04764403}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F437F382-2D3E-48EB-9A79-DAE057D49A92}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{FE468B88-F443-47CB-9209-9FE3FC3AE0F4}" = protocol=58 | dir=in | app=system | "TCP Query User{0C626FE3-31CE-4CD0-8A01-2FFAC6C9158F}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe | "TCP Query User{16121699-00A1-4424-937E-731161F0974C}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "TCP Query User{54091BA3-5A84-4CE9-BE48-81EAFE93C295}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe | "TCP Query User{7C2FF93F-6207-4B2A-A8EB-42565881B2D5}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "TCP Query User{EF5DFAE9-54C4-4C74-A688-FDEBE025CA30}C:\program files\comicrack\comicrack.exe" = protocol=6 | dir=in | app=c:\program files\comicrack\comicrack.exe | "UDP Query User{1DEC59F5-16C9-4A6C-9679-A6F1B4071F08}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe | "UDP Query User{20E8214C-E3B9-430C-822E-B02C93633794}C:\program files\comicrack\comicrack.exe" = protocol=17 | dir=in | app=c:\program files\comicrack\comicrack.exe | "UDP Query User{4FD1550B-F634-4815-B16B-5F041BFB82E7}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe | "UDP Query User{683EC567-36B6-4B27-9148-690649012EF1}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "UDP Query User{B24D0B17-7913-4A14-8314-F0C7C8C6A27F}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518) "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{4C64DB3D-8B2B-49D2-98A9-17472AB3864A}" = AVG 2015 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables "{8EF8686B-303C-4F8A-9A3B-2AD5ACA05706}" = AVG 2015 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010 "{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043" = Microsoft .NET Framework 4.5.1 (Nederlands) "{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}" = Microsoft .NET Framework 4.5.1 (NLD) "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit "AVG" = AVG 2015 "CCleaner" = CCleaner "ComicRack" = ComicRack v0.9.175 "GrooveRetail - nl-nl" = Microsoft OneDrive voor Bedrijven 2013 - nl-nl "HDMI" = Intel® Graphics Media Accelerator Driver "PC-Doctor for Windows" = Diagnostisch hulpprogramma voor hardware "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{240D2B48-E06E-446F-A806-01CF36882EB7}" = Google Drive "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 17 "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{5158F1F5-FA1B-4D49-B546-55A5004B89BD}" = Microsoft Works "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8C31E86B-2A66-40E8-BF47-32A25D65DB12}" = calibre "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system "{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010 "{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010 "{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010 "{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010 "{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010 "{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010 "{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010 "{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010 "{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010 "{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010 "{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component "{90150000-008C-0413-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager "{AC76BA86-7AD7-1043-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Nederlands "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software "{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI "Adobe Shockwave Player" = Adobe Shockwave Player 12.1 "BSPlayerf" = BS.Player FREE "DivX Setup" = DivX Setup "DVDFab 6_is1" = DVDFab 6.2.1.6 Beta (25/12/2009) "ESET Online Scanner" = ESET Online Scanner v3 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128 "HP Remote Solution" = HP Remote Solution "ImgBurn" = ImgBurn "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "IsoBuster_is1" = IsoBuster 2.8 "Mario Forever 6.0 Beta" = Mario Forever 6.0 Beta "Mozilla Firefox 35.0 (x86 nl)" = Mozilla Firefox 35.0 (x86 nl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MyTomTom" = MyTomTom 3.2.0.1116 "NSS" = Norton Security Scan "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "SopCast" = SopCast 3.5.0 "Super Mario 3 : Mario Forever" = Super Mario 3 : Mario Forever "uTorrent" = µTorrent "WildTangent hp Master Uninstall" = HP Games ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-748706070-3823825615-209406529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Facebook Plug-In" = Facebook Plug-In ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 18-12-2014 14:30:54 | Computer Name = 1980PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 29-12-2014 14:58:56 | Computer Name = 1980PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Katrien & Joachim\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2015.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 29-12-2014 14:59:03 | Computer Name = 1980PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Katrien & Joachim\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2015.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 14-1-2015 10:56:36 | Computer Name = 1980PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: Explorer.EXE, versie: 6.1.7601.17567, tijdstempel: 0x4d672ee4 Naam van module met fout: DivXMFSource.dll, versie: 1.0.0.72, tijdstempel: 0x4cffcff8 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00000000000e6520 Id van proces met fout: 0x684 Starttijd van toepassing met fout: 0x01d02ff09e7c530d Pad naar toepassing met fout: C:\Windows\Explorer.EXE Pad naar module met fout: C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXMFSource.dll Rapport-id: 88d1fefb-9bfd-11e4-93a7-18a9051c3649 Error - 15-1-2015 14:48:40 | Computer Name = 1980PC | Source = SideBySide | ID = 16842832 Description = Kan activeringscontext voor C:\Users\Katrien & Joachim\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2015.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 20-1-2015 14:31:33 | Computer Name = 1980PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: Explorer.EXE, versie: 6.1.7601.17567, tijdstempel: 0x4d672ee4 Naam van module met fout: DivXMFSource.dll, versie: 1.0.0.72, tijdstempel: 0x4cffcff8 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00000000000e6520 Id van proces met fout: 0x760 Starttijd van toepassing met fout: 0x01d034dd3f4f541e Pad naar toepassing met fout: C:\Windows\Explorer.EXE Pad naar module met fout: C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXMFSource.dll Rapport-id: 8eb1fb4f-a0d2-11e4-878b-18a9051c3649 Error - 20-1-2015 14:33:51 | Computer Name = 1980PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: Explorer.EXE, versie: 6.1.7601.17567, tijdstempel: 0x4d672ee4 Naam van module met fout: DivXMFSource.dll, versie: 1.0.0.72, tijdstempel: 0x4cffcff8 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00000000000e6520 Id van proces met fout: 0x10d0 Starttijd van toepassing met fout: 0x01d034df5ba63548 Pad naar toepassing met fout: C:\Windows\Explorer.EXE Pad naar module met fout: C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXMFSource.dll Rapport-id: e0df9dee-a0d2-11e4-878b-18a9051c3649 Error - 20-1-2015 14:34:15 | Computer Name = 1980PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: Explorer.exe, versie: 6.1.7601.17567, tijdstempel: 0x4d672ee4 Naam van module met fout: DivXMFSource.dll, versie: 1.0.0.72, tijdstempel: 0x4cffcff8 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00000000000e6520 Id van proces met fout: 0x10f0 Starttijd van toepassing met fout: 0x01d034dfa6cc4798 Pad naar toepassing met fout: C:\Windows\Explorer.exe Pad naar module met fout: C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXMFSource.dll Rapport-id: ef6073fe-a0d2-11e4-878b-18a9051c3649 Error - 20-1-2015 14:35:01 | Computer Name = 1980PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: Explorer.exe, versie: 6.1.7601.17567, tijdstempel: 0x4d672ee4 Naam van module met fout: DivXMFSource.dll, versie: 1.0.0.72, tijdstempel: 0x4cffcff8 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00000000000e6520 Id van proces met fout: 0x105c Starttijd van toepassing met fout: 0x01d034dfb5ac54b3 Pad naar toepassing met fout: C:\Windows\Explorer.exe Pad naar module met fout: C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXMFSource.dll Rapport-id: 0aa66621-a0d3-11e4-878b-18a9051c3649 Error - 24-1-2015 7:11:12 | Computer Name = 1980PC | Source = Application Hang | ID = 1002 Description = Het programma FreeYouTubeToMP3Converter.exe, versie 3.12.0.128 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 14d8 Starttijd: 01d037c6003bf804 Eindtijd: 427 Toepassingspad: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe Rapport-id: [ Hewlett-Packard Events ] Error - 21-5-2012 5:40:27 | Computer Name = 1980PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467262HPSF.exe bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Kan een object van het type System.DBNull niet converteren naar het type System.String. StackTrace: bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: nl-NL RAM: 4061 Ram Utilization: 30 TargetSite: Void SaveSessionInfo(System.Data.DataRow, Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession) Error - 27-5-2012 6:36:47 | Computer Name = 1980PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467262 bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Kan een object van het type System.DBNull niet converteren naar het type System.String. StackTrace: bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: nl-NL RAM: 4061 Ram Utilization: 30 TargetSite: Void SaveSessionInfo(System.Data.DataRow, Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession) Error - 27-5-2012 6:36:47 | Computer Name = 1980PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467262HPSF.exe bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Kan een object van het type System.DBNull niet converteren naar het type System.String. StackTrace: bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: nl-NL RAM: 4061 Ram Utilization: 30 TargetSite: Void SaveSessionInfo(System.Data.DataRow, Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession) Error - 3-6-2012 5:14:03 | Computer Name = 1980PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467262 bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Kan een object van het type System.DBNull niet converteren naar het type System.String. StackTrace: bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: nl-NL RAM: 4061 Ram Utilization: 30 TargetSite: Void SaveSessionInfo(System.Data.DataRow, Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession) Error - 3-6-2012 5:14:04 | Computer Name = 1980PC | Source = HPSF.exe | ID = 2000 Description = HP Error ID: -2147467262HPSF.exe bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Kan een object van het type System.DBNull niet converteren naar het type System.String. StackTrace: bij HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: nl-NL RAM: 4061 Ram Utilization: 30 TargetSite: Void SaveSessionInfo(System.Data.DataRow, Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession) Error - 16-7-2012 9:00:56 | Computer Name = 1980PC | Source = HPSF.exe | ID = 4000 Description = Error - 7-8-2012 3:32:54 | Computer Name = 1980PC | Source = HPSFMsgr.exe | ID = 4000 Description = HP Error ID: -2147221164 bij System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) bij System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) bij System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bij System.Activator.CreateInstance(Type type, Boolean nonPublic) bij HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() StackTrace: bij System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) bij System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) bij System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bij System.Activator.CreateInstance(Type type, Boolean nonPublic) bij HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: nl-NL RAM: 4061 Ram Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean, Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef) Error - 7-8-2012 3:32:55 | Computer Name = 1980PC | Source = HPSFMsgr.exe | ID = 4000 Description = HP Error ID: -2147221164HPSFMsgr.exe bij System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) bij System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) bij System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bij System.Activator.CreateInstance(Type type, Boolean nonPublic) bij HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() StackTrace: bij System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) bij System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) bij System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bij System.Activator.CreateInstance(Type type, Boolean nonPublic) bij HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: nl-NL RAM: 4061 Ram Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean, Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef) Error - 7-9-2012 15:15:03 | Computer Name = 1980PC | Source = HPSFMsgr.exe | ID = 2000 Description = HP Error ID: -2147023170 bij System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) bij System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext() bij HPSA_Messenger.MessengerManager.CommonMessengerStatusTask.SetWMISysInformation() Message: StackTrace: bij System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) bij System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext() bij HPSA_Messenger.MessengerManager.CommonMessengerStatusTask.SetWMISysInformation() Source: WinMgmt Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: nl-NL RAM: 4061 Ram Utilization: 30 TargetSite: Void ThrowExceptionForHRInternal(Int32, IntPtr) Error - 16-12-2012 10:06:20 | Computer Name = 1980PC | Source = HPSF.exe | ID = 4000 Description = [ System Events ] Error - 24-1-2015 12:06:07 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7031 Description = De Windows Modules Installer-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten. Error - 24-1-2015 12:06:07 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7031 Description = De Windows Presentation Foundation Font Cache 3.0.0.0-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Service opnieuw starten. Error - 24-1-2015 12:06:07 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7031 Description = De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Error - 24-1-2015 12:06:07 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7031 Description = De Windows Media Player Network Sharing Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Error - 24-1-2015 12:06:07 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7031 Description = De HP Support Assistant Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten. Error - 24-1-2015 12:06:07 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7031 Description = De Software Protection-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten. Error - 24-1-2015 12:08:04 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7009 Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Spybot-S&D 2 Scanner Service. Error - 24-1-2015 12:08:04 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7000 Description = De Spybot-S&D 2 Scanner Service-service kan vanwege de volgende fout niet worden gestart: %%1053 Error - 25-1-2015 13:17:08 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7009 Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Spybot-S&D 2 Scanner Service. Error - 25-1-2015 13:17:08 | Computer Name = 1980PC | Source = Service Control Manager | ID = 7000 Description = De Spybot-S&D 2 Scanner Service-service kan vanwege de volgende fout niet worden gestart: %%1053 < End of report >
  2. JoachimVDE
    beste, gisteren leken de problemen opgelost, echter steekt vandaag weer alles de kop op hieronder vind je de gevraagde logs OTL logfile created on: 25-1-2015 18:23:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katrien & Joachim\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17501) Locale: 00000413 | Country: België | Language: NLB | Date Format: d/MM/yyyy 3,97 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 49,12% Memory free 7,93 Gb Paging File | 5,73 Gb Available in Paging File | 72,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,61 Gb Total Space | 96,60 Gb Free Space | 21,34% Space Free | Partition Type: NTFS Drive D: | 13,05 Gb Total Space | 2,29 Gb Free Space | 17,57% Space Free | Partition Type: NTFS Computer Name: 1980PC | User Name: Katrien & Joachim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2015-01-25 18:22:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katrien & Joachim\Desktop\OTL.com PRC - [2014-12-22 16:28:10 | 023,308,616 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe PRC - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2014-12-18 09:54:30 | 003,432,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe PRC - [2014-12-18 09:51:14 | 003,667,472 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe PRC - [2014-12-18 09:45:26 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe PRC - [2014-06-27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2014-06-24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2014-06-24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2014-04-25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2013-05-23 12:53:18 | 000,455,608 | ---- | M] (TomTom) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe PRC - [2013-03-22 05:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe PRC - [2013-03-22 05:07:16 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ========== Modules (No Company Name) ========== MOD - [2015-01-25 18:17:40 | 001,160,704 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\_ssl.pyd MOD - [2015-01-25 18:17:40 | 001,062,400 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._controls_.pyd MOD - [2015-01-25 18:17:40 | 000,811,008 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._windows_.pyd MOD - [2015-01-25 18:17:40 | 000,805,888 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._gdi_.pyd MOD - [2015-01-25 18:17:40 | 000,713,216 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\_hashlib.pyd MOD - [2015-01-25 18:17:40 | 000,686,080 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\unicodedata.pyd MOD - [2015-01-25 18:17:40 | 000,127,488 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\pyexpat.pyd MOD - [2015-01-25 18:17:40 | 000,110,080 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\pywintypes27.dll MOD - [2015-01-25 18:17:40 | 000,038,912 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32inet.pyd MOD - [2015-01-25 18:17:40 | 000,027,136 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\_multiprocessing.pyd MOD - [2015-01-25 18:17:40 | 000,025,600 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32pdh.pyd MOD - [2015-01-25 18:17:40 | 000,024,064 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32pipe.pyd MOD - [2015-01-25 18:17:40 | 000,018,432 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32event.pyd MOD - [2015-01-25 18:17:40 | 000,010,240 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\select.pyd MOD - [2015-01-25 18:17:40 | 000,007,168 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\hashobjs_ext.pyd MOD - [2015-01-25 18:17:39 | 000,525,640 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\windows._lib_cacheinvalidation.pyd MOD - [2015-01-25 18:17:39 | 000,167,936 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32gui.pyd MOD - [2015-01-25 18:17:39 | 000,128,512 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\_elementtree.pyd MOD - [2015-01-25 18:17:39 | 000,119,808 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32file.pyd MOD - [2015-01-25 18:17:39 | 000,108,544 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32security.pyd MOD - [2015-01-25 18:17:39 | 000,098,816 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32api.pyd MOD - [2015-01-25 18:17:39 | 000,087,552 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\_ctypes.pyd MOD - [2015-01-25 18:17:39 | 000,070,656 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._html2.pyd MOD - [2015-01-25 18:17:39 | 000,045,568 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\_socket.pyd MOD - [2015-01-25 18:17:39 | 000,017,408 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32profile.pyd MOD - [2015-01-25 18:17:38 | 001,175,040 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._core_.pyd MOD - [2015-01-25 18:17:38 | 000,735,232 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._misc_.pyd MOD - [2015-01-25 18:17:38 | 000,557,056 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\pysqlite2._sqlite.pyd MOD - [2015-01-25 18:17:38 | 000,364,544 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\pythoncom27.dll MOD - [2015-01-25 18:17:38 | 000,320,512 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32com.shell.shell.pyd MOD - [2015-01-25 18:17:38 | 000,122,368 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._wizard.pyd MOD - [2015-01-25 18:17:38 | 000,078,336 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\wx._animate.pyd MOD - [2015-01-25 18:17:38 | 000,035,840 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32process.pyd MOD - [2015-01-25 18:17:38 | 000,022,528 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32ts.pyd MOD - [2015-01-25 18:17:38 | 000,011,264 | ---- | M] () -- C:\Users\KATRIE~1\AppData\Local\Temp\_MEI39002\win32crypt.pyd MOD - [2014-11-12 15:04:26 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll MOD - [2014-10-16 19:12:23 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll MOD - [2014-10-16 18:35:47 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll MOD - [2014-10-16 18:33:29 | 006,638,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\4b335bfaa07fc54f2d72213d33f53e97\System.Data.ni.dll MOD - [2014-10-16 18:32:24 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll MOD - [2014-10-16 18:31:52 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll MOD - [2014-10-16 18:31:29 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll MOD - [2014-10-16 18:31:13 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll MOD - [2014-10-16 18:31:05 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll MOD - [2014-10-16 18:30:38 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll MOD - [2014-10-16 18:30:22 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll MOD - [2014-10-16 18:30:15 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll MOD - [2014-09-12 18:42:35 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\61bea915a98d92c2748dc18d5fc594a7\UIAutomationTypes.ni.dll MOD - [2014-09-12 18:41:57 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll MOD - [2014-05-13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2014-05-13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2014-05-13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2014-03-20 23:49:19 | 002,952,704 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2014-03-11 19:17:22 | 000,037,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll MOD - [2013-05-23 12:53:28 | 000,026,040 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll MOD - [2013-05-23 12:53:22 | 000,279,480 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll MOD - [2013-05-23 12:53:20 | 000,074,680 | ---- | M] () -- C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll MOD - [2011-07-29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011-07-29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2010-11-13 01:34:15 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010-11-05 02:54:50 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_nl_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2010-06-29 23:12:54 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2010-06-29 23:12:52 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll MOD - [2010-06-29 23:12:42 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2010-06-29 23:12:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2010-06-29 23:12:40 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2010-06-29 23:12:40 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2010-06-29 23:12:36 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2010-06-29 23:12:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ========== Services (SafeList) ========== SRV:64bit: - [2014-11-22 03:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2014-11-12 00:06:52 | 002,449,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc) SRV:64bit: - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2015-01-23 16:29:08 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015-01-23 11:10:21 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-12-19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2014-12-18 09:54:30 | 003,432,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014-12-18 09:45:26 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd) SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013-11-04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service) SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013-03-22 05:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009-05-22 19:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009-02-22 11:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2014-12-08 21:24:26 | 000,260,888 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2014-11-18 21:42:04 | 000,203,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2014-10-10 15:14:32 | 000,274,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2014-10-05 20:41:40 | 000,124,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2014-08-28 20:47:24 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2014-07-18 14:53:26 | 000,313,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2014-06-18 20:03:34 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:64bit: - [2014-06-18 20:03:20 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2013-08-29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2013-02-12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011-08-17 09:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:64bit: - [2011-08-17 09:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:64bit: - [2011-08-17 08:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011-08-17 08:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011-08-17 08:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011-08-17 08:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-10-16 04:28:42 | 010,619,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010-09-11 13:14:16 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010-03-27 09:59:16 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin) DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-13 15:31:42 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2015-01-21 09:42:40 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{8C291886-5073-486B-A772-289BD2C91E66}: "URL" = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{8C291886-5073-486B-A772-289BD2C91E66}: "URL" = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-748706070-3823825615-209406529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/ IE - HKU\S-1-5-21-748706070-3823825615-209406529-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-748706070-3823825615-209406529-1001\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms} IE - HKU\S-1-5-21-748706070-3823825615-209406529-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-748706070-3823825615-209406529-1001\..\SearchScopes\{5B291E6C-9A74-4034-971B-A4B007A0B315}: "URL" = http://radiobar.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp IE - HKU\S-1-5-21-748706070-3823825615-209406529-1001\..\SearchScopes\{8C291886-5073-486B-A772-289BD2C91E66}: "URL" = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 IE - HKU\S-1-5-21-748706070-3823825615-209406529-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.isUS: false FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: %7B113c6a96-cbc4-4248-bc8a-c05e9ec4b669%7D:1.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Katrien & Joachim\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-08 11:31:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013-07-09 14:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrien & Joachim\AppData\Roaming\mozilla\Extensions [2013-07-09 14:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrien & Joachim\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010-01-14 20:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrien & Joachim\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2015-01-23 10:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrien & Joachim\AppData\Roaming\mozilla\Firefox\Profiles\hcqh7r3d.default\extensions [2014-12-29 20:06:49 | 000,000,000 | ---D | M] ("Better-Fox-Finder") -- C:\Users\Katrien & Joachim\AppData\Roaming\mozilla\Firefox\Profiles\hcqh7r3d.default\extensions\{113c6a96-cbc4-4248-bc8a-c05e9ec4b669} [2014-12-29 20:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrien & Joachim\AppData\Roaming\mozilla\Firefox\Profileshcqh7r3d.default\extensions [2014-12-29 20:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katrien & Joachim\AppData\Roaming\mozilla\Firefox\Profileshcqh7r3d.default\extensions\staged [2015-01-23 11:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2015-01-23 11:10:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll CHR - plugin: Java Platform SE 6 U17 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Katrien & Joachim\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll CHR - default_search_provider: 2F43705AC0DBE4CEDE15C7B60079B0BC79EE38655AD7D6AACE7A3653F78D0552 (Enabled) CHR - default_search_provider: search_url = 02F84BAA56D4F381A6C29860E521B301D2556EB378AE777726413354E18FE6F7 CHR - default_search_provider: suggest_url = CHR - homepage: 6D258EB163A5D2B7A193EDFE2C37DE31C20FFF72CD25DE70447B6488E3CB4298 CHR - Extension: Google Drive = C:\Users\Katrien & Joachim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: Google Wallet = C:\Users\Katrien & Joachim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\ CHR - Extension: DivX Plus Web Player HTML5 <video> = C:\Users\Katrien & Joachim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2012-12-20 21:08:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation) O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation) O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-748706070-3823825615-209406529-1001\..\Toolbar\WebBrowser: (no name) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - No CLSID value found. O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-21-748706070-3823825615-209406529-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) O4 - HKU\S-1-5-21-748706070-3823825615-209406529-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) O4 - HKU\S-1-5-21-748706070-3823825615-209406529-1001..\Run: [MyTomTomSA.exe] C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom) O4 - HKU\S-1-5-21-748706070-3823825615-209406529-1001..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-748706070-3823825615-209406529-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-748706070-3823825615-209406529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-748706070-3823825615-209406529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-748706070-3823825615-209406529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8:64bit: - Extra context menu item: Se&nd to OneNote - res:///105 File not found O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Se&nd to OneNote - res:///105 File not found O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) O13 - gopher Prefix: missing O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab (Reg Error: Key error.) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.be/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B6F226C-2C8F-40D3-9E03-044A32D3FED7}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\osf - No CLSID value found O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2015-01-25 18:21:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Katrien & Joachim\Desktop\OTL.com [2015-01-24 09:53:31 | 000,000,000 | ---D | C] -- C:\zoek_backup [2015-01-23 19:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2015-01-23 19:42:09 | 000,000,000 | ---D | C] -- C:\rsit [2015-01-23 16:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2015-01-23 16:33:13 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2015-01-23 16:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2015-01-23 16:33:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2015-01-23 14:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2015-01-23 11:10:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2015-01-14 21:16:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2015-01-04 18:17:32 | 000,000,000 | -HSD | C] -- C:\Users\Katrien & Joachim\AppData\Local\EmieBrowserModeList [2014-12-29 20:12:33 | 000,000,000 | ---D | C] -- C:\Users\Katrien & Joachim\AppData\Roaming\AVG2015 [2014-12-29 20:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2014-12-29 20:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015 [2014-12-29 20:01:14 | 000,000,000 | ---D | C] -- C:\Users\Katrien & Joachim\AppData\Roaming\WebTest [2014-12-29 20:00:10 | 000,000,000 | ---D | C] -- C:\Users\Katrien & Joachim\AppData\Local\MFAData [2014-12-29 20:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2014-12-29 20:00:10 | 000,000,000 | ---D | C] -- C:\Users\Katrien & Joachim\AppData\Local\Avg2015 [2014-12-29 20:00:01 | 004,579,176 | ---- | C] (AVG Technologies) -- C:\Users\Katrien & Joachim\Desktop\avg_free_stb_all_2015_5315_free.exe [2010-03-27 09:59:16 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Katrien & Joachim\AppData\Roaming\pcouffin.sys [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2015-01-25 18:26:05 | 000,018,736 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015-01-25 18:26:05 | 000,018,736 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015-01-25 18:22:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katrien & Joachim\Desktop\OTL.com [2015-01-25 18:17:41 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015-01-25 18:16:52 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015-01-25 18:16:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015-01-25 18:16:21 | 3193,888,768 | -HS- | M] () -- C:\hiberfil.sys [2015-01-24 19:29:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015-01-24 16:58:05 | 002,194,432 | ---- | M] () -- C:\Users\Katrien & Joachim\Desktop\adwcleaner_4.109.exe [2015-01-24 15:24:30 | 000,001,545 | ---- | M] () -- C:\Users\Katrien & Joachim\Desktop\zoek - Snelkoppeling (2).lnk [2015-01-24 15:24:03 | 001,295,360 | ---- | M] () -- C:\Users\Katrien & Joachim\Desktop\zoek.exe [2015-01-24 09:52:20 | 000,001,545 | ---- | M] () -- C:\Users\Katrien & Joachim\Desktop\zoek - Snelkoppeling.lnk [2015-01-23 20:01:02 | 000,000,071 | ---- | M] () -- C:\Windows\SysWow64\drivers\EICAR.COM [2015-01-23 19:38:47 | 001,222,144 | ---- | M] () -- C:\Users\Katrien & Joachim\Desktop\RSITx64.exe [2015-01-23 16:33:17 | 000,001,385 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2015-01-23 14:52:42 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2015-01-21 09:51:26 | 000,000,476 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Katrien & Joachim.job [2015-01-14 18:18:44 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk [2015-01-14 18:18:44 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk [2015-01-14 18:18:44 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk [2014-12-29 20:11:47 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk [2014-12-29 20:00:05 | 004,579,176 | ---- | M] (AVG Technologies) -- C:\Users\Katrien & Joachim\Desktop\avg_free_stb_all_2015_5315_free.exe [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2015-01-24 16:58:02 | 002,194,432 | ---- | C] () -- C:\Users\Katrien & Joachim\Desktop\adwcleaner_4.109.exe [2015-01-24 15:24:30 | 000,001,545 | ---- | C] () -- C:\Users\Katrien & Joachim\Desktop\zoek - Snelkoppeling (2).lnk [2015-01-24 15:23:59 | 001,295,360 | ---- | C] () -- C:\Users\Katrien & Joachim\Desktop\zoek.exe [2015-01-24 09:52:20 | 000,001,545 | ---- | C] () -- C:\Users\Katrien & Joachim\Desktop\zoek - Snelkoppeling.lnk [2015-01-23 20:01:02 | 000,000,071 | ---- | C] () -- C:\Windows\SysWow64\drivers\EICAR.COM [2015-01-23 19:38:43 | 001,222,144 | ---- | C] () -- C:\Users\Katrien & Joachim\Desktop\RSITx64.exe [2015-01-23 16:33:17 | 000,001,397 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2015-01-23 16:33:17 | 000,001,385 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2015-01-23 14:52:42 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014-12-29 20:11:47 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk [2013-12-07 19:28:53 | 001,644,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-09-13 20:37:07 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI [2013-09-13 20:36:12 | 000,000,051 | ---- | C] () -- C:\Windows\forevermopt.INI [2013-08-28 19:52:05 | 000,000,420 | ---- | C] () -- C:\Windows\SysWow64\drivers\vwifikerneldrv.sys [2013-08-28 19:52:05 | 000,000,420 | ---- | C] () -- C:\ProgramData\fontcacheev1.dat [2011-05-22 13:17:00 | 000,001,854 | ---- | C] () -- C:\Users\Katrien & Joachim\AppData\Roaming\GhostObjGAFix.xml [2010-12-26 15:37:05 | 000,005,632 | ---- | C] () -- C:\Users\Katrien & Joachim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-20 11:24:15 | 000,034,894 | ---- | C] () -- C:\Users\Katrien & Joachim\AppData\Roaming\mdbu.bin [2010-03-27 09:59:16 | 000,099,384 | ---- | C] () -- C:\Users\Katrien & Joachim\AppData\Roaming\inst.exe [2010-03-27 09:59:16 | 000,007,859 | ---- | C] () -- C:\Users\Katrien & Joachim\AppData\Roaming\pcouffin.cat [2010-03-27 09:59:16 | 000,001,167 | ---- | C] () -- C:\Users\Katrien & Joachim\AppData\Roaming\pcouffin.inf [2009-09-25 00:03:31 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib ========== ZeroAccess Check ========== [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014-06-25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014-06-25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2010-03-05 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\AnvSoft [2014-12-29 20:12:33 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\AVG2015 [2010-01-20 19:57:38 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\AVG9 [2013-10-05 18:23:26 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\avidemux [2012-01-14 16:09:18 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\BSplayer [2012-01-13 19:02:23 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\BSplayer Pro [2013-12-21 12:07:39 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\calibre [2013-12-07 19:38:18 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\cYo [2013-01-29 20:08:23 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\DVDVideoSoft [2010-06-20 11:15:46 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\ExtraFilm [2010-04-28 19:31:57 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\Facebook [2012-03-09 13:58:27 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\FreeVideoConverter [2010-05-07 20:00:55 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\ImgBurn [2013-07-09 14:09:09 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\TomTom [2014-12-29 20:11:47 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\TuneUp Software [2015-01-23 15:05:43 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\uTorrent [2010-03-27 10:00:08 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\Vso [2014-12-29 20:01:14 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\WebTest [2010-01-18 15:35:48 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\WinBatch [2013-10-05 15:00:10 | 000,000,000 | ---D | M] -- C:\Users\Katrien & Joachim\AppData\Roaming\_MDLogs ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:FB1B13D8 < End of report >
  3. JoachimVDE
    bedankt, dit programma heeft wel degelijk iets verwijderd zie ik In bijlage vind je het logbestand AdwCleanerS1.txt
  4. JoachimVDE
    blijkbaar loopt het terug vast op dezelfde moment runcheck.txt
  5. JoachimVDE
    het programma zoek.exe loopt nu al van 10u02 op hetzelfde... runcheck.txt
  6. JoachimVDE
    kan dit dat dit alles is in het log? zoek-results.log
  7. JoachimVDE
    in bijlage nog een logje log.txt
  8. JoachimVDE
    Beste leden, sinds kort heb ik bij het surfen heel veel last van schermen met reclame die tevoorschijn komen, eveneens staan op elke site trefwoorden onderstreept en krijg ik pop ups met reclame. Wanneer ik in Google iets opzoek krijg ik nadien een related list van http://exitmonetization.com Het lukt me niet om dit op te lossen... Heeft iemand een idee wat er met mijn pc aan de hand is? Bedankt!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.