Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
San70
incredibar is ook niet te vinden in mijn software
Hallo,
Dan gaan we het volgende doen:
Download OTL naar je bureaublad.
Klik met je rechtermuisknop op OTL en klik op Als Administrator uitvoeren om het uit te voeren. Zorg ervoor dat alle andere vensters gesloten zijn, en de scan zonder onderbrekingen kan worden voltooid.
Wijzig, als het scherm wordt getoond, onder Output bovenaan, de waarde naar Minimal Output.
Klik nu op de Run Scan knop. Wijzig geen opties, tenzij anders vermeld. De scan zal niet lang duren.
Wanneer de scan is voltooid zullen er twee Kladblok vensters worden geopend. OTListIt.Txt en Extras.Txt. Deze logbestanden worden opgeslagen in dezelfde locatie als OTL.
Kopieer de inhoud van OTListIt.Txt en plak deze in je volgende bericht.
Gr.Ben
OTL logfile created on: 7-10-2012 19:28:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sandra\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,94% Memory free
6,00 Gb Paging File | 3,85 Gb Available in Paging File | 64,17% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 21,31 Gb Free Space | 28,62% Space Free | Partition Type: NTFS
Computer Name: SANDRA-PC | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Sandra\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Users\Sandra\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Users\Sandra\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
PRC - C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Sound Blaster Play\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll ()
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll ()
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll ()
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll ()
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll ()
MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll ()
MOD - C:\Users\Sandra\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (NisSrv) – c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) – c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD FUEL Service) – C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) – C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) – C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) – C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) – C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AdobeARMservice) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) – C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Sony PC Companion) – C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (Creative Audio Engine Licensing Service) – C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (clr_optimization_v4.0.30319_32) – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NisDrv) – C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) – C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) – C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) – C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (taphss) – C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (Fs_Rec) – C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) – C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) – C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) – C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) – C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) – C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (cpuz135) – C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
DRV:64bit: - (amdiox64) – C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) – C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) – C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) – C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) – C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) – C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) – C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) – C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) – C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (KMWDFILTER) – C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (twtyfilt) – C:\Windows\SysNative\drivers\twtyfilt.sys (Creative Technology Ltd.)
DRV - (WIMMount) – C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 31 FA F9 E2 27 CD 01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files (x86)\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sandra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sandra\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
(No name found) – C:\Users\Sandra\AppData\Roaming\mozilla\Extensions
(No name found) – C:\Users\Sandra\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
(No name found) – C:\Users\Sandra\AppData\Roaming\mozilla\Firefox\extensions
(BittorrentBar_NL Community Toolbar) – C:\Users\Sandra\AppData\Roaming\mozilla\Firefox\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}
(No name found) – C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sandra\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: New tab for Chrome\u2122 = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Skype Click to Call = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Codecv = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacmkdkfildbkfjcdbijjmhhpccpjebd\1.0_0\
O1 HOSTS File: () - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14938 more lines…
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Codecv Class) - {1CD4CC61-F751-441C-3DA5-AA7C1302AEC0} - C:\ProgramData\Codecv\bhoclass.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 ) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2D8D9ACC-F6D7-4362-8876-A275CA929591} - No CLSID value found.
O4:64bit: - HKLM..\Run: c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: C:\Program Files (x86)\Creative\Sound Blaster Play\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 1.7.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{546456E3-330E-4543-B866-0F81D37E965F}: DhcpNameServer = 212.54.40.25 212.54.35.25
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{af5747b7-f521-11e1-ad28-00508d9f26c4}\Shell - “” = AutoRun
O33 - MountPoints2\{af5747b7-f521-11e1-ad28-00508d9f26c4}\Shell\AutoRun\command - “” = E:\Startme.exe
O33 - MountPoints2\{fdfbb4c7-17f6-11e0-9559-806e6f6e6963}\Shell - “” = AutoRun
O33 - MountPoints2\{fdfbb4c7-17f6-11e0-9559-806e6f6e6963}\Shell\AutoRun\command - “” = D:\autoplay.exe
O33 - MountPoints2\{fdfbb4cf-17f6-11e0-9559-806e6f6e6963}\Shell - “” = AutoRun
O33 - MountPoints2\{fdfbb4cf-17f6-11e0-9559-806e6f6e6963}\Shell\AutoRun\command - “” = E:\Installer.exe
O33 - MountPoints2\E\Shell - “” = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - “” = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile – “%1” %*
O35:64bit: - HKLM\..exefile – “%1” %*
O35 - HKLM\..comfile – “%1” %*
O35 - HKLM\..exefile – “%1” %*
O37:64bit: - HKLM\…com – “%1” %*
O37:64bit: - HKLM\…exe – “%1” %*
O37 - HKLM\…com – “%1” %*
O37 - HKLM\…exe – “%1” %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
– C:\Users\Sandra\.ps_inception
(Microsoft Corporation) – C:\Windows\SysNative\OxpsConverter.exe
(Microsoft Corporation) – C:\Windows\SysNative\mshtmled.dll
(Microsoft Corporation) – C:\Windows\SysWow64\mshtmled.dll
(Microsoft Corporation) – C:\Windows\SysWow64\ieui.dll
(Microsoft Corporation) – C:\Windows\SysNative\ieui.dll
(Microsoft Corporation) – C:\Windows\SysNative\url.dll
(Microsoft Corporation) – C:\Windows\SysWow64\url.dll
(Microsoft Corporation) – C:\Windows\SysNative\ieUnatt.exe
(Microsoft Corporation) – C:\Windows\SysWow64\ieUnatt.exe
(Microsoft Corporation) – C:\Windows\SysNative\inetcpl.cpl
(Microsoft Corporation) – C:\Windows\SysWow64\inetcpl.cpl
(Microsoft Corporation) – C:\Windows\SysNative\jscript9.dll
(Microsoft Corporation) – C:\Windows\SysNative\msfeeds.dll
(Microsoft Corporation) – C:\Windows\SysNative\jscript.dll
(Microsoft Corporation) – C:\Windows\SysWow64\jscript.dll
(Microsoft Corporation) – C:\Windows\SysNative\vbscript.dll
– C:\Config.Msi
– C:\Program Files (x86)\Adobe
– C:\Program Files (x86)\Common Files\Java
(Oracle Corporation) – C:\Windows\SysWow64\javaws.exe
(Oracle Corporation) – C:\Windows\SysWow64\javaw.exe
(Oracle Corporation) – C:\Windows\SysWow64\java.exe
(Oracle Corporation) – C:\Windows\SysWow64\WindowsAccessBridge-32.dll
– C:\Program Files (x86)\Java
(Microsoft Corporation) – C:\Windows\SysNative\drivers\RNDISMP.sys
(Microsoft Corporation) – C:\Windows\SysNative\d3d10level9.dll
(Microsoft Corporation) – C:\Windows\SysNative\drivers\netio.sys
(Microsoft Corporation) – C:\Windows\SysNative\drivers\FWPKCLNT.SYS
(Microsoft Corporation) – C:\Users\Sandra\wlsetup-web.exe
========== Files - Modified Within 30 Days ==========
() – C:\Windows\tasks\Adobe Flash Player Updater.job
() – C:\Users\Sandra\Desktop\OTL.url
() – C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1742615846-542083194-1811971918-1001UA.job
() – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
() – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
() – C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1742615846-542083194-1811971918-1001Core.job
() – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
() – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
() – C:\Windows\bootstat.dat
() – C:\hiberfil.sys
() – C:\Users\Sandra\Desktop\hb.jpg
() – C:\Users\Sandra\Desktop\AdwCleaner.url
() – C:\Users\Sandra\Desktop\A3qkP9RCEAAOZhQ.jpg
() – C:\Users\Sandra\Desktop\adwcleaner (1) - Snelkoppeling.lnk
() – C:\Users\Sandra\Documents\hijackthis1
() – C:\Windows\SysWow64\hijackthis2
() – C:\Windows\epplauncher.mif
() – C:\Windows\SysNative\perfh013.dat
() – C:\Windows\SysNative\perfh009.dat
() – C:\Windows\SysNative\perfc013.dat
() – C:\Windows\SysNative\perfc009.dat
() – C:\Users\Sandra\Desktop\Google Chrome.lnk
() – C:\Users\Sandra\Desktop\Prullenbak - Snelkoppeling.lnk
(Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerApp.exe
(Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
() – C:\Users\Public\Desktop\Adobe Reader X .lnk
() – C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
(Oracle Corporation) – C:\Windows\SysWow64\WindowsAccessBridge-32.dll
(Oracle Corporation) – C:\Windows\SysWow64\javaws.exe
(Oracle Corporation) – C:\Windows\SysWow64\javaw.exe
(Oracle Corporation) – C:\Windows\SysWow64\java.exe
(Oracle Corporation) – C:\Windows\SysWow64\npDeployJava1.dll
(Oracle Corporation) – C:\Windows\SysWow64\deployJava1.dll
() – C:\Windows\SysNative\PerfStringBackup.INI
() – C:\Users\Sandra\Documents\pie.rtf
() – C:\Users\Public\Desktop\CCleaner.lnk
() – C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
========== Files Created - No Company Name ==========
() – C:\Users\Sandra\Desktop\OTL.url
() – C:\Users\Sandra\Desktop\hb.jpg
() – C:\Users\Sandra\Desktop\AdwCleaner.url
() – C:\Users\Sandra\Desktop\A3qkP9RCEAAOZhQ.jpg
() – C:\Users\Sandra\Desktop\adwcleaner (1) - Snelkoppeling.lnk
() – C:\Users\Sandra\Documents\hijackthis1
() – C:\Windows\SysWow64\hijackthis2
() – C:\Users\Sandra\Desktop\Prullenbak - Snelkoppeling.lnk
() – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk
() – C:\Users\Public\Desktop\Adobe Reader X .lnk
() – C:\Users\Sandra\Documents\pie.rtf
() – C:\Windows\SysWow64\cis-2.4.dll
() – C:\Windows\SysWow64\issacapi_bs-2.3.dll
() – C:\Windows\SysWow64\issacapi_pe-2.3.dll
() – C:\Windows\SysWow64\issacapi_se-2.3.dll
() – C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
() – C:\Users\Sandra\Ik en Zsolt.jpg
() – C:\Users\Sandra\San en Zsolt.jpg
() – C:\Users\Sandra\100_1837.JPG
() – C:\Users\Sandra\100_1836.JPG
() – C:\Users\Sandra\100_1835.JPG
() – C:\Windows\SysWow64\kdbsdk32.dll
() – C:\Windows\SysWow64\ativvsvl.dat
() – C:\Windows\SysWow64\ativvsva.dat
() – C:\Windows\SysWow64\OVDecoder.dll
() – C:\Windows\SysWow64\atipblag.dat
() – C:\Users\Sandra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
() – C:\Users\Sandra\Document4.pdf
() – C:\ProgramData\ezsidmv.dat
() – C:\Windows\twtycfg.ini
() – C:\Windows\SysWow64\PerfStringBackup.INI
() – C:\Windows\ativpsrm.bin
========== ZeroAccess Check ==========
() – C:\Windows\assembly\Desktop.ini
/64
/64
/64
“” = C:\Windows\SysNative\shell32.dll – (Microsoft Corporation)
“ThreadingModel” = Apartment
“” = %SystemRoot%\system32\shell32.dll – (Microsoft Corporation)
“ThreadingModel” = Apartment
/64
“” = C:\Windows\SysNative\wbem\fastprox.dll – (Microsoft Corporation)
“ThreadingModel” = Free
“” = %systemroot%\system32\wbem\fastprox.dll – (Microsoft Corporation)
“ThreadingModel” = Free
/64
“” = C:\Windows\SysNative\wbem\wbemess.dll – (Microsoft Corporation)
“ThreadingModel” = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:82529191
< End of report >
OTL Extras logfile created on: 7-10-2012 19:28:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sandra\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,94% Memory free
6,00 Gb Paging File | 3,85 Gb Available in Paging File | 64,17% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 21,31 Gb Free Space | 28,62% Space Free | Partition Type: NTFS
Computer Name: SANDRA-PC | User Name: Sandra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit:
.url – C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.cpl – C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\\command]
batfile – “%1” %*
cmdfile – “%1” %*
comfile – “%1” %*
exefile – “%1” %*
helpfile – Reg Error: Key error.
htmlfile – Reg Error: Key error.
htmlfile – rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
inffile – %SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
InternetShortcut – “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation)
InternetShortcut – “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation)
piffile – “%1” %*
regfile – Reg Error: Key error.
scrfile – “%1”
scrfile – rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile – “%1” /S
txtfile – Reg Error: Key error.
Unknown – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory – cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder – Reg Error: Value error.
Drive – %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\\command]
batfile – “%1” %*
cmdfile – “%1” %*
comfile – “%1” %*
cplfile – %SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation)
exefile – “%1” %*
helpfile – Reg Error: Key error.
htmlfile – Reg Error: Key error.
htmlfile – rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1”
inffile – %SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation)
piffile – “%1” %*
regfile – Reg Error: Key error.
scrfile – “%1”
scrfile – rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile – “%1” /S
txtfile – Reg Error: Key error.
Unknown – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory – cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder – Reg Error: Value error.
Drive – %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit:
“cval” = 1
64bit:
64bit:
“VistaSp1” = 28 4D B2 76 41 04 CA 01
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0
64bit:
========== Firewall Settings ==========
“DisableNotifications” = 0
“EnableFirewall” = 1
“DisableNotifications” = 0
“EnableFirewall” = 1
“DisableNotifications” = 0
“EnableFirewall” = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
“{0381B974-DD1F-4E26-BB56-708B5E6FD9E2}” = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{04D5DBCA-E931-4B5E-95A5-B6906D43B456}” = lport=10243 | protocol=6 | dir=in | app=system |
“{065A547B-523D-47A5-8A93-AE42B4AB1DE9}” = lport=138 | protocol=17 | dir=in | app=system |
“{091AAB10-2282-4EB0-A72F-76762B2B35E6}” = lport=137 | protocol=17 | dir=in | app=system |
“{0AA89742-2818-47E0-AEDC-61244D4A2E82}” = lport=445 | protocol=6 | dir=in | app=system |
“{14F186EF-4D96-40A1-88EB-F7BCDF7D09EE}” = lport=139 | protocol=6 | dir=in | app=system |
“{1DDCB6DA-576E-4EC5-B558-0E13313C1177}” = rport=138 | protocol=17 | dir=out | app=system |
“{2E26EF11-1E35-4851-841D-E75DCBE480ED}” = lport=2869 | protocol=6 | dir=in | app=system |
“{33AC156E-2975-4D42-B77B-046E94E06CDD}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
“{5F97D21E-9778-43AD-AC23-EAC27CBEA02D}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{6656FAEA-4D72-4B63-A288-856B3CC9C960}” = rport=445 | protocol=6 | dir=out | app=system |
“{671E62AF-6F30-4D13-A5E3-DAF13390D259}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{7C128645-4FB7-4CB1-A181-292EF1165B4E}” = lport=2869 | protocol=6 | dir=in | app=system |
“{85AE4654-13B1-42B9-8A02-4D4E204AA450}” = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{910F0477-A425-46F9-A76B-B52CC8643788}” = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{95A1362F-FF5D-4EE1-8B1D-5E99BB3300E9}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{9A65A12B-F446-45DD-9979-17DD898A7261}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{9D724006-E829-43C7-B513-26FB8E10506E}” = rport=139 | protocol=6 | dir=out | app=system |
“{B0ABD799-8A2C-4AFC-BB75-1405C32C2B0C}” = rport=10243 | protocol=6 | dir=out | app=system |
“{B66FC9EC-5404-4641-98B4-21371FDED15C}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{BF5C5404-3E99-4DDD-ACF2-9FBC442A9B88}” = rport=137 | protocol=17 | dir=out | app=system |
“{E9890D7D-E1BE-459E-A1C1-C2C1B10E8202}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
“{F10B5350-623D-40CE-BC76-3983D769FCA6}” = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{FCFDD140-FB73-42E6-9C40-0AA055F6C4F8}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
“{01CB696E-4110-40DE-9DDF-1F5221388BEC}” = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
“{04C4D234-CF99-480A-B1F2-E5FB022F8BA9}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{07147A5B-9322-4174-B75E-0967E1124F79}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“{08806419-10C1-4ABB-8C57-1A5B2A8DDAFF}” = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
“{0D3BB2F6-60F3-4BA7-83C4-32191A9CABA0}” = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{2598F94D-95F1-448D-9606-258F67C618A1}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{2AA27051-EFBB-482E-9675-21CED9401D30}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{32BB2BE5-5479-4795-B50E-C24676F66DE3}” = protocol=6 | dir=out | app=system |
“{33E037D6-7ED5-4E60-883E-C85C91E83C58}” = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{36D07932-6970-4C95-B673-40F854E8EF5C}” = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
“{37C3B2F9-7CA0-4B65-A9AF-2A2FDA2533BF}” = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{38C90208-D828-4BC4-8BE6-808C834938A5}” = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{3C281D75-8F76-4CAD-AC08-DBC84C16FAD0}” = protocol=6 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
“{511B1E25-8099-4A09-A300-3E370B023F2A}” = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
“{5B80042E-6108-463D-AAD6-6F1EC097E63E}” = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
“{6C9D2454-ACC6-4246-9A05-79F3342002E7}” = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
“{725BF5F4-2AFF-4BA9-83BD-BD718F531478}” = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
“{7320DA2C-85EF-40A5-B85E-58707A26137A}” = protocol=17 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
“{760BC7C9-CDF1-45A3-BE6A-00016D81883C}” = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
“{7B6763C3-EB7C-4500-918E-E854BD09C53E}” = protocol=17 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
“{84577756-693A-4E03-8626-C10726445CEC}” = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
“{8F4C1FA6-6B50-4974-9015-B41A20CBCAB6}” = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
“{9ACA2994-2653-46D3-97B9-0F9A9D334E89}” = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
“{9D029A0D-AEFE-4E39-8964-31D43E42D023}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
“{9FFEDFB0-3A42-428C-8556-264C8A66539F}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
“{B6901A28-807A-4CAE-8184-5394CBDAD902}” = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
“{CDC7BF97-5665-4E30-A71B-42ACB5ED52F0}” = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
“{D072E12E-1795-4C79-A6EC-98D42E3AFC9E}” = protocol=6 | dir=in | app=c:\program files (x86)\ventrilo\ventrilo.exe |
“{D78EC32F-840C-42EF-A106-11608A3762B8}” = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
“{D85E8F02-D68A-4E61-A4FE-D8CFE32B7151}” = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
“{DB9CDE61-606B-462D-8176-DB3947A63E42}” = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
“{E188E113-1F5C-4752-98DE-40661E925A1F}” = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
“{EA3D4B01-A93A-4CC7-B794-638065F0F13E}” = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
“TCP Query User{3801D94C-7CE7-4BCB-8522-ED3B248F940A}C:\users\sandra\appdata\roaming\spotify\spotify.exe” = protocol=6 | dir=in | app=c:\users\sandra\appdata\roaming\spotify\spotify.exe |
“UDP Query User{CEC111B9-D754-41C5-9381-B17FDDD2A306}C:\users\sandra\appdata\roaming\spotify\spotify.exe” = protocol=17 | dir=in | app=c:\users\sandra\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit:
“{089E65D5-D06A-FE49-8D9C-9CABDF8858F5}” = ccc-utility64
“{1E9FC118-651D-4934-97BE-E53CAE5C7D45}” = Microsoft_VC80_MFCLOC_x86_x64
“{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}” = Microsoft_VC80_CRT_x86_x64
“{503F672D-6C84-448A-8F8F-4BC35AC83441}” = AMD APP SDK Runtime
“{6DB97EF8-603B-FB96-9B56-6F0D23E14263}” = AMD Media Foundation Decoders
“{8557397C-A42D-486F-97B3-A2CBC2372593}” = Microsoft_VC90_ATL_x86_x64
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{90BF0360-A1DB-4599-A643-95AB90A52C1E}” = Microsoft_VC90_MFCLOC_x86_x64
“{925D058B-564A-443A-B4B2-7E90C6432E55}” = Microsoft_VC80_ATL_x86_x64
“{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}” = Microsoft_VC90_CRT_x86_x64
“{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}” = Microsoft_VC90_MFC_x86_x64
“{BABA4667-CF82-B330-A8E5-6E8A09B2D911}” = AMD Accelerated Video Transcoding
“{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}” = Microsoft Security Client
“{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}” = Microsoft_VC80_MFC_x86_x64
“{D10B35A6-786F-2879-DC2F-EBBD735E51B8}” = AMD Fuel
“{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}” = AMD Steady Video Plug-In
“{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}” = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
“{DC911ADF-7B60-40F2-A112-FB1EB6402D07}” = Microsoft Security Client NL-NL Language Pack
“{EE269999-1AB7-7B39-7944-513CF3426CB8}” = AMD Drag and Drop Transcoding
“{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}” = AMD Catalyst Install Manager
“{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile
“{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}” = Microsoft Antimalware Service NL-NL Language Pack
“CCleaner” = CCleaner
“CPUID CPU-Z_is1” = CPUID CPU-Z 1.56
“Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile
“Microsoft Security Client” = Microsoft Security Essentials
“{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}” = Microsoft_VC90_ATL_x86
“{08D2E121-7F6A-43EB-97FD-629B44903403}” = Microsoft_VC90_CRT_x86
“{0CE6E094-B07B-CC6B-F7FD-9D7BD7BE0D86}” = CCC Help Thai
“{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}” = PlayStation(R)Store
“{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}” = Microsoft_VC80_ATL_x86
“{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}” = ATI Catalyst Registration
“{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
“{26A24AE4-039D-4CA4-87B4-2F83217007FF}” = Java 7 Update 7
“{2BF9702B-52EE-4841-83C4-B5E640B6C97A}” = Media Go
“{2EF17083-57D4-4D64-AE4F-55F32A2C4571}” = Codecv
“{3857A262-3B88-127A-96DB-5317B0F9B78C}” = CCC Help Dutch
“{3993DBF6-32F6-488B-9009-E156075AF7B7}” = CCC Help Greek
“{3A090DC5-ADF9-6B83-1095-017754BEC3D0}” = CCC Help Finnish
“{3BCD05CE-8CDE-9503-8794-D8CDB9FA8562}” = Catalyst Control Center InstallProxy
“{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
“{59FB1BE3-155C-72B1-B5F6-B086DEB7D064}” = CCC Help Hungarian
“{5EEA2FBB-1AAF-56D0-C2E5-580ACEA4DED5}” = CCC Help Russian
“{612C34C7-5E90-47D8-9B5C-0F717DD82726}” = swMSM
“{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}” = Microsoft_VC90_MFC_x86
“{6C8D0421-2896-45E0-AFDA-960BC2E2E2EF}” = Sound Blaster Play!
“{7106B820-2071-2B46-7817-5F6ADD1FA112}” = CCC Help Polish
“{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
“{725B5F90-BD27-A74D-7685-48795904FCF3}” = CCC Help Japanese
“{78887CA0-E5F1-3C99-B120-95310B217AB8}” = CCC Help French
“{789289CA-F73A-4A16-A331-54D498CE069F}” = Ventrilo Client
“{7C4E3792-63B4-497D-AF87-66B2BA92E555}” = MEDIAplus Plugin
“{82892947-1311-D6CA-8B79-2753E398FE32}” = CCC Help German
“{855E0BF8-5448-9681-B36E-B84029D355E4}” = CCC Help Danish
“{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}” = The Lord of the Rings FREE Trial
“{9090E44B-CFBA-47D4-2225-3037C539E7E9}” = Catalyst Control Center Graphics Previews Common
“{90DCE328-65D6-0CC0-14FF-A86D6EC57035}” = CCC Help Chinese Traditional
“{91C3236F-645F-52FD-6A83-A4CE5EE8028D}” = CCC Help Czech
“{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}” = Microsoft_VC80_CRT_x86
“{933B4015-4618-4716-A828-5289FC03165F}” = VC80CRTRedist - 8.0.50727.6195
“{943A7AF0-C019-0CFB-BA79-F063E7980B25}” = AMD VISION Engine Control Center
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
“{A4F094CE-9B05-FB0C-DD73-A85DE5D8D283}” = Media Go Video Playback Engine 1.92.170.06150
“{A6CF1995-854B-0B57-BF9D-AD665C52493C}” = CCC Help Chinese Standard
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{AB0670D8-C462-750A-D34D-F18D38C0D64E}” = CCC Help Swedish
“{AC76BA86-7AD7-1043-7B44-AA1000000001}” = Adobe Reader X (10.1.4) - Nederlands
“{AD59DD0E-E36C-9FF1-2F22-ADFA10A43D61}” = CCC Help Italian
“{B167042A-0984-4AA6-99C0-4312C291BD85}” = IS Package Installer
“{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}” = PlayStation(R)Network Downloader
“{B6CF2967-C81E-40C0-9815-C05774FEF120}” = Skype Click to Call
“{B6D38690-755E-4F40-A35A-23F8BC2B86AC}” = Microsoft_VC90_MFCLOC_x86
“{C1C7818F-8270-BA45-D317-675187B9E33E}” = CCC Help Korean
“{C9115BBB-C00B-481A-FD6A-C2BCDC88D6A1}” = CCC Help Turkish
“{D1A19B02-817E-4296-A45B-07853FD74D57}” = Microsoft_VC80_MFC_x86
“{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}” = Microsoft_VC80_MFCLOC_x86
“{E100AC00-5097-16FE-E007-3D5156FC2B93}” = CCC Help Portuguese
“{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}” = Catalyst Control Center - Branding
“{E3AA13F6-F494-D77F-C678-B8E6F8B66448}” = CCC Help Spanish
“{E56685FB-BC75-3BC4-526A-15FD1278F174}” = Catalyst Control Center Localization All
“{ECA16F5B-C5FD-2021-09B1-CA7CB49FDF46}” = CCC Help Norwegian
“{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}” = Skype™ 5.10
“{EF2586BE-6016-DBED-06AB-569B429893A1}” = CCC Help English
“{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}” = Sony PC Companion 2.10.094
“{FC759117-A409-4939-8A50-243A867C9F35}” = MEDIAplus Plugin
“AC3Filter_is1” = AC3Filter 1.62b
“Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player Plugin
“Adobe Shockwave Player” = Adobe Shockwave Player 11.6
“BitTorrent” = BitTorrent
“Creative Software AutoUpdate” = Creative Software AutoUpdate
“DivX Setup” = DivX Setup
“Malwarebytes' Anti-Malware_is1” = Malwarebytes Anti-Malware versie 1.65.0.1400
“SysInfo” = Creative-systeeminformatie
“Update Engine” = Sony Ericsson Update Engine
========== HKEY_CURRENT_USER Uninstall List ==========
“Google Chrome” = Google Chrome
“Spotify” = Spotify
========== Last 20 Event Log Errors ==========
Error - 4-10-2012 19:29:36 | Computer Name = Sandra-PC | Source = ESENT | ID = 455
Description = Windows (2800) Windows: Fout -1811 is opgetreden tijdens het openen
van logboekbestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0003D.log.
Error - 4-10-2012 19:29:37 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 4-10-2012 19:29:37 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 4-10-2012 19:29:37 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 4-10-2012 19:29:37 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 4-10-2012 19:29:37 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 4-10-2012 19:29:44 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 4-10-2012 19:29:44 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 4-10-2012 19:29:44 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 4-10-2012 19:29:44 | Computer Name = Sandra-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 28-9-2012 14:53:03 | Computer Name = Sandra-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 30-9-2012 2:22:12 | Computer Name = Sandra-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 1-10-2012 5:30:13 | Computer Name = Sandra-PC | Source = EventLog | ID = 6008
Description = De vorige afsluiting van het systeem om 11:28:34 op ?1-?10-?2012 is
onverwacht gebeurd.
Error - 1-10-2012 5:30:21 | Computer Name = Sandra-PC | Source = BugCheck | ID = 1001
Description =
Error - 1-10-2012 17:16:11 | Computer Name = Sandra-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 3-10-2012 16:53:41 | Computer Name = Sandra-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 3-10-2012 17:04:53 | Computer Name = Sandra-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 4-10-2012 19:29:44 | Computer Name = Sandra-PC | Source = Service Control Manager | ID = 7024
Description = De Windows Search-service is gestopt met de specifieke servicefout
%%-1073473535.
Error - 4-10-2012 19:29:44 | Computer Name = Sandra-PC | Source = Service Control Manager | ID = 7031
Description = De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd.
De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service
opnieuw starten.
Error - 4-10-2012 19:34:45 | Computer Name = Sandra-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
< End of report >
Hallo,
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
Windows 2000 en Windows XP: start de tool middels dubbelklik op “zoek.exe”.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
startupall;
filesrcm;
iedefaults;
BittorrentBar_NL;ff
{1CD4CC61-F751-441C-3DA5-AA7C1302AEC0};c
C:\ProgramData\Codecv;fs
{6C680BAE-655C-4E3D-8FC4-E6A520C3D928};c
{2D8D9ACC-F6D7-4362-8876-A275CA929591};c
resethosts;
emptyclsid;
emptyjava;
emptyflash;
emptyiecache;
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht en vertel hoe het nu gaat.
Gr.Ben
Het probleem is helaas nog niet verholpen. hij start gewoon weer op:S ( http://mystart.incredibar.com/?loc=CH_NT)
Zoek.exe Version 3.0.0.3 Updated 04-October-2012
Tool run by Sandra on zo 07-10-2012 at 20:38:31,64.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Set IE to Default ======================
Old Values:
“Search Page”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Default_Search_URL”=“http://www.google.com/ie”
“Search Bar”=“http://www.google.com/ie”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
@=“http://www.google.com/search?q=%s”
“SearchAssistant”=“http://www.google.com/ie”
“Default_Search_URL”=“http://www.google.com/ie”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
“SuggestionsURLFallback”=“http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeight}&FORM=IE8SSC&market={language}”
“FaviconURLFallback”=“http://www.bing.com/favicon.ico”
“FaviconPath”=“C:\\Users\\Sandra\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico”
“DisplayName”=“Bing”
“URL”=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
“TopResultURLFallback”=“http://www.bing.com/search?q={searchTerms}&src=ie9tr”
New Values:
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Bar”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
@=“http://search.msn.com/results.asp?q=%s”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
“SuggestionsURLFallback”=“http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeight}&FORM=IE8SSC&market={language}”
“FaviconPath”=“C:\\Users\\Sandra\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico”
“DisplayName”=“Bing”
“URL”=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
“TopResultURLFallback”=“http://www.bing.com/search?q={searchTerms}&src=ie9tr”
==== Deleting CLSID Registry Keys ======================
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CD4CC61-F751-441C-3DA5-AA7C1302AEC0} deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CD4CC61-F751-441C-3DA5-AA7C1302AEC0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{1CD4CC61-F751-441C-3DA5-AA7C1302AEC0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CD4CC61-F751-441C-3DA5-AA7C1302AEC0} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2D8D9ACC-F6D7-4362-8876-A275CA929591} deleted successfully
==== Reset Hosts File ======================
# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== FireFox Fix ======================
==== Deleting Files \ Folders ======================
“C:\ProgramData\Codecv” deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Sandra\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2012-10-04 21:09:03 384B5D3843838AD9B393C2EA74B3C005 10570 —-a-w- C:\Windows\SysWOW64\hijackthis2
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2012-09-26 03:18:58 A236B1646E96AB06BE0F8D592B6D9A0D 245760 —-a-w- C:\Windows\Sysnative\OxpsConverter.exe
====== C:\Windows\Sysnative\drivers =====
2012-09-12 13:58:25 760E38053BF56E501D562B70AD796B88 950128 —-a-w- C:\Windows\Sysnative\drivers\ndis.sys
2012-09-12 13:58:25 0E01641D96889BDEB22DE12D30575B08 41472 —-a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2012-09-12 13:58:22 F782CAD3CEDBB3F9FFE3BF2775D92DDC 1913200 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2012-09-12 13:58:22 910DD6694848872FD3B8F42BAF801D0A 288624 —-a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2012-09-12 13:58:22 7942B7AC3FF598F8A1736D51ADAF04E8 376688 —-a-w- C:\Windows\Sysnative\drivers\netio.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2012-09-18 13:58:45 ——– d—–w- C:\Program Files (x86)\Adobe
======= C: =====
2012-10-05 09:27:19 C4F5C5EF19BA5FEB4CD2ABA99076E44A 1424 —-a-w- C:\AdwCleaner.txt
2012-10-05 07:45:20 3A8F15428AEE6549A2E99D9B87900D31 1672 —-a-w- C:\AdwCleaner.txt
2012-10-05 07:44:54 EDC456B8DEA53F5A8E747028EB385EB6 1565 —-a-w- C:\AdwCleaner.txt
2012-10-05 07:44:00 AEB1992F3A971BD466A0369EDD1FC1D9 496 —-a-w- C:\AdwCleaner.txt
2012-10-05 07:04:00 2C70BE95C298831E5D71A87FCB8412BD 496 —-a-w- C:\AdwCleaner.txt
2012-10-05 07:00:55 1531C808184DEB5FD8B52570CC28E2AB 496 —-a-w- C:\AdwCleaner.txt
2012-10-05 06:57:29 95CBED67DA490B130B7709B76B50D48C 496 —-a-w- C:\AdwCleaner.txt
2012-10-05 06:56:58 4B4C2EF86F9E7A0B93F9F6E3C599985C 496 —-a-w- C:\AdwCleaner.txt
2012-10-05 06:55:38 499824B56D987B7D5EC12DFEF012BD29 492 —-a-w- C:\AdwCleaner.txt
2012-10-05 06:54:21 B3272A68A415B2443F0630A79C282583 3652 —-a-w- C:\AdwCleaner.txt
====== C:\Users\Sandra\AppData\Roaming ======
====== C:\Users\Sandra ======
2012-09-27 05:42:28 ——– d—–w- C:\Users\Sandra\.ps_inception
====== C: exe-files ==
2012-10-07 17:27:15 4ADCFEE16EE9978F06157634669D36FB 602112 —-a-w- C:\Users\Sandra\Downloads\OTL (1).exe
2012-10-07 17:27:03 4ADCFEE16EE9978F06157634669D36FB 602112 —-a-w- C:\Users\Sandra\Downloads\OTL.exe
2012-10-05 07:44:20 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner (7).exe
2012-10-05 07:43:35 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner 
.exe
2012-10-05 07:03:46 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner (5).exe
2012-10-05 07:02:47 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner (4).exe
2012-10-05 07:02:40 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner (3).exe
2012-10-05 06:58:39 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner (2).exe
2012-10-05 06:56:21 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner (1).exe
2012-10-05 06:53:28 04F80866AA0D12731CE6209AF7784EEE 513501 —-a-w- C:\Users\Sandra\Downloads\adwcleaner.exe
=== C: other files ==
2012-10-04 07:30:05 66385EBFFEDD5E0A79B7658023FD72A3 50000000 —-a-w- C:\Users\Sandra\Downloads\ - Revenge.S02E01.720p.HDTV.X264-DIMENSION\revenge.201.720p-dimension.rar
==== Startup Registry Enabled ======================
“Spotify”=“C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart”
“Google Update”=“C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe /c”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“Spotify Web Helper”=“C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
“BitTorrent”=“C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED”
“Sony PC Companion”=“C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background”
“CTSysVol”=“C:\Program Files (x86)\Creative\Sound Blaster Play\Surround Mixer\CTSysVol.exe /r”
“VolPanel”=“C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe /r”
“ATICustomerCare”=“C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe”
“AMD AVT”=“Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml”
“DivXUpdate”=“C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW”
“StartCCC”=“C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun”
“SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“Spotify”=“C:\Users\Sandra\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart”
“Google Update”=“C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe /c”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“Spotify Web Helper”=“C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”
“BitTorrent”=“C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED”
“Sony PC Companion”=“C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1742615846-542083194-1811971918-1001Core.job –a—— line:=C:=C:
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1742615846-542083194-1811971918-1001UA.job –a—— line:=C:=C:
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7K9PGHPB will be deleted at reboot
C:\Users\Sandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Sandra\AppData\Local\Temp successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Sandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not deleted
“C:\Users\Sandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7K9PGHPB” not found
Hoi San,
Daarom hadden wij ook al het volgende “Sticky” aangemaakt:
Zie hier.
Ben zal je verder helpen met het opruimen van de diverse gebruikte programma's.
Groetjes Huib;)
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
