• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Ook Buma/Stemra virus (nieuwe versie)

Status
Niet open voor verdere reacties.

timothydegraaf

Nieuw lid
Lid geworden
18 mrt 2012
Berichten
3
Waarderingsscore
0
Ey,

Ik heb het ook. Heb het voor een deel opgelost.

stap 1: Start computer in MS DOS op(CMD)
StaP 2: Verwijder %AppData%\flint4ytw.exe VIA CMD.

Stap 3: Start nu in veilige modus op. Ja je krijgt nu wel je Taakbalk
Stap 4: Klik op uitvoeren en dan typ je msconfig in.
Stap 5: ga naar tabblad opstarten en vink de onbetrouwbare bestanden uit.
Stap 6: start je pc opnieuw op en je komt erin.

Probleem nu nog. Ik kan me taakbeheer niet meer in. Taakbeheer is uitgeschakeld door de systeembeheerder. Hoe los ik dit op?
 
Hallo Timothy,
yahooo.gif
welkom op dit geweldige forum.

Download OTL en plaats het bestand op je bureaublad.

"OTL.com" gebruiken:
  • Sluit nu eerst alle nog openstaande programmavensters!
    • Windows 2000 en Windows XP: start het tool middels dubbelklik op "OTL.com".
    • Windows Vista en Windows 7: start het tool middels rechtsklik op "OTL.com" en dan kiezen voor Als Administrator uitvoeren.
  • Zet een vinkje bij Scan All Users.
  • Klik op de knop Quick Scan.
  • Verander de instellingen van OTL niet, tenzij ik hiervoor specifiek instructies geef.
  • De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.txt.
    • Deze logbestanden zijn opgeslagen in dezelfde locatie als OTL.
    • Ga naar DDRMMR's kleurcodeerder (Klik)
    • Kopieer en plak de inhoud van OTL.Txt in het webvenster en klik op de knop 'Converteer'.
    • Kopieer en plak de inhoud van de kleurcodeerder vervolgens in je aansluitende bericht.
    • De inhoud van Extras.txt plak je gewoon onder het andere log in je bericht erbij (hoeft niet via de kleurcodeerder).
OTL produceert een behoorlijk groot log, dus kan het gebeuren, dat je het log moet splitsen en in twee of meerdere keren moet posten.
 
Ey,

Ik heb het ook. Heb het voor een deel opgelost.

stap 1: Start computer in MS DOS op(CMD)
StaP 2: Verwijder %AppData%\flint4ytw.exe VIA CMD.

Stap 3: Start nu in veilige modus op. Ja je krijgt nu wel je Taakbalk
Stap 4: Klik op uitvoeren en dan typ je msconfig in.
Stap 5: ga naar tabblad opstarten en vink de onbetrouwbare bestanden uit.
Stap 6: start je pc opnieuw op en je komt erin.

Probleem nu nog. Ik kan me taakbeheer niet meer in. Taakbeheer is uitgeschakeld door de systeembeheerder. Hoe los ik dit op?

Windows vanaf Vista heeft een beschermd systeem Administrator account met de aller hoogste rechten. Standaard is dat uitgeschakeld i.v.m. de beveiliging van Windows. Soms echter heb je toch de systeem Administrator nodig omdat de rechten van de standaard Administrator niet voldoende zijn. Ga als volg te werk als het nodig is de de systeem Administrator in te schakelen (lijkt me in jou geval wel noodzakelijk).

Voer de volgende opdracht in het "Programma's en Bestanden zoeken" (onderaan het Windows start menu) veld in:

C:\Windows\System32\lusrmgr.msc

Klik op lusrmgr.msc om de locale groepen manager te openen en volg onderstaande procedure om de systeem administrator account actief te maken.


  • Klik in het linker venster op "Gebruikers"
  • In het midden venster zie je een aantal accounts staan waaronder "Administrator".
  • Klik met de rechtermuistoets op "Administrator" en kies eigenschappen.
  • In het venster dat nu opend haal je het vinkje weg bij "Account is uitgeschakeld" om de systeem Administrator te activeren.
  • Start de PC opnieuw, en kies als opstart mogelijkheid Administrator (geen wachtwoord).
  • Je bent nu als systeem administrator ingelogd en hebt de aller hoogste rechten, nu kun je wel taakbeheer starten en andere benodigde acties op bestanden uitvoeren.
  • Vergeet niet de systeem Administrator nadat alles weer werkt, te deactiveren i.v.m. het gevaar dat kwaadwillenden je PC kunnen overnemen bij een volgende aanval.

Succes, Z. :wink:
 
Maar bovenstaande handelingen gaan niet op voor Vista Home Primium.....:huh:
 
Hoi, ik heb niks meer vernomen.
Is je probleem misschien opgelost?
 
HOi,

Heb bovenstaande ook gedaan en log hieronder geplaatst.
Alvast bedankt.

[hjt]
otl logfile created on: 18-4-2012 0:38:42 - run 1
otl by oldtimer - version 3.2.40.0 folder = c:\users\alexander\downloads
ultimate edition service pack 1 (version = 6.1.7601) - type = ntworkstation
internet explorer (version = 9.0.8112.16421)
locale: 00000413 | country: nederland | language: nld | date format: d-m-yyyy

2,91 gb total physical memory | 1,69 gb available physical memory | 57,97% memory free
5,83 gb paging file | 4,40 gb available in paging file | 75,51% paging file free
paging file location(s): ?:\pagefile.sys [binary data]

%systemdrive% = c: | %systemroot% = c:\windows | %programfiles% = c:\program files
drive c: | 465,66 gb total space | 222,84 gb free space | 47,85% space free | partition type: ntfs
drive d: | 100,00 mb total space | 78,71 mb free space | 78,71% space free | partition type: ntfs

computer name: win732 | user name: alexander | logged in as administrator.
boot mode: normal | scan mode: all users | quick scan
company name whitelist: on | skip microsoft files: on | no company name whitelist: on | file age = 30 days

========== processes (safelist) ==========

prc - [2012-04-18 00:37:52 | 000,595,968 | ---- | m] (oldtimer tools) -- c:\users\alexander\downloads\otl.com
prc - [2012-04-15 14:31:03 | 000,353,440 | ---- | m] (adobe systems incorporated) -- c:\windows\system32\macromed\flash\flashutil32_11_2_202_233_activex.exe
prc - [2012-04-04 15:56:40 | 000,654,408 | ---- | m] (malwarebytes corporation) -- c:\program files\malwarebytes' anti-malware\mbamservice.exe
prc - [2012-04-04 15:56:38 | 000,462,408 | ---- | m] (malwarebytes corporation) -- c:\program files\malwarebytes' anti-malware\mbamgui.exe
prc - [2011-09-23 19:37:42 | 000,641,832 | ---- | m] (nero ag) -- c:\program files\nero\update\nasvc.exe
prc - [2011-08-11 20:57:28 | 000,348,672 | ---- | m] () -- c:\program files\sabnzbd\sabnzbd.exe
prc - [2011-06-24 06:22:20 | 000,271,360 | ---- | m] (microsoft corporation) -- c:\windows\system32\conhost.exe
prc - [2011-06-15 15:16:48 | 000,997,920 | ---- | m] (microsoft corporation) -- c:\program files\microsoft security client\msseces.exe
prc - [2011-04-27 15:39:26 | 000,208,944 | ---- | m] (microsoft corporation) -- c:\program files\microsoft security client\antimalware\nissrv.exe
prc - [2011-04-27 15:39:26 | 000,011,736 | ---- | m] (microsoft corporation) -- c:\program files\microsoft security client\antimalware\msmpeng.exe
prc - [2011-02-25 07:30:54 | 002,616,320 | ---- | m] (microsoft corporation) -- c:\windows\explorer.exe
prc - [2010-11-20 23:29:19 | 000,049,152 | ---- | m] (microsoft corporation) -- c:\windows\system32\taskhost.exe
prc - [2010-11-20 23:29:12 | 000,302,592 | ---- | m] (microsoft corporation) -- c:\windows\system32\cmd.exe
prc - [2010-11-17 10:53:16 | 000,113,288 | ---- | m] (renesas electronics corporation) -- c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe
prc - [2010-03-13 13:58:58 | 000,075,048 | ---- | m] (cyberlink) -- c:\program files\cyberlink\shared files\brs.exe
prc - [2010-02-03 01:08:56 | 000,087,336 | ---- | m] (cyberlink corp.) -- c:\program files\cyberlink\powerdvd10\pdvd10serv.exe
prc - [2010-01-24 18:50:08 | 000,089,600 | ---- | m] (ivosoft) -- c:\program files\classic shell\classicstartmenu.exe


========== modules (no company name) ==========

mod - [2011-08-31 19:13:52 | 000,094,208 | ---- | m] () -- c:\windows\system32\icclibdll.dll
mod - [2011-08-11 20:57:28 | 000,348,672 | ---- | m] () -- c:\program files\sabnzbd\sabnzbd.exe
mod - [2011-03-17 00:11:16 | 004,297,568 | ---- | m] () -- c:\program files\common files\microsoft shared\office14\cultures\office.odf
mod - [2010-11-01 18:52:28 | 000,057,344 | ---- | m] () -- c:\program files\sabnzbd\lib\openssl.crypto.pyd
mod - [2010-11-01 18:52:28 | 000,037,888 | ---- | m] () -- c:\program files\sabnzbd\lib\openssl.ssl.pyd
mod - [2010-11-01 18:52:28 | 000,007,168 | ---- | m] () -- c:\program files\sabnzbd\lib\openssl.rand.pyd
mod - [2010-10-08 04:37:34 | 000,546,205 | ---- | m] () -- c:\program files\sabnzbd\lib\sqlite3.dll
mod - [2010-01-31 17:14:32 | 000,118,784 | ---- | m] () -- c:\program files\sabnzbd\lib\pywintypes25.dll
mod - [2010-01-31 17:11:56 | 000,671,744 | ---- | m] () -- c:\program files\sabnzbd\lib\_ssl.pyd
mod - [2010-01-31 17:11:52 | 000,294,912 | ---- | m] () -- c:\program files\sabnzbd\lib\_hashlib.pyd
mod - [2010-01-31 17:11:52 | 000,135,168 | ---- | m] () -- c:\program files\sabnzbd\lib\pyexpat.pyd
mod - [2010-01-31 17:11:52 | 000,086,016 | ---- | m] () -- c:\program files\sabnzbd\lib\_ctypes.pyd
mod - [2010-01-31 17:11:52 | 000,053,248 | ---- | m] () -- c:\program files\sabnzbd\lib\_socket.pyd
mod - [2010-01-31 17:11:52 | 000,049,152 | ---- | m] () -- c:\program files\sabnzbd\lib\_sqlite3.pyd
mod - [2010-01-31 17:11:52 | 000,008,192 | ---- | m] () -- c:\program files\sabnzbd\lib\select.pyd
mod - [2010-01-31 16:56:20 | 000,024,576 | ---- | m] () -- c:\program files\sabnzbd\lib\servicemanager.pyd
mod - [2010-01-31 16:56:12 | 000,102,400 | ---- | m] () -- c:\program files\sabnzbd\lib\win32api.pyd
mod - [2010-01-31 16:56:04 | 000,036,864 | ---- | m] () -- c:\program files\sabnzbd\lib\win32service.pyd
mod - [2010-01-31 16:54:18 | 000,040,960 | ---- | m] () -- c:\program files\sabnzbd\lib\win32process.pyd
mod - [2010-01-31 16:54:16 | 000,019,968 | ---- | m] () -- c:\program files\sabnzbd\lib\win32pipe.pyd
mod - [2010-01-31 16:54:06 | 000,014,848 | ---- | m] () -- c:\program files\sabnzbd\lib\win32evtlog.pyd
mod - [2010-01-31 16:54:04 | 000,110,592 | ---- | m] () -- c:\program files\sabnzbd\lib\win32file.pyd
mod - [2010-01-31 16:54:04 | 000,013,824 | ---- | m] () -- c:\program files\sabnzbd\lib\win32event.pyd
mod - [2009-03-03 19:21:18 | 000,012,288 | ---- | m] () -- c:\program files\sabnzbd\lib\cheetah._namemapper.pyd
mod - [2006-08-12 17:47:52 | 000,009,728 | ---- | m] () -- c:\program files\sabnzbd\lib\_yenc.pyd


========== win32 services (safelist) ==========

srv - [2012-04-15 14:31:03 | 000,253,088 | ---- | m] (adobe systems incorporated) [on_demand | stopped] -- c:\windows\system32\macromed\flash\flashplayerupdateservice.exe -- (adobeflashplayerupdatesvc)
srv - [2012-04-04 19:05:26 | 000,008,192 | ---- | m] () [auto | stopped] -- c:\windows\system32\srvany.exe -- (kmservice)
srv - [2012-04-04 15:56:40 | 000,654,408 | ---- | m] (malwarebytes corporation) [auto | running] -- c:\program files\malwarebytes' anti-malware\mbamservice.exe -- (mbamservice)
srv - [2012-03-11 21:41:49 | 000,655,624 | ---- | m] (acresso software inc.) [on_demand | stopped] -- c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe -- (flexnet licensing service)
srv - [2011-09-23 19:37:42 | 000,641,832 | ---- | m] (nero ag) [auto | running] -- c:\program files\nero\update\nasvc.exe -- (naupdate)
srv - [2011-06-12 11:15:00 | 031,125,880 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\program files\microsoft office\office14\groove.exe -- (microsoft sharepoint workspace audit service)
srv - [2011-05-08 00:13:56 | 001,343,400 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\windows\system32\wat\watadminsvc.exe -- (watadminsvc)
srv - [2011-04-27 15:39:26 | 000,208,944 | ---- | m] (microsoft corporation) [on_demand | running] -- c:\program files\microsoft security client\antimalware\nissrv.exe -- (nissrv)
srv - [2011-04-27 15:39:26 | 000,011,736 | ---- | m] (microsoft corporation) [auto | running] -- c:\program files\microsoft security client\antimalware\msmpeng.exe -- (msmpsvc)
srv - [2010-08-08 12:45:26 | 000,013,080 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\program files\windows identity foundation\v3.5\c2wtshost.exe -- (c2wts)
srv - [2009-07-14 03:16:13 | 000,025,088 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\windows\system32\sensrsvc.dll -- (sensrsvc)
srv - [2009-07-14 03:16:12 | 001,004,544 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\windows\system32\peerdistsvc.dll -- (peerdistsvc)


========== driver services (safelist) ==========

drv - file not found [kernel | on_demand | stopped] -- system32\drivers\rdvgkmd.sys -- (vgpu)
drv - [2012-04-18 00:26:04 | 000,054,016 | ---- | m] () [kernel | boot | unknown] -- c:\windows\system32\drivers\kjwswvst.sys -- (cyfv)
drv - [2012-04-04 15:56:40 | 000,022,344 | ---- | m] (malwarebytes corporation) [file_system | on_demand | running] -- c:\windows\system32\drivers\mbam.sys -- (mbamprotector)
drv - [2011-05-27 20:50:47 | 000,443,448 | ---- | m] () [kernel | boot | running] -- c:\windows\system32\drivers\sptd.sys -- (sptd)
drv - [2011-04-27 15:25:24 | 000,065,024 | ---- | m] (microsoft corporation) [kernel | on_demand | running] -- c:\windows\system32\drivers\nisdrvwfp.sys -- (nisdrv)
drv - [2011-04-18 13:18:50 | 000,043,392 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\mpnwmon.sys -- (mpnwmon)
drv - [2011-03-07 11:01:32 | 000,274,736 | r--- | m] (marvell semiconductor, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\mvs91xx.sys -- (mvs91xx)
drv - [2011-03-04 17:00:16 | 000,309,224 | ---- | m] (asmedia technology inc) [kernel | on_demand | running] -- c:\windows\system32\drivers\asmtxhci.sys -- (asmtxhci)
drv - [2011-03-04 17:00:14 | 000,100,328 | ---- | m] (asmedia technology inc) [kernel | on_demand | running] -- c:\windows\system32\drivers\asmthub3.sys -- (asmthub3)
drv - [2011-03-04 13:46:18 | 000,032,896 | r--- | m] (advanced micro devices) [kernel | boot | running] -- c:\windows\system32\drivers\amd_xata.sys -- (amd_xata)
drv - [2011-03-04 13:46:16 | 000,065,664 | r--- | m] (advanced micro devices) [kernel | boot | running] -- c:\windows\system32\drivers\amd_sata.sys -- (amd_sata)
drv - [2011-02-17 12:41:00 | 000,317,216 | ---- | m] (marvell) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\yk62x86.sys -- (yukonw7)
drv - [2011-02-14 08:07:54 | 000,021,808 | r--- | m] (marvell semiconductor inc.) [kernel | boot | running] -- c:\windows\system32\drivers\mv91cons.sys -- (mv91cons)
drv - [2011-02-14 08:07:52 | 000,273,200 | r--- | m] (marvell semiconductor, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\mv91xx.sys -- (mv91xx)
drv - [2011-02-10 14:52:10 | 000,141,952 | ---- | m] (renesas electronics corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
drv - [2011-02-10 14:52:10 | 000,063,872 | ---- | m] (renesas electronics corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\nusb3hub.sys -- (nusb3hub)
drv - [2011-02-09 15:26:44 | 000,023,640 | r--- | m] (jmicron technology corp.) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\johci.sys -- (johci)
drv - [2010-11-25 13:27:30 | 000,103,000 | r--- | m] (jmicron technology corp.) [kernel | boot | running] -- c:\windows\system32\drivers\jraid.sys -- (jraid)
drv - [2010-11-20 23:29:34 | 000,015,872 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\rdpvideominiport.sys -- (rdpvideominiport)
drv - [2010-11-20 23:29:24 | 000,052,224 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\tsusbflt.sys -- (tsusbflt)
drv - [2010-11-20 23:29:03 | 000,175,360 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\vmbus.sys -- (vmbus)
drv - [2010-11-20 23:29:03 | 000,112,640 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\tsusbhub.sys -- (tsusbhub)
drv - [2010-11-20 23:29:03 | 000,077,184 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\synth3dvsc.sys -- (synth3dvsc)
drv - [2010-11-20 23:29:03 | 000,062,464 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\dmvsc.sys -- (dmvsc)
drv - [2010-11-20 23:29:03 | 000,040,704 | ---- | m] (microsoft corporation) [kernel | boot | running] -- c:\windows\system32\drivers\vmstorfl.sys -- (storflt)
drv - [2010-11-20 23:29:03 | 000,035,968 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\winusb.sys -- (winusb)
drv - [2010-11-20 23:29:03 | 000,028,032 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\storvsc.sys -- (storvsc)
drv - [2010-11-20 23:29:03 | 000,027,264 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\tsusbgd.sys -- (tsusbgd)
drv - [2010-11-20 23:29:03 | 000,025,600 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\terminpt.sys -- (terminpt)
drv - [2010-11-20 23:29:03 | 000,017,920 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\vmbushid.sys -- (vmbushid)
drv - [2010-11-20 23:29:03 | 000,005,632 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\vms3cap.sys -- (s3cap)
drv - [2010-09-29 03:14:30 | 000,228,352 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\atikmpag.sys -- (amdkmdap)
drv - [2010-09-23 17:47:20 | 000,214,096 | r--- | m] (advanced micro devices, inc) [kernel | boot | running] -- c:\windows\system32\drivers\ahcix86.sys -- (ahcix86)
drv - [2010-07-21 07:30:26 | 000,031,256 | ---- | m] (initio corp.) [kernel | boot | running] -- c:\windows\system32\drivers\inic1620.sys -- (inic1620)
drv - [2010-07-13 11:57:16 | 000,040,560 | ---- | m] (paragon software group) [kernel | boot | running] -- c:\windows\system32\drivers\hotcore3.sys -- (hotcore3)
drv - [2010-06-15 02:09:30 | 000,407,120 | r--- | m] (lsi corporation, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\megasr1.sys -- (megasr1)
drv - [2010-03-31 00:00:00 | 000,027,760 | ---- | m] () [kernel | on_demand | stopped] -- c:\tools\lavalys\everest ultimate edition\kerneld.wnt -- (everestdriver)
drv - [2010-03-29 12:15:36 | 000,055,848 | ---- | m] (atheros communications, inc.) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\l1e62x86.sys -- (l1e)
drv - [2010-03-13 13:58:52 | 000,087,536 | ---- | m] (cyberlink corp.) [2012/01/01 09:44:38] [kernel | auto | running] -- c:\program files\cyberlink\powerdvd10\navfilter\000.fcl -- ({1ba31e5a-c098-42d8-8f88-3c9f78a2fddc})
drv - [2010-02-11 11:59:48 | 000,023,192 | ---- | m] (via technologies, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\xfilt.sys -- (xfilt)
drv - [2010-02-11 11:59:18 | 000,013,976 | ---- | m] (via technologies, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\videx32.sys -- (videx32)
drv - [2010-01-07 00:26:34 | 000,190,768 | r--- | m] (advanced micro devices, inc) [kernel | boot | running] -- c:\windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
drv - [2009-11-09 04:11:22 | 000,043,552 | r--- | m] (areca technology corporation) [kernel | boot | running] -- c:\windows\system32\drivers\arcm_x86.sys -- (arcm_x86)
drv - [2009-11-06 09:37:20 | 000,699,896 | ---- | m] (broadcom corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\bcmwlhigh6.sys -- (bcmh43xx)
drv - [2009-10-11 15:58:10 | 000,016,512 | ---- | m] (adaptec) [kernel | auto | running] -- c:\windows\system32\drivers\aspi32.sys -- (aspi32)
drv - [2009-09-14 16:24:12 | 000,155,688 | r--- | m] (marvell semiconductor, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\mv61xx.sys -- (mv61xx)
drv - [2009-08-24 10:14:30 | 000,044,544 | ---- | m] (azurewave technologies, inc.) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\azvusb.sys -- (azvusb)
drv - [2009-08-04 19:44:12 | 000,139,296 | r--- | m] (nvidia corporation) [kernel | boot | running] -- c:\windows\system32\drivers\nvrd32.sys -- (nvrd32)
drv - [2009-07-17 02:51:52 | 000,024,608 | ---- | m] (nvidia corporation) [kernel | boot | running] -- c:\windows\system32\drivers\nvamacpi.sys -- (nvamacpi)
drv - [2009-07-16 12:36:30 | 000,013,216 | ---- | m] () [kernel | on_demand | stopped] -- c:\windows\system32\drivers\asacpi.sys -- (mtsensor)
drv - [2009-07-14 00:02:53 | 000,044,032 | ---- | m] (via technologies, inc. ) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\fetnd6.sys -- (fetndis)
drv - [2009-07-14 00:02:52 | 000,347,264 | ---- | m] (nvidia corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\nvm62x32.sys -- (nvenetfd)
drv - [2009-06-15 17:01:00 | 000,273,920 | ---- | m] (creative technology ltd.) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\v0540vid.sys -- (v0540dev)
drv - [2009-06-10 23:19:48 | 009,853,248 | ---- | m] (nvidia corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\nvlddmkm.sys -- (nvlddmkm)
drv - [2009-04-28 17:14:12 | 000,015,008 | r--- | m] (highpoint technologies, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\hptiop.sys -- (hptiop)
drv - [2009-02-05 12:38:24 | 000,212,520 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\si3531.sys -- (si3531)
drv - [2008-10-30 11:56:04 | 000,217,128 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\si3132r5.sys -- (si3132r5)
drv - [2008-10-30 11:56:04 | 000,012,200 | r--- | m] (silicon image, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\siremfil.sys -- (siremfil)
drv - [2008-09-22 03:20:42 | 000,043,520 | ---- | m] (via technologies, inc. ) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\fetnd6v.sys -- (fetnd6v)
drv - [2008-08-18 18:58:16 | 000,145,952 | ---- | m] (nvidia corporation) [kernel | boot | running] -- c:\windows\system32\drivers\nvstor32.sys -- (nvstor32)
drv - [2007-10-03 16:55:08 | 000,080,424 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\si3132.sys -- (si3132)
drv - [2007-08-29 18:04:04 | 000,116,264 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\si3112r.sys -- (si3112r)
drv - [2007-08-29 18:04:04 | 000,019,240 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\siwinacc.sys -- (sifilter)
drv - [2007-06-19 14:48:26 | 000,075,672 | r--- | m] (intel corporation) [kernel | boot | running] -- c:\windows\system32\drivers\issetup.sys -- (issetup) intel(r)
drv - [2007-04-11 14:32:48 | 000,110,384 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\si3114r.sys -- (si3114r)
drv - [2007-02-07 11:30:06 | 000,209,200 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\si3114r5.sys -- (si3114r5)
drv - [2007-01-26 13:55:08 | 000,069,168 | r--- | m] (silicon image, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\si3112.sys -- (si3112)
drv - [2006-11-10 12:45:54 | 000,068,912 | r--- | m] (silicon image, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\si3114.sys -- (si3114)
drv - [2006-11-02 16:20:30 | 000,076,208 | r--- | m] (silicon image, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\si3124.sys -- (si3124)
drv - [2006-09-27 14:36:50 | 000,071,968 | r--- | m] (highpoint technologies, inc.) [kernel | boot | running] -- c:\windows\system32\drivers\hptmv.sys -- (hptmv)
drv - [2006-09-20 11:38:26 | 000,207,152 | r--- | m] (silicon image, inc) [kernel | boot | running] -- c:\windows\system32\drivers\si3124r5.sys -- (si3124r5)
drv - [2006-07-20 20:47:12 | 000,104,320 | r--- | m] (uli electronics inc.) [kernel | boot | running] -- c:\windows\system32\drivers\m5287.sys -- (m5287)
drv - [2006-07-19 19:48:14 | 000,211,072 | r--- | m] (uli electronics inc.) [kernel | boot | running] -- c:\windows\system32\drivers\m5288.sys -- (m5288)
drv - [2006-02-26 17:22:48 | 000,010,240 | ---- | m] (nvidia corporation) [kernel | on_demand | stopped] -- c:\windows\system32\drivers\nvmpu401.sys -- (nvmpu401) service for nvidia(r) nforce(tm)
drv - [2005-07-04 15:21:00 | 000,052,480 | r--- | m] (uli electronics inc.) [kernel | boot | running] -- c:\windows\system32\drivers\m5289.sys -- (m5289)


========== standard registry (safelist) ==========


========== internet explorer ==========

ie - hklm\..\searchscopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ie - hklm\..\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}: "url" = [noparse]http://www.bing.com/search?q={searchterms}&form=ie8src[/noparse]


ie - hku\.default\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0

ie - hku\s-1-5-18\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0



ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\internet explorer\main,secondary start pages = [noparse]http://facebook.com/[/noparse] [binary data]
ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.nl/[/noparse]
ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\internet explorer\main,start page redirect cache = [noparse]http://nl.msn.com/?ocid=iehp[/noparse]
ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\internet explorer\main,start page redirect cache acceptlangs = nl
ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\internet explorer\main,start page redirect cache_timestamp = f0 ad c1 14 ec 47 cc 01 [binary data]
ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\..\searchscopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\..\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}: "url" = [noparse]http://www.bing.com/search?q={searchterms}&src=ie-searchbox&form=ie8src[/noparse]
ie - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0


========== firefox ==========

ff - hklm\software\mozillaplugins\@adobe.com/shockwaveplayer: c:\windows\system32\adobe\director\np32dsw.dll (adobe systems, inc.)
ff - hklm\software\mozillaplugins\@google.com/nppicasa3,version=3.0.0: c:\program files\google\picasa3\nppicasa3.dll (google, inc.)
ff - hklm\software\mozillaplugins\@java.com/javaplugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll (oracle corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/genuine: disabled file not found
ff - hklm\software\mozillaplugins\@microsoft.com/npctrl,version=1.0: c:\program files\microsoft silverlight\4.1.10111.0\npctrl.dll ( microsoft corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/officeauthz,version=14.0: c:\progra~1\micros~3\office14\npauthz.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/sharepoint,version=14.0: c:\progra~1\micros~3\office14\npspwrap.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@nero.com/km: c:\progra~1\common~1\nero\browse~1\npbrow~1.dll (nero ag)
ff - hklm\software\mozillaplugins\@zylom.com/zylomgamesplayer: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll (zylom)
ff - hkcu\software\mozillaplugins\@thrixxx.com/weblaunch: c:\program files\thrixxx\weblaunch\binaries\npweblaunch.dll file not found



o1 hosts file: ([2012-03-11 12:49:52 | 000,000,859 | ---- | m]) - c:\windows\system32\drivers\etc\hosts

o2 - bho: (explorerbho class) - {449d0d6e-2412-4e61-b68f-1cb625cd9e52} - c:\program files\classic shell\classicexplorer32.dll (ivosoft)
o2 - bho: (groove gfs browser helper) - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office14\grooveex.dll (microsoft corporation)
o2 - bho: (office document cache handler) - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\program files\microsoft office\office14\urlredir.dll (microsoft corporation)
o2 - bho: (java(tm) plug-in 2 ssv helper) - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll (oracle corporation)
o3 - hklm\..\toolbar: (classic explorer bar) - {553891b7-a0d5-4526-be18-d3ce461d6310} - c:\program files\classic shell\classicexplorer32.dll (ivosoft)
o4 - hklm..\run: [adobecs4servicemanager] c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe (adobe systems incorporated)
o4 - hklm..\run: [bcssync] c:\program files\microsoft office\office14\bcssync.exe (microsoft corporation)
o4 - hklm..\run: [classic start menu] c:\program files\classic shell\classicstartmenu.exe (ivosoft)
o4 - hklm..\run: [malwarebytes' anti-malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe (malwarebytes corporation)
o4 - hklm..\run: [msc] c:\program files\microsoft security client\msseces.exe (microsoft corporation)
o4 - hklm..\run: [nusb3mon] c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe (renesas electronics corporation)
o4 - hklm..\runonce: [malwarebytes anti-malware (cleanup)] c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll (malwarebytes corporation)
o4 - hku\s-1-5-19..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (microsoft corporation)
o4 - hku\s-1-5-20..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (microsoft corporation)
o4 - startup: c:\users\alexander\appdata\roaming\microsoft\windows\start menu\programs\startup\sabnzbd.lnk = c:\program files\sabnzbd\sabnzbd.exe ()
o4 - startup: c:\users\anja\appdata\roaming\microsoft\windows\start menu\programs\startup\dropbox.lnk = file not found
o6 - hklm\software\microsoft\windows\currentversion\policies\system: consentpromptbehavioruser = 3
o6 - hklm\software\microsoft\windows\currentversion\policies\system: consentpromptbehavioradmin = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: promptonsecuredesktop = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: localaccounttokenfilterpolicy = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: enablelinkedconnections = 1
o7 - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\windows\currentversion\policies\explorer: nodrivetypeautorun = 145
o7 - hku\s-1-5-21-1772702603-541345436-1298147513-1002\software\microsoft\windows\currentversion\policies\explorer: nodesktop = 0
o8 - extra context menu item: add to google photos screensa&ver - c:\windows\system32\gphotos.scr (google inc.)
o8 - extra context menu item: e&xporteren naar microsoft excel - c:\program files\microsoft office\office14\excel.exe (microsoft corporation)
o13 - gopher prefix: missing
o16 - dpf: {233c1507-6a77-46a4-9443-f871f945d258} [noparse]http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab[/noparse] (shockwave activex control)
o16 - dpf: {8ad9c840-044e-11d1-b3e9-00805f499d93} [noparse]http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab[/noparse] (java plug-in 10.1.0)
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} [noparse]http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab[/noparse] (messengerstatsclient class)
o16 - dpf: {cafeefac-0016-0000-0025-abcdeffedcba} [noparse]http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab[/noparse] (java plug-in 1.6.0_25)
o16 - dpf: {cafeefac-0017-0000-0001-abcdeffedcba} [noparse]http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab[/noparse] (java plug-in 1.7.0_01)
o16 - dpf: {cafeefac-ffff-ffff-ffff-abcdeffedcba} [noparse]http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab[/noparse] (java plug-in 1.7.0_01)
o16 - dpf: {e6f480fc-bd44-4cba-b74a-89af7842937d} [noparse]http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab[/noparse] (reg error: key error.)
o16 - dpf: {f5a7706b-b9c0-4c89-a715-7a0c6b05dd48} [noparse]http://messenger.zone.msn.com/binary/minesweeper.cab56986.cab[/noparse] (minesweeper flags class)
o17 - hklm\system\ccs\services\tcpip\parameters: dhcpnameserver = 192.168.0.1
o17 - hklm\system\ccs\services\tcpip\parameters\interfaces\{848fdce2-d440-457c-8b50-e80147d5f0be}: dhcpnameserver = 192.168.0.1
o17 - hklm\system\ccs\services\tcpip\parameters\interfaces\{fa67fbbd-4ac8-4099-9f22-3234183ecdca}: dhcpnameserver = 192.168.0.1
o20 - hklm winlogon: shell - (explorer.exe) - c:\windows\explorer.exe (microsoft corporation)
o20 - hklm winlogon: userinit - (c:\windows\system32\userinit.exe) - c:\windows\system32\userinit.exe (microsoft corporation)
o20 - hklm winlogon: vmapplet - (systempropertiesperformance.exe) - c:\windows\system32\systempropertiesperformance.exe (microsoft corporation)
o20 - hklm winlogon: vmapplet - (/pagefile) - file not found
o20 - hku\s-1-5-21-1772702603-541345436-1298147513-1002 winlogon: shell - (explorer.exe) - c:\windows\explorer.exe (microsoft corporation)
o20 - hku\s-1-5-21-1772702603-541345436-1298147513-1002 winlogon: userinit - (c:\windows\system32\userinit.exe) - c:\windows\system32\userinit.exe (microsoft corporation)
o21 - ssodl: webcheck - {e6fb5e20-de35-11cf-9c87-00aa005127ed} - no clsid value found.
o28 - hklm shellexecutehooks: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office14\grooveex.dll (microsoft corporation)
o32 - hklm cdrom: autorun - 1
o32 - autorun file - [2009-06-10 23:42:20 | 000,000,024 | ---- | m] () - c:\autoexec.bat -- [ ntfs ]
o34 - hklm bootexecute: (autocheck autochk *)
o35 - hklm\..comfile [open] -- "%1" %*
o35 - hklm\..exefile [open] -- "%1" %*
o37 - hklm\...com [@ = comfile] -- "%1" %*
o37 - hklm\...exe [@ = exefile] -- "%1" %*

========== files/folders - created within 30 days ==========

[2012-04-18 00:37:09 | 000,000,000 | ---d | c] -- c:\windows\pss
[2012-04-18 00:08:13 | 000,000,000 | ---d | c] -- c:\programdata\hitmanpro
[2012-04-18 00:06:52 | 000,000,000 | ---d | c] -- c:\users\alexander\nieuwe map
[2012-04-17 23:48:14 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{e1bb5744-0bb6-490a-8e0f-8f32eb175e66}
[2012-04-17 23:48:03 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{6f0120a1-1580-49ea-8f79-83c144fb4e92}
[2012-04-17 23:03:21 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\malwarebytes' anti-malware
[2012-04-17 23:03:19 | 000,022,344 | ---- | c] (malwarebytes corporation) -- c:\windows\system32\drivers\mbam.sys
[2012-04-16 17:25:46 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{87ddf74a-439c-4057-95ae-bb50ef5a11ac}
[2012-04-16 17:25:36 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{e6bc2aed-97a8-4421-9d29-6c93e515a88d}
[2012-04-15 14:46:51 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{31ce6bbc-2fcc-4c83-8e88-a674d7d275a9}
[2012-04-15 14:46:40 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{d6846fea-3432-4ec2-913f-80457b464c39}
[2012-04-13 07:49:10 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{527477ec-b3c0-4ad1-9760-e42f4b046262}
[2012-04-13 07:49:00 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{31011154-068c-4952-a973-8d4854f58711}
[2012-04-12 19:48:36 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{d9228532-0079-441b-9edb-467cba4600b1}
[2012-04-12 19:48:26 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{bbc17437-2578-4167-a503-c9f6b0e5b564}
[2012-04-11 22:26:02 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{d834d613-eb20-4fab-9130-56b2dd54ba1c}
[2012-04-11 22:25:52 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{05436bbd-509d-4bd8-b46b-7064de2ae9e7}
[2012-04-11 07:22:24 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{7cb0b219-9344-43c3-b108-b70a1991df0e}
[2012-04-11 07:22:13 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{06d9c0bf-93b1-41ea-b4a2-1d79beb2ed58}
[2012-04-10 15:38:10 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{8085bfaa-2c44-4017-870f-7c024bc2b1de}
[2012-04-10 15:38:00 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{2fc07a09-728f-4bed-8aaf-106e28767275}
[2012-04-10 15:37:45 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\virtualstore
[2012-04-09 14:17:46 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\dvdfab 8 qt
[2012-04-09 14:17:39 | 000,000,000 | ---d | c] -- c:\program files\dvdfab 8 qt
[2012-04-09 10:03:35 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\roaming\symantec
[2012-04-09 09:57:48 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{88123464-6a0f-47c5-ae3d-c2b4357334f9}
[2012-04-09 09:57:38 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\{f1d93624-ca71-4f4d-863f-4f1cc39fbd5a}
[2012-04-09 09:53:53 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\windows live
[2012-04-09 09:51:17 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\save2pc
[2012-04-09 09:51:16 | 000,000,000 | ---d | c] -- c:\program files\fdrlab
[2012-04-04 18:54:35 | 000,000,000 | ---d | c] -- c:\program files\microsoft synchronization services
[2012-04-04 18:54:34 | 000,000,000 | ---d | c] -- c:\program files\common files\designer
[2012-04-04 18:54:18 | 000,000,000 | ---d | c] -- c:\program files\microsoft sql server compact edition
[2012-04-04 18:53:18 | 000,000,000 | ---d | c] -- c:\program files\microsoft analysis services
[2012-04-04 18:52:31 | 000,000,000 | rh-d | c] -- c:\msocache
[2012-04-04 18:16:18 | 000,000,000 | ---d | c] -- c:\users\alexander\desktop\nieuwe map (2)
[2012-04-02 08:06:13 | 000,000,000 | ---d | c] -- c:\users\alexander\desktop\nieuwe samenstelling daan
[2012-04-02 08:02:41 | 000,000,000 | ---d | c] -- c:\users\alexander\desktop\backup daan
[2012-04-01 09:18:06 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\ambrasoft familiepakket 0910
[2012-04-01 09:15:39 | 000,000,000 | ---d | c] -- c:\program files\common files\ambrasoft
[2012-04-01 09:15:39 | 000,000,000 | ---d | c] -- c:\program files\ambrasoft
[2012-04-01 08:52:04 | 000,000,000 | ---d | c] -- c:\users\alexander\documents\4videosoft studio
[2012-04-01 08:50:40 | 000,000,000 | ---d | c] -- c:\program files\4videosoft studio
[2012-03-30 20:29:04 | 000,000,000 | ---d | c] -- c:\users\alexander\documents\belastingdienst
[2012-03-30 20:29:04 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\roaming\belastingdienst
[2012-03-30 20:08:52 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\roaming\divx
[2012-03-30 20:01:50 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\ziggotvstreamer
[2012-03-30 20:01:48 | 000,000,000 | ---d | c] -- c:\program files\ziggotvstreamer
[2012-03-30 18:53:42 | 000,000,000 | ---d | c] -- c:\users\alexander\documents\my cheat tables
[2012-03-30 18:53:29 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\cheat engine 6.1
[2012-03-30 18:53:25 | 000,000,000 | ---d | c] -- c:\program files\cheat engine 6.1
[2012-03-25 21:19:29 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\pctv systems
[2012-03-25 21:16:20 | 000,000,000 | ---d | c] -- c:\programdata\pctv systems
[2012-03-25 21:15:58 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\divx
[2012-03-25 21:15:58 | 000,000,000 | ---d | c] -- c:\program files\divx
[2012-03-25 20:46:32 | 000,000,000 | ---d | c] -- c:\program files\installdir
[2012-03-25 11:59:28 | 000,000,000 | ---d | c] -- c:\pc_play&learn
[2012-03-20 20:50:34 | 000,000,000 | ---d | c] -- c:\users\alexander\appdata\local\apple
[2012-03-19 17:47:42 | 000,000,000 | ---d | c] -- c:\programdata\xml_param
[2012-03-19 17:44:53 | 000,000,000 | ---d | c] -- c:\users\alexander\documents\wondershare video converter platinum
[2012-03-19 17:44:33 | 000,892,928 | ---- | c] (free software foundation) -- c:\windows\system32\iconv.dll
[2012-03-19 17:44:29 | 000,000,000 | ---d | c] -- c:\program files\wondershare
[2011-10-28 22:15:19 | 000,047,360 | ---- | c] (vso software) -- c:\users\alexander\appdata\roaming\pcouffin.sys
[2010-11-28 07:30:28 | 317,590,022 | ---- | c] (user, nocompany, user@nocompany.com) -- c:\program files\office2003nl.exe
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

========== files - modified within 30 days ==========

[2012-04-18 00:31:00 | 000,000,940 | ---- | m] () -- c:\windows\tasks\adobe flash player updater.job
[2012-04-18 00:26:04 | 000,054,016 | ---- | m] () -- c:\windows\system32\drivers\kjwswvst.sys
[2012-04-18 00:23:23 | 000,017,360 | -h-- | m] () -- c:\windows\system32\7b296fb0-376b-497e-b012-9c450e1b7327-5p-1.c7483456-a289-439d-8115-601632d005a0
[2012-04-18 00:23:23 | 000,017,360 | -h-- | m] () -- c:\windows\system32\7b296fb0-376b-497e-b012-9c450e1b7327-5p-0.c7483456-a289-439d-8115-601632d005a0
[2012-04-18 00:23:14 | 000,886,814 | ---- | m] () -- c:\windows\system32\perfh013.dat
[2012-04-18 00:23:14 | 000,702,158 | ---- | m] () -- c:\windows\system32\perfh009.dat
[2012-04-18 00:23:14 | 000,199,608 | ---- | m] () -- c:\windows\system32\perfc013.dat
[2012-04-18 00:23:14 | 000,161,944 | ---- | m] () -- c:\windows\system32\perfc009.dat
[2012-04-18 00:16:11 | 000,067,584 | --s- | m] () -- c:\windows\bootstat.dat
[2012-04-18 00:15:35 | 000,003,288 | ---- | m] () -- c:\bootsqm.dat
[2012-04-17 23:03:22 | 000,001,067 | ---- | m] () -- c:\users\public\desktop\malwarebytes anti-malware.lnk
[2012-04-17 16:20:42 | 000,021,504 | ---- | m] () -- c:\windows\system32\umstartup.etl
[2012-04-12 19:48:32 | 000,001,101 | ---- | m] () -- c:\users\alexander\application data\microsoft\internet explorer\quick launch\microsoft outlook.lnk
[2012-04-09 15:09:17 | 000,054,156 | -h-- | m] () -- c:\windows\qtfont.qfn
[2012-04-09 15:09:17 | 000,001,409 | ---- | m] () -- c:\windows\qtfont.for
[2012-04-09 14:17:48 | 000,001,011 | ---- | m] () -- c:\users\alexander\desktop\dvdfab profile editor.lnk
[2012-04-09 14:17:48 | 000,000,998 | ---- | m] () -- c:\users\alexander\application data\microsoft\internet explorer\quick launch\dvdfab 8 qt.lnk
[2012-04-09 14:17:48 | 000,000,974 | ---- | m] () -- c:\users\alexander\desktop\dvdfab 8 qt.lnk
[2012-04-09 09:55:06 | 099,957,822 | ---- | m] () -- c:\users\alexander\desktop\kids club rkc waalwijk rondleiding en persconferentie.avi
[2012-04-09 09:51:18 | 000,001,064 | ---- | m] () -- c:\users\alexander\desktop\save2pc ultimate.lnk
[2012-04-05 14:23:01 | 003,707,344 | ---- | m] () -- c:\windows\system32\fntcache.dat
[2012-04-04 19:18:07 | 000,203,776 | ---- | m] () -- c:\users\alexander\documents\lynnverjaardag.pub
[2012-04-04 19:05:26 | 000,008,192 | ---- | m] () -- c:\windows\system32\srvany.exe
[2012-04-04 18:55:30 | 000,003,119 | ---- | m] () -- c:\users\alexander\desktop\microsoft outlook 2010.lnk
[2012-04-04 15:56:40 | 000,022,344 | ---- | m] (malwarebytes corporation) -- c:\windows\system32\drivers\mbam.sys
[2012-04-01 09:18:06 | 000,001,034 | ---- | m] () -- c:\users\public\desktop\familiepakket 0910.lnk
[2012-03-30 20:01:50 | 000,001,049 | ---- | m] () -- c:\users\alexander\desktop\ziggotvstreamer.lnk
[2012-03-30 18:53:32 | 000,001,043 | ---- | m] () -- c:\users\alexander\desktop\cheat engine.lnk
[2012-03-30 18:47:15 | 000,112,862 | ---- | m] () -- c:\windows\run32a50.mch
[2012-03-30 18:40:44 | 000,000,213 | ---- | m] () -- c:\windows\mfont.dat
[2012-03-30 18:09:01 | 000,000,035 | ---- | m] () -- c:\windows\a5w.ini
[2012-03-25 21:19:34 | 000,000,349 | ---- | m] () -- c:\users\public\documents\pclechal.ini
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

========== files created - no company name ==========

[2012-04-18 00:26:04 | 000,054,016 | ---- | c] () -- c:\windows\system32\drivers\kjwswvst.sys
[2012-04-18 00:15:35 | 000,003,288 | ---- | c] () -- c:\bootsqm.dat
[2012-04-17 23:03:22 | 000,001,067 | ---- | c] () -- c:\users\public\desktop\malwarebytes anti-malware.lnk
[2012-04-09 15:09:17 | 000,054,156 | -h-- | c] () -- c:\windows\qtfont.qfn
[2012-04-09 15:09:17 | 000,001,409 | ---- | c] () -- c:\windows\qtfont.for
[2012-04-09 14:17:48 | 000,001,011 | ---- | c] () -- c:\users\alexander\desktop\dvdfab profile editor.lnk
[2012-04-09 14:17:48 | 000,000,998 | ---- | c] () -- c:\users\alexander\application data\microsoft\internet explorer\quick launch\dvdfab 8 qt.lnk
[2012-04-09 14:17:48 | 000,000,974 | ---- | c] () -- c:\users\alexander\desktop\dvdfab 8 qt.lnk
[2012-04-09 09:56:31 | 000,002,432 | ---- | c] () -- c:\programdata\microsoft\windows\start menu\programs\windows live messenger.lnk
[2012-04-09 09:53:34 | 099,957,822 | ---- | c] () -- c:\users\alexander\desktop\kids club rkc waalwijk rondleiding en persconferentie.avi
[2012-04-09 09:51:18 | 000,001,064 | ---- | c] () -- c:\users\alexander\desktop\save2pc ultimate.lnk
[2012-04-04 19:18:36 | 000,001,101 | ---- | c] () -- c:\users\alexander\application data\microsoft\internet explorer\quick launch\microsoft outlook.lnk
[2012-04-04 19:18:06 | 000,203,776 | ---- | c] () -- c:\users\alexander\documents\lynnverjaardag.pub
[2012-04-04 19:06:07 | 000,008,192 | ---- | c] () -- c:\windows\system32\srvany.exe
[2012-04-04 18:55:30 | 000,003,119 | ---- | c] () -- c:\users\alexander\desktop\microsoft outlook 2010.lnk
[2012-04-02 19:51:54 | 000,000,940 | ---- | c] () -- c:\windows\tasks\adobe flash player updater.job
[2012-04-01 09:18:06 | 000,001,034 | ---- | c] () -- c:\users\public\desktop\familiepakket 0910.lnk
[2012-03-30 20:01:50 | 000,001,049 | ---- | c] () -- c:\users\alexander\desktop\ziggotvstreamer.lnk
[2012-03-30 18:53:32 | 000,001,043 | ---- | c] () -- c:\users\alexander\desktop\cheat engine.lnk
[2012-03-25 21:18:51 | 000,000,349 | ---- | c] () -- c:\users\public\documents\pclechal.ini
[2012-03-19 17:44:33 | 000,675,840 | ---- | c] () -- c:\windows\system32\ac3filter.ax
[2011-12-15 15:17:08 | 000,000,064 | ---- | c] () -- c:\windows\system32\rp_stats.dat
[2011-12-15 15:17:08 | 000,000,044 | ---- | c] () -- c:\windows\system32\rp_rules.dat
[2011-10-28 22:15:19 | 000,087,608 | ---- | c] () -- c:\users\alexander\appdata\roaming\inst.exe
[2011-10-28 22:15:19 | 000,007,887 | ---- | c] () -- c:\users\alexander\appdata\roaming\pcouffin.cat
[2011-10-28 22:15:19 | 000,001,144 | ---- | c] () -- c:\users\alexander\appdata\roaming\pcouffin.inf
[2011-10-25 21:26:36 | 000,650,752 | ---- | c] () -- c:\windows\system32\xvidcore.dll
[2011-10-25 21:26:36 | 000,240,640 | ---- | c] () -- c:\windows\system32\xvidvfw.dll
[2011-10-09 21:27:27 | 000,087,552 | ---- | c] () -- c:\windows\system32\cpwmon2k.dll
[2011-08-31 19:46:18 | 000,145,804 | ---- | c] () -- c:\windows\system32\igcompkrng600.bin
[2011-08-31 19:46:14 | 000,216,000 | ---- | c] () -- c:\windows\system32\igfcg600m.bin
[2011-08-31 19:46:10 | 000,963,116 | ---- | c] () -- c:\windows\system32\igkrng600.bin
[2011-08-31 19:46:00 | 000,056,832 | ---- | c] () -- c:\windows\system32\igdde32.dll
[2011-08-31 19:26:20 | 013,903,872 | ---- | c] () -- c:\windows\system32\ig4icd32.dll
[2011-08-31 19:15:48 | 000,004,096 | ---- | c] ( ) -- c:\windows\system32\igfxdevlib.dll
[2011-08-31 19:14:12 | 000,000,151 | ---- | c] () -- c:\windows\system32\gfxui.exe.config
[2011-08-31 19:13:52 | 000,094,208 | ---- | c] () -- c:\windows\system32\icclibdll.dll
[2011-08-27 08:42:47 | 000,302,592 | ---- | c] () -- c:\windows\mauninst.exe
[2011-08-24 20:33:27 | 000,000,392 | ---- | c] () -- c:\windows\odbc.ini
[2011-08-20 10:51:02 | 000,000,213 | ---- | c] () -- c:\windows\mfont.dat
[2011-08-20 10:50:50 | 000,000,035 | ---- | c] () -- c:\windows\a5w.ini
[2011-08-20 10:32:16 | 000,000,053 | ---- | c] () -- c:\windows\davilex.ini
[2011-08-17 10:28:45 | 000,004,096 | ---- | c] () -- c:\windows\d3dx.dat
[2011-07-30 13:45:27 | 000,110,032 | ---- | c] () -- c:\windows\system32\aloaha_prntmon.dll
[2011-07-25 21:47:49 | 000,000,069 | ---- | c] () -- c:\windows\nerodigital.ini
[2011-07-23 08:22:34 | 000,000,034 | ---- | c] () -- c:\windows\cdplayer.ini
[2011-05-21 09:14:14 | 000,061,024 | ---- | c] () -- c:\windows\system32\zlib.dll
[2011-05-07 23:48:01 | 000,021,552 | ---- | c] () -- c:\windows\system32\emptyregdb.dat
[2011-05-02 11:25:52 | 000,001,769 | ---- | c] () -- c:\windows\language_trs.ini
[2011-04-01 01:49:01 | 000,080,416 | ---- | c] () -- c:\windows\system32\rtnicprop32.dll
[2010-11-28 00:20:13 | 000,002,857 | ---- | c] () -- c:\windows\system32\atipblag.dat
[2010-11-21 01:57:58 | 000,886,814 | ---- | c] () -- c:\windows\system32\perfh013.dat
[2010-11-21 01:57:58 | 000,341,322 | ---- | c] () -- c:\windows\system32\perfi013.dat
[2010-11-21 01:57:58 | 000,199,608 | ---- | c] () -- c:\windows\system32\perfc013.dat
[2010-11-21 01:57:58 | 000,043,068 | ---- | c] () -- c:\windows\system32\perfd013.dat
[2010-11-20 23:29:34 | 000,080,896 | ---- | c] () -- c:\windows\system32\rdvghelper.exe
[2010-11-20 23:29:26 | 000,066,048 | ---- | c] () -- c:\windows\system32\printbrmui.exe
[2010-11-03 22:19:39 | 000,013,216 | ---- | c] () -- c:\windows\system32\drivers\asacpi.sys
[2010-10-13 13:16:35 | 000,000,008 | rhs- | c] () -- c:\programdata\ntuser.pol
[2010-10-11 21:30:43 | 000,175,616 | ---- | c] () -- c:\windows\system32\unrar.dll
[2010-08-08 13:29:04 | 000,000,711 | ---- | c] () -- c:\windows\system32\rtslcs.dll

========== lop check ==========

[2011-10-28 22:07:11 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\anvsoft
[2012-03-05 22:48:08 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\avidemux
[2012-03-30 20:35:23 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\belastingdienst
[2012-02-05 13:41:19 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\downloaded installations
[2012-04-09 08:45:09 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\dropbox
[2011-09-08 21:41:17 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\grabit
[2011-09-25 17:33:00 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\jumb-o-fun games
[2011-12-17 12:45:05 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\makemusic
[2011-08-18 21:46:32 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\thrixxx
[2011-07-22 21:00:02 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\tuneup software
[2011-08-17 11:37:41 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\tweetdeckfast.fff259dc0ce2657847bbb4aff0e62062efc56543.1
[2011-11-12 01:31:25 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\vso
[2012-03-05 14:34:59 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\xilisoft
[2011-07-31 10:24:04 | 000,000,000 | ---d | m] -- c:\users\alexander\appdata\roaming\zylom
[2012-03-06 17:50:58 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\avidemux
[2012-03-14 21:28:33 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\belastingdienst
[2011-08-27 09:34:08 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\blamgames
[2011-08-29 22:08:11 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\charles
[2012-04-16 15:37:59 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\dropbox
[2011-09-05 22:28:22 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\grabit
[2011-08-31 18:55:16 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\jumb-o-fun games
[2011-07-21 21:00:01 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\tuneup software
[2011-10-02 13:04:53 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\tweetdeckfast.fff259dc0ce2657847bbb4aff0e62062efc56543.1
[2012-03-06 19:05:18 | 000,000,000 | ---d | m] -- c:\users\anja\appdata\roaming\xilisoft
[2012-04-09 16:56:38 | 000,000,000 | ---d | m] -- c:\users\lynn\appdata\roaming\belastingdienst
[2012-01-26 08:59:44 | 000,000,000 | ---d | m] -- c:\users\lynn\appdata\roaming\dropbox
[2012-01-12 09:00:02 | 000,000,000 | ---d | m] -- c:\users\lynn\appdata\roaming\tuneup software
[2011-05-07 23:46:03 | 000,000,000 | ---d | m] -- c:\users\user\appdata\roaming\expert pdf editor
[2011-07-21 20:38:04 | 000,000,000 | ---d | m] -- c:\users\user\appdata\roaming\free download manager
[2011-05-07 23:46:03 | 000,000,000 | ---d | m] -- c:\users\user\appdata\roaming\iobit
[2011-05-07 23:46:05 | 000,000,000 | ---d | m] -- c:\users\user\appdata\roaming\tuneup software
[2011-05-07 23:46:05 | 000,000,000 | ---d | m] -- c:\users\user\appdata\roaming\ursoft
[2012-04-17 23:47:24 | 000,032,544 | ---- | m] () -- c:\windows\tasks\schedlgu.txt

========== purity check ==========



========== alternate data streams ==========

@alternate data stream - 166 bytes -> c:\programdata\temp:b3d74a13
@alternate data stream - 128 bytes -> c:\programdata\temp:dfc5a2b2
@alternate data stream - 127 bytes -> c:\programdata\temp:430c6d84
< end of report >
 
OTL Extras logfile created on: 18-4-2012 0:38:42 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Alexander\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,91 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 57,97% Memory free
5,83 Gb Paging File | 4,40 Gb Available in Paging File | 75,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 222,84 Gb Free Space | 47,85% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 78,71 Mb Free Space | 78,71% Space Free | Partition Type: NTFS

Computer Name: WIN732 | User Name: Alexander | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{12947715-B6F0-4597-816F-5E13FB647921}_is1" = Spotnet
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3634C1D4-934F-45C0-8105-B77B021136D8}" = PCStreams
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2D3995-1EC5-3C05-B7E5-3449F802E6DE}" = Microsoft .NET Framework 4 Extended NLD Language Pack
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client NL-NL Language Pack
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{574F093F-C32E-4265-9C25-BB09B3802ACD}" = TuneUp Utilities Language Pack (nl-NL)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{825E9A84-1E03-4526-9F8E-45015C938A7C}" = WBFS Manager 4.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
"{90140000-0015-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
"{90140000-0016-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
"{90140000-0018-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
"{90140000-0019-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
"{90140000-001A-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
"{90140000-001B-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUS_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
"{90140000-002C-0413-0000-0000000FF1CE}_Office14.PROPLUS_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010
"{90140000-0044-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
"{90140000-006E-0413-0000-0000000FF1CE}_Office14.PROPLUS_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
"{90140000-00A1-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010
"{90140000-00BA-0413-0000-0000000FF1CE}_Office14.PROPLUS_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90170413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90850413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90AF0413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{95140000-007F-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA86C803-F195-4593-A9EC-24D26D4F9C7E}" = Classic Shell
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-7AD7-1043-7B44-A94000000001}" = Adobe Reader 9.4.4 - Nederlands
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP 12
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7E01095-8BAA-456E-8AED-504C3CCADBA0}" = Nero 11
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE246151-F0E8-ABC8-AEB2-7F3E188EFBF5}" = TweetDeck
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EBC4C458-CFBF-49A6-9437-1E6F9A561210}" = AmbraSoft Familiepakket 0910
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F2558AA8-506F-4C58-AB64-C05C6F675756}" = RT 7 Lite x86
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11
"{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}" = Microsoft Antimalware Service NL-NL Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFF19AB-1C8D-42BA-A18A-396F06B4F488}" = PCStreams
"Aangifte inkomstenbelasting 2011" = Aangifte inkomstenbelasting 2011
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"CCleaner" = CCleaner
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DVDFab 8 Qt_is1" = DVDFab 8.1.7.5 (07/04/2012) Qt
"FLV Player2.0.25" = FLV Player
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Extended - NLD
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"QuickTime" = QuickTime
"SABnzbd" = SABnzbd 0.6.8
"save2pc Ultimate_is1" = save2pc Ultimate 5.11
"SopCast" = SopCast 3.4.8
"Sure Cuts A Lot_is1" = Sure Cuts A Lot 1.007
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Web Album Generator_is1" = Web Album Generator 1.8.2
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Xvid Video Codec 1.3.1" = Xvid Video Codec
"ZiggoTVStreamer_is1" = ZiggoTVStreamer

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1772702603-541345436-1298147513-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b6dd32bfba89e6fb" = Shutdown Monitor

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7-4-2012 3:58:12 | Computer Name = Win732 | Source = SideBySide | ID = 16842824
Description = Kan activeringscontext voor 'c:\program files\microsoft security client\MSESysprep.dll'
niet maken. Fout in manifest of beleidsbestand 'c:\program files\microsoft security
client\MSESysprep.dll' op regel 10. Het element imaging wordt weergegeven als onderliggend
element van element urn:schemas-microsoft-com:asm.v1^assembly, wat niet door deze
versie van Windows wordt ondersteund.

Error - 7-4-2012 3:59:28 | Computer Name = Win732 | Source = SideBySide | ID = 16842785
Description = Kan activeringscontext voor 'c:\program files\Nero\Nero 11\nero backitup\NBVSSTool_x64.exe'
niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose.

Error - 7-4-2012 14:01:45 | Computer Name = Win732 | Source = WinMgmt | ID = 10
Description =

Error - 8-4-2012 1:10:57 | Computer Name = Win732 | Source = WinMgmt | ID = 10
Description =

Error - 9-4-2012 1:50:24 | Computer Name = Win732 | Source = WinMgmt | ID = 10
Description =

Error - 9-4-2012 2:46:36 | Computer Name = Win732 | Source = WinMgmt | ID = 10
Description =

Error - 9-4-2012 3:55:05 | Computer Name = Win732 | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Kan toepassing of service 'Windows Live Messenger' niet afsluiten.

Error - 9-4-2012 3:55:37 | Computer Name = Win732 | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Kan toepassing of service 'Internet Explorer' niet afsluiten.

Error - 9-4-2012 3:55:37 | Computer Name = Win732 | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Kan toepassing of service 'Internet Explorer' niet afsluiten.

Error - 9-4-2012 3:55:37 | Computer Name = Win732 | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Kan toepassing of service 'Internet Explorer' niet afsluiten.

[ System Events ]
Error - 17-4-2012 17:49:26 | Computer Name = Win732 | Source = Service Control Manager | ID = 7023
Description = De PnP-X IP Bus Enumerator-service is gestopt met de volgende foutcode:
%%-2147023728.

Error - 17-4-2012 17:57:26 | Computer Name = Win732 | Source = Ntfs | ID = 262199
Description = De structuur van het bestandssysteem op de schijf is beschadigd en
onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume \Device\HarddiskVolume2.

Error - 17-4-2012 18:00:46 | Computer Name = Win732 | Source = volmgr | ID = 262190
Description = Crashdumpinitialisatie is mislukt!

Error - 17-4-2012 18:00:51 | Computer Name = Win732 | Source = volmgr | ID = 262190
Description = Crashdumpinitialisatie is mislukt!

Error - 17-4-2012 18:02:58 | Computer Name = Win732 | Source = Service Control Manager | ID = 7023
Description = De PnP-X IP Bus Enumerator-service is gestopt met de volgende foutcode:
%%-2147023728.

Error - 17-4-2012 18:10:54 | Computer Name = Win732 | Source = Ntfs | ID = 262199
Description = De structuur van het bestandssysteem op de schijf is beschadigd en
onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume \Device\HarddiskVolume2.

Error - 17-4-2012 18:16:07 | Computer Name = Win732 | Source = volmgr | ID = 262190
Description = Crashdumpinitialisatie is mislukt!

Error - 17-4-2012 18:16:09 | Computer Name = Win732 | Source = volmgr | ID = 262190
Description = Crashdumpinitialisatie is mislukt!

Error - 17-4-2012 18:16:29 | Computer Name = Win732 | Source = Microsoft Antimalware | ID = 3002
Description = Real-timebeveiligingsonderdeel van %%860 heeft een fout aangetroffen
en is niet uitgevoerd. Onderdeel: %%835 Foutcode: 0x80004005 Foutbeschrijving: Niet
nader omschreven fout Reden: %%842

Error - 17-4-2012 18:18:19 | Computer Name = Win732 | Source = Service Control Manager | ID = 7023
Description = De PnP-X IP Bus Enumerator-service is gestopt met de volgende foutcode:
%%-2147023728.


< End of report >
 
Sluit voordat je OTL de fix laat doen, eerst alle andere openstaande vensters!

Start OTL
  • Plak de volgende (vetgedrukte, blauwe tekst) onder Custom Scans/Fixes


    :OTL
    [1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
    @alternate data stream - 166 bytes -> c:\programdata\temp:b3d74a13
    @alternate data stream - 128 bytes -> c:\programdata\temp:dfc5a2b2
    @alternate data stream - 127 bytes -> c:\programdata\temp:430c6d84
    < end of report >

    :Services


    :Reg


    :Files


    :Commands
    [purity]

    [emptytemp]
    [emptyjava]
    [emptyflash]
    [createrestorepoint]
    [reboot]


  • Klik daarna bovenaan op de knop Run Fix
  • Laat het programma ongestoord zijn werk doen.
  • De pc zal na afloop opnieuw opgestart worden.
  • Post tevens de inhoud van het OTL-scanlog
 
Goedeavond,

Bedankt voor je reactie ik heb de fix gedraaid en daar is onderstaand log uit voortgekomen. Mijn pc werkt weer naar behoren behalve dat ik het taakbeheer niet kan opstarten PC geeft aan dat "taakbeheer is uitgeschakeld door de systeembeheerder.

All processes killed
========== OTL ==========
c:\windows\msdownld.tmp folder deleted successfully.
ADS c:\programdata\temp:b3d74a13 deleted successfully.
ADS c:\programdata\temp:dfc5a2b2 deleted successfully.
ADS c:\programdata\temp:430c6d84 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Alexander
->Temp folder emptied: 193912 bytes
->Temporary Internet Files folder emptied: 72935127 bytes
->Java cache emptied: 50986088 bytes
->Flash cache emptied: 58644 bytes

User: All Users

User: Anja
->Temp folder emptied: 158748481 bytes
->Temporary Internet Files folder emptied: 270648527 bytes
->Java cache emptied: 15060963 bytes
->Google Chrome cache emptied: 8852285 bytes
->Flash cache emptied: 324082 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Lynn
->Temp folder emptied: 32424097 bytes
->Temporary Internet Files folder emptied: 319284216 bytes
->Java cache emptied: 21223 bytes
->Flash cache emptied: 186815 bytes

User: Public

User: user
->Temp folder emptied: 336017 bytes
->Temporary Internet Files folder emptied: 5049055 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 485 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 536610 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 281 bytes

Total Files Cleaned = 892,00 mb


[EMPTYJAVA]

User: Alexander
->Java cache emptied: 0 bytes

User: All Users

User: Anja
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Lynn
->Java cache emptied: 0 bytes

User: Public

User: user
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: Alexander
->Flash cache emptied: 0 bytes

User: All Users

User: Anja
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Lynn
->Flash cache emptied: 0 bytes

User: Public

User: user
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb



OTL by OldTimer - Version 3.2.40.0 log created on 04182012_210308

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
Post maar een nieuw OTL-log.
Het tweede log wordt daarbij niet meer aangemaakt.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan