| 0magertrud | 04.11.2012 20:50 |
OTL.txt: Code:
OTL logfile created on: 4-11-2012 19:34:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
1,75 Gb Total Physical Memory | 0,81 Gb Available Physical Memory | 46,32% Memory free
3,74 Gb Paging File | 2,48 Gb Available in Paging File | 66,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,78 Gb Total Space | 33,63 Gb Free Space | 32,41% Space Free | Partition Type: NTFS
Computer Name: PC_VAN_WILMA | User Name: Wilma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012-11-04 19:31:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
PRC - [2012-10-24 08:04:59 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012-10-16 18:07:01 | 004,762,496 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012-08-30 22:26:56 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
PRC - [2012-07-11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011-01-17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010-04-02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010-03-25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009-12-21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-01-29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007-07-19 14:32:34 | 001,120,568 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2007-04-19 10:32:08 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007-02-15 10:07:16 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-02-14 19:46:20 | 000,278,608 | ---- | M] () -- c:\Program Files\Powercinema\Kernel\TV\CLCapSvc.exe
PRC - [2007-02-14 19:45:48 | 000,159,744 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Powercinema\PCMService.exe
PRC - [2007-02-05 17:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007-01-11 10:40:22 | 000,232,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006-12-18 16:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
========== Modules (No Company Name) ==========
MOD - [2012-08-30 22:24:20 | 007,422,392 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\qtgui4.dll
MOD - [2012-08-30 22:24:18 | 001,270,200 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\qtscript4.dll
MOD - [2012-08-30 22:24:18 | 000,192,952 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\qtsql4.dll
MOD - [2012-08-30 22:24:16 | 002,453,944 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\qtdeclarative4.dll
MOD - [2012-08-30 22:24:16 | 002,126,264 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\qtcore4.dll
MOD - [2012-08-30 22:24:16 | 000,795,064 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\qtnetwork4.dll
MOD - [2012-08-30 22:23:02 | 000,459,192 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\dblite.dll
MOD - [2012-06-15 03:06:22 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012-06-15 03:00:15 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012-06-15 02:56:46 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012-05-13 03:19:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012-05-13 03:13:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012-05-13 03:10:09 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012-05-13 03:09:58 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012-02-10 19:13:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011-09-05 19:36:52 | 000,025,088 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qgif4.dll
MOD - [2011-09-05 19:36:50 | 000,180,224 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qjpeg4.dll
MOD - [2007-09-18 20:04:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2665.42168__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2007-09-18 20:04:16 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2665.42152__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2007-09-18 20:04:16 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2665.42149__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2007-09-18 20:04:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2665.42240__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2007-09-18 20:03:55 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2700.37112__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2007-09-18 20:03:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2700.37110__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2007-09-18 20:03:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2665.42158__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2007-09-18 20:03:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2665.42169__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2007-09-18 20:03:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2700.37112__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2007-05-24 14:52:46 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007-03-02 10:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2007-02-14 19:46:24 | 000,339,968 | ---- | M] () -- c:\Program Files\Powercinema\Kernel\TV\CLTinyDB.dll
MOD - [2007-02-14 19:46:06 | 000,241,750 | ---- | M] () -- c:\Program Files\Powercinema\Kernel\TV\CLCapEngine.dll
MOD - [2007-02-14 19:46:06 | 000,114,768 | ---- | M] () -- c:\Program Files\Powercinema\Kernel\TV\CLSchMgr.dll
MOD - [2007-02-14 19:46:06 | 000,032,768 | ---- | M] () -- c:\Program Files\Powercinema\Kernel\TV\CLCapSvcps.dll
MOD - [2007-01-11 10:02:14 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2002-07-04 08:38:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - [2012-10-24 18:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-08-30 22:26:56 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe -- (AVP)
SRV - [2012-07-13 12:39:50 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2009-12-21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2008-01-29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-09-26 11:47:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007-02-14 19:46:24 | 000,110,677 | ---- | M] () [Auto | Stopped] -- c:\Program Files\Powercinema\Kernel\TV\CLSched.exe -- (CLSched)
SRV - [2007-02-14 19:46:20 | 000,278,608 | ---- | M] () [Auto | Running] -- c:\Program Files\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc)
SRV - [2007-02-05 17:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012-11-03 14:06:07 | 000,585,560 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011-10-20 11:48:00 | 000,135,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2011-10-20 11:48:00 | 000,013,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011-07-22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011-07-12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011-03-10 18:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009-12-14 12:44:24 | 000,088,632 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\CSCrySec.sys -- (CSCrySec)
DRV - [2009-12-14 12:44:24 | 000,039,352 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV - [2009-11-02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009-09-03 01:16:05 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2007-05-24 15:01:58 | 002,609,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-05-02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007-05-02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007-05-02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2007-02-28 17:04:58 | 000,694,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007-02-24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007-01-23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-01-23 04:01:00 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006-12-14 08:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006-11-28 14:53:14 | 000,847,536 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonCam.sys -- (Cam5603D)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ing.nl/particulier/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL (Ask.com)
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_nl&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=vtDiaDsaybdk_hA94Q8vnK-EuU4?q={searchTerms}
IE - HKCU\..\SearchScopes\{7E1E5ABB-A9A3-41F5-949C-10FA46DCA085}: "URL" = hxxp://de.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,105,0_0,Search,20110521,16991,0,5,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru [2012-11-03 14:08:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru [2012-11-03 14:08:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru [2012-11-03 14:06:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-11-04 00:06:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-11-04 00:06:17 | 000,000,000 | ---D | M]
[2012-11-04 00:07:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wilma\AppData\Roaming\mozilla\Extensions
[2012-11-04 00:07:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wilma\AppData\Roaming\mozilla\Firefox\Profiles\c0ktcxpu.default\extensions
[2009-07-24 14:37:15 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Wilma\AppData\Roaming\mozilla\Firefox\Profiles\c0ktcxpu.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-02-21 01:10:43 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Wilma\AppData\Roaming\mozilla\Firefox\Profiles\c0ktcxpu.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2012-11-04 00:07:47 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Wilma\AppData\Roaming\mozilla\firefox\profiles\c0ktcxpu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2010-05-05 12:08:39 | 000,000,873 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\mozilla\firefox\profiles\c0ktcxpu.default\searchplugins\conduit.xml
[2012-11-04 00:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007-09-18 20:13:48 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-08-03 10:13:10 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2012-10-24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-05-04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2006-11-09 14:20:40 | 002,111,096 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll
[2012-10-24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012-10-24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-10-24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012-10-24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012-10-24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012-10-24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.96\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.96\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.96\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.2.733_0\
CHR - Extension: Virtual Keyboard = C:\Users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.2.733_0\
CHR - Extension: Google Mail = C:\Users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.2.733_0\
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Help bij koppelingen) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL (Ask.com)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll (W3i, LLC)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\2.bin\ASKTBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\2.bin\ASKTBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\2.bin\ASKTBAR.DLL (Ask.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
O4 - HKLM..\Run: [PCMService] c:\Program Files\Powercinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 File not found
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///D:/components/hidinputmonitorx.ocx (HidInputMonitorX Control)
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///D:/components/A9.ocx (A9Helper.A9)
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///D:/components/wmvhdrating.ocx (WMVHDRatingCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EEB64B2-F0B4-4A65-BCF7-2051F59949CF}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DE85206-892D-4BB3-98F7-C660B1C232CF}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7aa9a8c1-dcf1-11df-8f36-001d60072977}\Shell - "" = AutoRun
O33 - MountPoints2\{7aa9a8c1-dcf1-11df-8f36-001d60072977}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{edb15dc3-df6d-11dd-9754-001d60072977}\Shell - "" = AutoRun
O33 - MountPoints2\{edb15dc3-df6d-11dd-9754-001d60072977}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012-11-04 19:31:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2012-11-04 00:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-11-04 00:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-11-03 16:26:46 | 000,000,000 | ---D | C] -- C:\Users\Wilma\AppData\Roaming\SUPERAntiSpyware.com
[2012-11-03 16:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012-11-03 16:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012-11-03 16:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012-11-03 14:14:17 | 000,000,000 | R--D | C] -- C:\Backup
[2012-11-03 14:09:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 2.0
[2012-11-03 14:08:23 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2012-11-03 14:08:23 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2012-11-03 14:08:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012-11-03 14:06:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InfoWatch
[2012-11-03 14:06:07 | 000,585,560 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012-10-31 22:39:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-10-31 22:39:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-10-31 22:25:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2009-03-08 17:29:37 | 000,133,104 | ---- | C] (Google Inc.) -- C:\Users\Wilma\GOOGLEUPDATE.EXE
[2 C:\Users\Wilma\Documents\*.tmp files -> C:\Users\Wilma\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012-11-04 19:31:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2012-11-04 19:30:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Uitgebreide garantie.job
[2012-11-04 19:30:08 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2012-11-04 19:29:34 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-04 19:29:02 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-04 19:29:00 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-04 19:28:52 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\GJMFX.job
[2012-11-04 19:28:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-04 19:28:38 | 1878,220,800 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-04 12:18:01 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-04 12:03:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012-11-04 12:01:24 | 000,691,458 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2012-11-04 12:01:24 | 000,608,526 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-11-04 12:01:24 | 000,137,188 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2012-11-04 12:01:23 | 000,109,764 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-11-04 00:06:41 | 000,000,873 | ---- | M] () -- C:\Users\Wilma\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-11-04 00:06:40 | 000,000,849 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-11-03 16:54:17 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 17d3d17a-e736-4c1f-bc7a-8667748e1ff8.job
[2012-11-03 16:54:17 | 000,000,510 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 09e54ffb-8ca2-4f44-b330-bd09e0621cb1.job
[2012-11-03 16:26:31 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012-11-03 14:15:00 | 000,017,408 | ---- | M] () -- C:\Users\Wilma\AppData\Local\WebpageIcons.db
[2012-11-03 14:10:07 | 000,116,189 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2012-11-03 14:10:06 | 000,098,168 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2012-11-03 14:06:07 | 000,585,560 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012-10-31 22:40:37 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012-10-31 22:25:49 | 000,001,966 | ---- | M] () -- C:\Users\Wilma\Desktop\Google Chrome.lnk
[2012-10-31 22:25:49 | 000,001,958 | ---- | M] () -- C:\Users\Wilma\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-10-23 21:48:31 | 035,175,761 | ---- | M] () -- C:\Users\Wilma\Desktop\Markierte_Lernvokabeln_Griechisch.pdf
[2012-10-17 14:10:31 | 040,254,154 | ---- | M] () -- C:\Users\Wilma\Desktop\Christian_Bischoff_Rednermappe.pdf
[2012-10-16 21:48:22 | 000,094,208 | RHS- | M] () -- C:\Windows\System32\PxAFSU.dll
[2 C:\Users\Wilma\Documents\*.tmp files -> C:\Users\Wilma\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012-11-04 00:06:41 | 000,000,873 | ---- | C] () -- C:\Users\Wilma\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-11-04 00:06:40 | 000,000,861 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-11-04 00:06:40 | 000,000,849 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-11-03 16:27:11 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 09e54ffb-8ca2-4f44-b330-bd09e0621cb1.job
[2012-11-03 16:27:09 | 000,000,510 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 17d3d17a-e736-4c1f-bc7a-8667748e1ff8.job
[2012-11-03 16:26:31 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012-11-03 14:14:56 | 000,017,408 | ---- | C] () -- C:\Users\Wilma\AppData\Local\WebpageIcons.db
[2012-11-03 14:10:07 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012-11-03 14:10:06 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2012-10-31 22:25:49 | 000,001,966 | ---- | C] () -- C:\Users\Wilma\Desktop\Google Chrome.lnk
[2012-10-31 22:25:49 | 000,001,958 | ---- | C] () -- C:\Users\Wilma\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012-10-21 19:20:02 | 035,175,761 | ---- | C] () -- C:\Users\Wilma\Desktop\Markierte_Lernvokabeln_Griechisch.pdf
[2012-10-17 14:10:30 | 040,254,154 | ---- | C] () -- C:\Users\Wilma\Desktop\Christian_Bischoff_Rednermappe.pdf
[2012-10-16 21:48:23 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\GJMFX.job
[2012-10-16 21:48:22 | 000,094,208 | RHS- | C] () -- C:\Windows\System32\PxAFSU.dll
[2011-08-29 23:36:12 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011-04-29 20:42:40 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011-03-11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2010-12-26 21:09:18 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2009-09-03 00:15:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009-07-24 14:20:02 | 000,001,024 | ---- | C] () -- C:\Users\Wilma\.rnd
[2008-05-23 22:54:48 | 000,002,943 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008-01-20 10:22:29 | 000,007,268 | ---- | C] () -- C:\Users\Wilma\AppData\Local\d3d9caps.dat
[2008-01-17 17:01:45 | 000,020,992 | ---- | C] () -- C:\Users\Wilma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-01-17 16:46:59 | 000,000,093 | ---- | C] () -- C:\Users\Wilma\AppData\Local\fusioncache.dat
========== ZeroAccess Check ==========
[2006-11-02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011-02-27 14:56:31 | 000,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Canon
[2010-08-03 00:19:35 | 000,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Cornelsen
[2010-12-05 23:01:06 | 000,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\LimeWirePlus
[2012-02-10 19:39:11 | 000,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\OpenOffice.org
[2008-05-23 22:47:25 | 000,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Packard Bell
[2009-09-03 00:51:21 | 000,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Samsung
========== Purity Check ==========
========== Custom Scans ==========
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2006-11-02 10:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006-11-02 10:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006-11-02 10:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006-11-02 10:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009-04-11 07:27:17 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006-11-02 13:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006-11-02 13:58:10 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2008-01-17 16:48:31 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\Recovery DVD Creator.job
[2008-01-17 16:48:32 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\Uitgebreide garantie.job
[2009-03-08 17:25:53 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\Google Software Updater.job
[2011-03-20 19:49:02 | 000,001,042 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011-03-20 19:49:03 | 000,001,046 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012-10-16 21:48:23 | 000,000,298 | ---- | C] () -- C:\Windows\Tasks\GJMFX.job
[2012-11-03 16:27:09 | 000,000,510 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 17d3d17a-e736-4c1f-bc7a-8667748e1ff8.job
[2012-11-03 16:27:11 | 000,000,510 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 09e54ffb-8ca2-4f44-b330-bd09e0621cb1.job
< MD5 for: AGP440.SYS >
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2007-10-24 04:56:19 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=224505155EC3E36D7A1F36E446F04C2A -- C:\Windows\SoftwareDistribution\Download\849b321448ad54f888bc4129bd98f62b\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16584_none_daff695624a08568\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008-02-17 01:43:52 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008-02-17 01:43:52 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2007-10-24 05:11:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=BFD3DF48C9ED81934FE21E8E3CFC2496 -- C:\Windows\SoftwareDistribution\Download\849b321448ad54f888bc4129bd98f62b\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20707_none_dbe288453d7a8ed6\atapi.sys
[2008-02-17 01:43:52 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006-11-02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006-11-02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008-10-29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008-10-30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008-02-16 00:08:33 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008-02-16 00:08:32 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008-10-28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006-11-02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008-01-19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008-01-19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008-01-19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006-11-02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009-04-11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009-04-11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008-01-19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008-01-19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008-01-19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008-01-19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006-11-02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009-04-11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009-04-11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2007-09-19 05:26:38 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2007-09-19 05:26:39 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008-01-19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006-11-02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
< MD5 for: USERINIT.EXE >
[2008-01-19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008-01-19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006-11-02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006-11-02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008-01-19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008-01-19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011-10-20 11:48:00 | 000,135,984 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl1.sys
[2011-10-20 11:48:00 | 000,013,104 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl2.sys
[2012-11-03 14:06:07 | 000,585,560 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klif.sys
[2011-03-10 18:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klim6.sys
[2009-11-02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klmouflt.sys
< %systemroot%\System32\config\*.sav >
[2006-11-02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006-11-02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006-11-02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006-11-02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006-11-02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2007-05-24 14:53:00 | 000,339,968 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
[2011-08-14 18:53:29 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011-08-14 18:53:29 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2006-11-02 10:46:04 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\expsrv.dll
[2012-08-30 22:23:46 | 000,229,816 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\klogon.dll
[2012-10-16 21:48:22 | 000,094,208 | RHS- | M] () Unable to obtain MD5 -- C:\Windows\system32\PxAFSU.dll
< %USERPROFILE%\*.* >
[2010-12-26 21:10:19 | 000,001,024 | ---- | M] () -- C:\Users\Wilma\.rnd
[2009-03-08 17:29:37 | 000,133,104 | ---- | M] (Google Inc.) -- C:\Users\Wilma\GOOGLEUPDATE.EXE
[2012-11-04 20:26:21 | 004,718,592 | -HS- | M] () -- C:\Users\Wilma\ntuser.dat
[2012-11-04 20:26:21 | 000,262,144 | -H-- | M] () -- C:\Users\Wilma\ntuser.dat.LOG1
[2011-07-06 22:39:04 | 000,262,144 | -H-- | M] () -- C:\Users\Wilma\ntuser.dat.LOG2
[2012-11-04 12:59:13 | 000,065,536 | -HS- | M] () -- C:\Users\Wilma\ntuser.dat{56d4f770-f8d5-11df-950e-912ffc9b6972}.TM.blf
[2012-11-04 12:59:13 | 000,524,288 | -HS- | M] () -- C:\Users\Wilma\ntuser.dat{56d4f770-f8d5-11df-950e-912ffc9b6972}.TMContainer00000000000000000001.regtrans-ms
[2010-11-25 22:20:38 | 000,524,288 | -HS- | M] () -- C:\Users\Wilma\ntuser.dat{56d4f770-f8d5-11df-950e-912ffc9b6972}.TMContainer00000000000000000002.regtrans-ms
[2010-11-25 21:58:17 | 000,065,536 | -HS- | M] () -- C:\Users\Wilma\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010-11-25 21:58:17 | 000,524,288 | -HS- | M] () -- C:\Users\Wilma\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2008-01-17 17:08:32 | 000,524,288 | -HS- | M] () -- C:\Users\Wilma\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2008-01-17 16:36:30 | 000,000,020 | -HS- | M] () -- C:\Users\Wilma\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
[2011-01-09 13:49:55 | 000,493,672 | ---- | M] (McAfee, Inc.) -- C:\Users\Wilma\Local Settings\Temp\contentDATs.exe
[2009-07-12 23:56:18 | 001,914,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Wilma\Local Settings\Temp\FlashPlayerUpdate.exe
[2010-11-02 10:32:33 | 002,826,192 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\FlashPlayerUpdate01.exe
[2010-06-30 02:44:29 | 000,922,400 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\jre-6u20-windows-i586-iftw-rv.exe
[2011-02-10 01:48:12 | 000,885,536 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\jre-6u24-windows-i586-iftw-rv.exe
[2011-07-14 22:45:41 | 000,909,088 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\jre-6u26-windows-i586-iftw-rv.exe
[2012-02-20 16:45:21 | 000,909,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\jre-6u31-windows-i586-iftw-rv.exe
[2012-04-13 22:47:23 | 000,910,112 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\jre-6u32-windows-i586-iftw.exe
[2012-08-29 13:07:10 | 000,908,272 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
[2012-10-26 16:05:21 | 000,912,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Wilma\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
[2010-02-05 17:46:06 | 000,779,600 | ---- | M] (CANON INC.) -- C:\Users\Wilma\Local Settings\Temp\MSETUP4.EXE
[2010-11-17 11:26:54 | 000,424,600 | ---- | M] (Google Inc.) -- C:\Users\Wilma\Local Settings\Temp\SearchWithGoogleUpdate.exe
[2010-12-09 11:44:34 | 003,598,224 | ---- | M] (McAfee, Inc.) -- C:\Users\Wilma\Local Settings\Temp\SecurityScan_Release.exe
[2008-05-23 22:52:36 | 001,174,664 | ---- | M] (Symantec Corporation) -- C:\Users\Wilma\Local Settings\Temp\SymLCSVC.EXE
[960 C:\Users\Wilma\Local Settings\Temp\*.tmp files -> C:\Users\Wilma\Local Settings\Temp\*.tmp -> ]
< %USERPROFILE%\Local Settings\Temp\*.dll >
[2012-08-23 04:38:58 | 000,248,008 | ---- | M] (Ask.com) -- C:\Users\Wilma\Local Settings\Temp\AskSLib.dll
[960 C:\Users\Wilma\Local Settings\Temp\*.tmp files -> C:\Users\Wilma\Local Settings\Temp\*.tmp -> ]
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
========== Alternate Data Streams ==========
@Alternate Data Stream - 864 bytes -> C:\Users\Wilma\Documents\Gleichwertigkeit Prüfungsleistungen NL.eml:OECustomProperty
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Wilma:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\weltbild 1:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\vrede:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\voorzetsels:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Voor Wilmi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\vlucht naar Engeland:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Updater5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\tussen.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\stadtwaage:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\stadtwaage emden:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\stadthalle:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Stadthalle Emden:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\SS 2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\siegel Kirche:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Screenshots:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Scannen.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\scan2:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\scan 1:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\SantaCla.mp3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 9:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 8:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 7:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 6b:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 6a:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 5b:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 3:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\samenvatting 1:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\restore:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\plattegrond:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Perry and the poor boys:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Osterlampe:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\osterglocken_by_Joujou_pixelio_de.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\om.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\ogentest1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\naast.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\naambordje:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\My Music:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\My Art:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\My Albums:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Mijn Google Gadgets:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Kapellealtar_mcf-Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Kapelaltaar1_mcf-Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Kapelaltaar_mcf-Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Israel:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Israel 1:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\in.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Geschenkboekje_mcf-Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Freemake:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\familie-verschillende-leeftijden-8729.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\eva:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Echt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\DVDVideoSoft:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Didaktische Ausarbeitung:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\dagtekst2:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Dagtekst:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Bremen 090.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Altaar2_mcf-Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\Altaar_mcf-Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\album:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\achter.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Wilma\Documents\24-06-2010:Roxio EMC Stream
< End of report >
Extras.txt: Code:
OTL Extras logfile created on: 4-11-2012 19:34:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
1,75 Gb Total Physical Memory | 0,81 Gb Available Physical Memory | 46,32% Memory free
3,74 Gb Paging File | 2,48 Gb Available in Paging File | 66,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,78 Gb Total Space | 33,63 Gb Free Space | 32,41% Space Free | Partition Type: NTFS
Computer Name: PC_VAN_WILMA | User Name: Wilma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Trekpleister fotoservice] -- "C:\Program Files\Trekpleister\Trekpleister fotoservice\Trekpleister fotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C9A6AF4-0C05-402F-8C00-A8A54DC2D742}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2D3D3BE2-DEB6-4A2F-94BC-3F700BC83A11}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3E7A5DE9-5004-4025-930F-5BA67F081CD1}" = rport=445 | protocol=6 | dir=out | app=system |
"{3FA7CDE6-18A8-46DC-8212-945540B4A22C}" = rport=137 | protocol=17 | dir=out | app=system |
"{455B74DC-C64D-4285-95F3-8E900D954A6C}" = lport=445 | protocol=6 | dir=in | app=system |
"{57DFBD9E-8D71-40AC-B787-EF8D5E42705D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{60E5FA3D-BCF7-42F0-B842-B753BFBD9FF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{73049F38-6637-42EF-AEF1-6C6F409850B6}" = lport=139 | protocol=6 | dir=in | app=system |
"{742E9B61-C0E4-48E7-B8C8-0F5FCA1F8131}" = rport=138 | protocol=17 | dir=out | app=system |
"{83D8A191-A4C3-4F75-B69E-AB6F85F2B0E3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8E82E059-A6AC-4B8F-A423-01BDFB90D607}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{9E2FD0B1-DE95-402C-9DA2-0DB58A5E151A}" = rport=139 | protocol=6 | dir=out | app=system |
"{A4D5B2F4-8588-47FE-9E4E-C82BF281B942}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A59815C8-15D2-41F9-B748-D8B447A4A748}" = lport=138 | protocol=17 | dir=in | app=system |
"{BF10892F-2F57-48A0-8E6C-C0ED21A0B193}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7C5BEB6-1FAA-4F9C-910E-626AB86DE9F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D202894D-DCE1-4F87-8011-57886629991D}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{E22BB168-9BCA-4D6A-8FDC-64D6158D8B5F}" = lport=137 | protocol=17 | dir=in | app=system |
"{E43285BC-EE55-48AF-9F12-67404B274FD9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002C4BCC-3DE0-4A10-8893-6EB2A4C5066F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{083EF299-8E27-480F-8BE0-A3AC234CDE17}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0D600FBA-E89A-4E56-873A-47A9E6B6E691}" = protocol=6 | dir=in | app=c:\program files\powercinema\powercinema.exe |
"{188845C9-7930-44E3-9431-29CC04E76FCD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{195FE30D-9474-415F-A80F-62B29EEB8AD6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{41651206-1948-43B8-9869-5A31EACB2572}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{47E31CD9-4948-45EF-8E0C-90A1440C0417}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe |
"{4CACB475-C6E4-417F-BE0E-E9B62E055BF9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{504AC9D1-0581-4CB7-A9F7-C48237B44973}" = dir=in | app=c:\program files\powercinema\kernel\dms\clmsservice.exe |
"{566D2618-C534-4DE3-B689-507A9DECDCD4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5B23BEFC-440E-4B7A-A394-CD2D6BD61F91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{69FE7DC4-954F-4200-AD4F-4FB017B37872}" = dir=in | app=c:\program files\powercinema\pcmservice.exe |
"{7E209CE0-023E-4E84-8CEF-19894176A64F}" = protocol=6 | dir=in | app=c:\program files\powercinema\pcmservice.exe |
"{899FC00F-959C-46A6-A968-944AA23CD930}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{99B166ED-7921-4A9F-9ED2-ABD73F71ECD9}" = protocol=17 | dir=in | app=c:\program files\powercinema\powercinema.exe |
"{AA87530B-8A12-466F-B51D-26DE2E2D0467}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BAD17FE0-956D-406A-8247-8748AB342C24}" = dir=in | app=c:\program files\powercinema\powercinema.exe |
"{BD77E75B-5ECD-4BD6-B70F-814888578F31}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe |
"{D7738908-2E0B-43AC-B7DF-11D2877D01A5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E3AA117F-A685-4EF2-A83D-FC6451C783D7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E8FF027A-BF44-4401-9175-71CA3EA58720}" = protocol=17 | dir=in | app=c:\program files\powercinema\pcmservice.exe |
"{ED2FA439-4B71-4CFA-9881-0031DBAD6778}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F2C2DCD7-9F24-479D-A5A7-3E6BC170E99E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{FC814DA1-32D2-41C2-9488-9A3C254BC9A9}" = dir=in | app=c:\program files\powercinema\kernel\dmp\clbrowserengine.exe |
"TCP Query User{0B535C9F-C3A7-46B1-9797-190D20BFC4AF}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"TCP Query User{67D33195-05D1-4BCB-B3EE-8A524C99FEF2}C:\program files\limewire plus\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire plus\limewire.exe |
"TCP Query User{69D6554F-D0B2-461B-9824-E0E2F2BF7164}C:\windows\temp\navbrowser.exe" = protocol=6 | dir=in | app=c:\windows\temp\navbrowser.exe |
"TCP Query User{B573CB6B-0F76-43AE-A43A-16082B1BE5C5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C2B67180-8333-4DFD-8039-7651A9058EF7}C:\windows\temp\navbrowser.exe" = protocol=6 | dir=in | app=c:\windows\temp\navbrowser.exe |
"TCP Query User{E0D23213-A501-4E7A-A60E-BCE652C2C57B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{E13EBA21-B5F7-4C83-A22B-CE7494B3BC69}C:\program files\limewire plus\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire plus\limewire.exe |
"UDP Query User{12DF269C-353C-4A10-B68E-BEBF2DC790DF}C:\program files\limewire plus\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire plus\limewire.exe |
"UDP Query User{531CF9E6-1D8B-4472-A272-1F70BD06CCE2}C:\windows\temp\navbrowser.exe" = protocol=17 | dir=in | app=c:\windows\temp\navbrowser.exe |
"UDP Query User{71D9D652-278A-415C-B66B-87D3AA5AD50C}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\german\setup.exe |
"UDP Query User{769F9582-C38F-4A5B-8998-8163ECAD8058}C:\program files\limewire plus\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire plus\limewire.exe |
"UDP Query User{8C4E984C-7D06-4B27-90B2-EC1D0885D7B5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9318AEEB-7B63-440B-BE45-FAAD4ADE356D}C:\windows\temp\navbrowser.exe" = protocol=17 | dir=in | app=c:\windows\temp\navbrowser.exe |
"UDP Query User{F549C9F0-0C64-4C87-B804-4C70A1257DA3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{049DE0EA-163F-2FDB-3E9D-C4B2DF1ED6C0}" = Catalyst Control Center Core Implementation
"{057847EC-F678-553C-23C3-F756D12D94CC}" = CCC Help Hungarian
"{06D387CA-93A6-DF48-44F4-DEF679C9773F}" = Catalyst Control Center Localization Polish
"{0996C331-6DCB-4E38-A3EC-0A77ABAE1361}" = Help_CTR
"{0C4C1082-BED7-9F55-1817-140C358DD2A9}" = CCC Help Japanese
"{0E3E1968-69D0-A3C6-6F27-BCD4C55E8877}" = CCC Help Danish
"{0F2ECBF6-E946-D953-C820-216CA7C60766}" = Catalyst Control Center Localization Dutch
"{0FAAA044-04CF-4766-84A2-A6A95CE196BD}" = Samsung PC Studio 3
"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{12D57DBB-AF1B-ACB9-C188-0CD15AB88714}" = Catalyst Control Center Localization Norwegian
"{14D55F2C-2A03-4291-B1CE-CC6FC5088386}" = HDRegNL
"{1680A88C-184E-771D-B084-475932F722F2}" = Catalyst Control Center Localization Swedish
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B9EF5E8-1537-1C02-8E1B-E0F6C8B9804B}" = Catalyst Control Center Graphics Full New
"{1D02E648-3981-C46A-C490-7626CBD677E5}" = Catalyst Control Center Localization Italian
"{1D0775F7-EAA3-3B04-7E62-5F0B201E7784}" = Catalyst Control Center Localization Czech
"{1E4EBAF3-B745-D820-DAA1-A9D994ACEAC1}" = Catalyst Control Center Localization German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{27FA0EA8-B597-6156-3F71-0600589E5DF5}" = Catalyst Control Center Localization Korean
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2D270A67-B7CD-4281-B2FE-60DF18D19B8E}" = Kaspersky PURE 2.0
"{2EA63C93-C1ED-AA5D-63A4-809AC014130A}" = CCC Help Turkish
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{324A6FDE-72E6-FE4A-3E96-79FC082FF05C}" = CCC Help Korean
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44D3E73C-DD4F-E9F5-ED67-6449A95BDAEE}" = Catalyst Control Center Localization Chinese Standard
"{471E6731-9F77-7642-6FEE-82BF38572F41}" = Catalyst Control Center Localization Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A57592C-FF92-4083-97A9-92783BD5AFB4}" = USB2.0 350K WebCam
"{4E2966E3-6CE2-7044-9BBE-69D73C9A5669}" = Catalyst Control Center Localization Turkish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{63F6B4DE-D927-71D2-DB37-E3D57324BFBD}" = Catalyst Control Center Localization Chinese Traditional
"{66C8BE35-8BBB-472B-96C7-C7C9A499F988}" = PhotoImpression 5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B170DF1-44D5-EE03-488B-B14022926269}" = Catalyst Control Center Localization Portuguese
"{6E6420FE-4C99-3ED5-7519-B5C22B6253BC}" = CCC Help English
"{70CB0558-9487-5AFF-A0C7-868A29345FC1}" = Catalyst Control Center Graphics Full Existing
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}" = PIF DESIGNER2.1
"{7C926B5D-DC4A-5E89-5E17-B3A3B1A89BAA}" = Skins
"{7C9A109D-C870-F116-A730-D8D36FF0BDE4}" = Catalyst Control Center Graphics Light
"{7DD9CFAE-5CF1-9AE0-1318-C08252C13944}" = Catalyst Control Center Localization Hungarian
"{7DE47C72-0A60-705B-8CC5-6C97ED457EAD}" = Catalyst Control Center Localization Greek
"{858F597F-0927-DDD2-F997-FAD8D1E35C76}" = ccc-utility
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_ENTERPRISE_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007
"{90120000-00BA-0413-0000-0000000FF1CE}_ENTERPRISE_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{94FC9A0E-2C2E-A90E-0286-3B89514C1C66}" = CCC Help Polish
"{97F38321-6488-7AF4-66E6-D0E54DED4DB5}" = CCC Help German
"{9B452711-75BD-875D-F364-E422598C7E03}" = Catalyst Control Center Localization Danish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A121592B-3807-E758-5707-CEADF57C7DD8}" = CCC Help Italian
"{A2C2600A-8AB7-E6C9-246E-DB019DBB537F}" = Catalyst Control Center Localization Japanese
"{A416058E-754E-792A-EA8A-28643F2E69E9}" = CCC Help Chinese Traditional
"{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player
"{A8A96EA0-6198-66D5-6C5A-0C478374D4FB}" = Catalyst Control Center Localization Thai
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AAD153D6-EA7D-E913-7EDF-441871A7D58B}" = Catalyst Control Center Graphics Previews Vista
"{AC76BA86-7AD7-1043-7B44-A81300000003}" = Adobe Reader 8.1.3 - Nederlands
"{ADE489CC-D322-D86E-E386-DA5E8615EC28}" = CCC Help Dutch
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master
"{B0544A18-DC32-E7C2-6D53-5DF018A08182}" = CCC Help Swedish
"{B4904CE1-9B11-B1E7-55BF-3C14990D5D13}" = Catalyst Control Center Localization Russian
"{B4D43702-3A40-3840-61B2-A16C52F6DA23}" = CCC Help Portuguese
"{B7B16694-9557-6946-6B7D-5C5D19522A16}" = ccc-core-static
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Creator 9 LE
"{B9290344-051D-CAE7-7D33-C6EC3C5E6F88}" = CCC Help Finnish
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C792A75A-2A1F-4991-9B85-291745478A79}" = NetAssistant
"{CB0150AB-0D06-A3CE-F177-00AD5CD88A9A}" = CCC Help Spanish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E9704D-2D80-9EDC-A9AF-805E5FF4CF3A}" = Catalyst Control Center Localization Finnish
"{D6AB9AB2-252C-DDAA-6FDD-75C1D1944848}" = CCC Help Czech
"{D847C95B-FD35-A198-A034-1884DDD113F4}" = CCC Help Norwegian
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E142866C-701D-CD53-ECEE-E641EA1989C4}" = CCC Help Chinese Standard
"{E17E3426-4F92-01EC-13CB-BE4B31F86D5C}" = CCC Help French
"{E20921C0-C0EE-1409-DE92-7B93B94EF1F0}" = CCC Help Greek
"{E42F19D3-1C46-630E-62AB-302AB9A08C83}" = Catalyst Control Center Localization French
"{EA17E7C5-5C86-6DF7-C161-C5C34A2F0E11}" = CCC Help Russian
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF5C9C17-2FCA-C04E-67B0-5EAEFD783DD4}" = CCC Help Thai
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AdobeReader" = Adobe Reader 8
"AskTBar Uninstall" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CDex" = CDex extraction audio
"COMPUSERVE" = Compuserve ADSL
"CREATOR9" = Creator 9
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FirefoxNL" = Firefox
"Flashplayer" = Flash Player 9 Internet Explorer
"Freemake Video Downloader_is1" = Freemake Video Downloader version 2.0.0
"Gebruikersregistratie voor Canon MG5100 series" = Gebruikersregistratie voor Canon MG5100 series
"Gebruikersregistratie voor Canon MP550 series" = Gebruikersregistratie voor Canon MP550 series
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GOOGLE_EARTH" = Google Earth
"GoogleBAE" = Google BAE
"GoogleDesktop" = Google Desktop
"GOOGLETOOLBAR" = Google Toolbar
"ImageWriter" = Packard Bell ImageWriter
"Infocentre" = Infocentre Rev. 2.0
"InstallWIX_{2D270A67-B7CD-4281-B2FE-60DF18D19B8E}" = Kaspersky PURE 2.0
"LCDTest" = Packard Bell LCD Test
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360_2007_NL" = Norton 360 2007
"Picasa 3" = Picasa 3
"Picasa_2" = Picasa2
"PowerCinema5" = Power Cinema 5
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SETUPMYPC_NL" = SetUp My PC
"Shockwave" = Shockwave player 10
"SKYPE" = Skype 3.2.2.163
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trekpleister fotoservice" = Trekpleister fotoservice
"Trusted Software Assistant_is1" = File Type Assistant
"Uninstall_is1" = Uninstall 1.0.0.1
"Updator" = Packard Bell Updator
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NetAssistant" = Freeze.com NetAssistant
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11-9-2012 17:22:02 | Computer Name = PC_van_Wilma | Source = Microsoft Office 12 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Word.
Error - 11-9-2012 17:22:08 | Computer Name = PC_van_Wilma | Source = Application Error | ID = 1000
Description = Toepassing met fout SETUP.EXE_Microsoft Setup Bootstrapper, versie
12.0.6606.1000, tijdstempel 0x4e26b0a2, module met fout ole32.dll, versie 6.0.6002.18277,
tijdstempel 0x4c28d53e, uitzonderingscode 0xc0000005, foutmarge 0x00047333, proces-id
0x11f8, starttijd van toepassing 0x01cd9062baec8570.
Error - 15-9-2012 3:48:50 | Computer Name = PC_van_Wilma | Source = Application Error | ID = 1000
Description = Toepassing met fout AcroRd32.exe, versie 8.1.0.137, tijdstempel 0x46444e37,
module met fout AcroRd32.dll, versie 8.1.3.187, tijdstempel 0x48f5acd6, uitzonderingscode
0xc0000005, foutmarge 0x0009608a, proces-id 0x1624, starttijd van toepassing 0x01cd931677ae5610.
Error - 24-9-2012 10:32:01 | Computer Name = PC_van_Wilma | Source = Application Hang | ID = 1002
Description = Programma iexplore.exe, versie 9.0.8112.16450 reageert niet meer op
Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem
beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en
-oplossingen in het Configuratiescherm controleren. Proces-id: f68 Starttijd: 01cd9a611d74d690
Eindtijd:
67
Error - 27-9-2012 9:19:29 | Computer Name = PC_van_Wilma | Source = System Restore | ID = 8193
Description =
Error - 27-9-2012 9:19:29 | Computer Name = PC_van_Wilma | Source = System Restore | ID = 8210
Description =
Error - 1-10-2012 10:44:40 | Computer Name = PC_van_Wilma | Source = System Restore | ID = 8193
Description =
Error - 1-10-2012 10:44:40 | Computer Name = PC_van_Wilma | Source = System Restore | ID = 8210
Description =
Error - 8-10-2012 13:49:07 | Computer Name = PC_van_Wilma | Source = EventSystem | ID = 4621
Description =
Error - 16-10-2012 17:27:46 | Computer Name = PC_van_Wilma | Source = EventSystem | ID = 4621
Description =
[ OSession Events ]
Error - 15-12-2008 20:24:38 | Computer Name = PC_van_Wilma | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 5028 seconds with 4620 seconds of active time. This session ended with a
crash.
[ System Events ]
Error - 3-11-2012 19:00:23 | Computer Name = PC_van_Wilma | Source = Service Control Manager | ID = 7000
Description =
Error - 3-11-2012 19:25:02 | Computer Name = PC_van_Wilma | Source = DCOM | ID = 10010
Description =
Error - 4-11-2012 4:58:29 | Computer Name = PC_van_Wilma | Source = Service Control Manager | ID = 7022
Description =
Error - 4-11-2012 4:58:29 | Computer Name = PC_van_Wilma | Source = Service Control Manager | ID = 7001
Description =
Error - 4-11-2012 5:44:27 | Computer Name = PC_van_Wilma | Source = DCOM | ID = 10010
Description =
Error - 4-11-2012 6:02:00 | Computer Name = PC_van_Wilma | Source = Service Control Manager | ID = 7022
Description =
Error - 4-11-2012 6:02:00 | Computer Name = PC_van_Wilma | Source = Service Control Manager | ID = 7001
Description =
Error - 4-11-2012 7:59:08 | Computer Name = PC_van_Wilma | Source = DCOM | ID = 10010
Description =
Error - 4-11-2012 14:31:15 | Computer Name = PC_van_Wilma | Source = Service Control Manager | ID = 7022
Description =
Error - 4-11-2012 14:31:15 | Computer Name = PC_van_Wilma | Source = Service Control Manager | ID = 7001
Description =
< End of report >
Was passiert jetzt? Danke schonmal! |
