Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

PC loopt ernstig vast - Hijacklog

None
7 antwoorden
  • Hallo allemaal,

    [b:218ebc47c6]Edit: Ik heb toch maar even een systeemherstel uitgevoerd… het was echt niet meer te doen zo.. Heeft het nu nog zin om een nieuwe Hijacklog te plaatsen of zijn de meeste problemen nu niet automatisch opgelost? [/b:218ebc47c6]

    Ik heb een probleem met deze computer die om het minste of geringste vastloopt. Soms is ook het opstarten alleen al een probleem en krijg ik niet eens het bureaublad tevoorschijn.

    Heb even (via de veilige modus) een Hijackthis log gemaakt; zie hieronder. Graag hoor ik van jullie interessante oplossingen voor dit vervelende probleem. Alvast vriendelijk bedankt!


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:41:42, on 18-3-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Safe mode with network support

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
    O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http:/
    over.ebay.com
    over/1/1346-72745-17534-1/4 (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http:/
    over.ebay.com
    over/1/1346-72745-17534-1/4 (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32
    vvsvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe


    End of file - 5207 bytes

    [b:218ebc47c6] inmiddels is er een systeemherstel uitgevoerd[/b:218ebc47c6]
  • Toch nog weer even een vraagje.. nu ik een systeemherstel heb uitgevoerd geeft Windows Update aan dat er 113 belangrijke updates zijn. Maar de meeste zijn al verouderd of van lang geleden. Moet ik deze nu alle 113 installeren of kan ik ook op een bepaalde manier alleen de belangrijke/meest recente selecteren en die installeren? :wink:
  • Download [b:59bf0cc220]OTL[/color:59bf0cc220][/b:59bf0cc220] en plaats het bestand op

    je bureaublad.

    [b:59bf0cc220]"OTL.com" gebruiken[/b:59bf0cc220]:
    [list:59bf0cc220][*:59bf0cc220] [b:59bf0cc220]Sluit nu eerst alle nog openstaande programmavensters![/color:59bf0cc220][/b:59bf0cc220]
    [list:59bf0cc220][*:59bf0cc220] [b:59bf0cc220]Start het tool middels dubbelklik op "OTL.com".[/b:59bf0cc220]
    [/list:u:59bf0cc220][/list:u:59bf0cc220]
    [list:59bf0cc220][*:59bf0cc220]Zet een vinkje bij [b:59bf0cc220]Scan All Users[/b:59bf0cc220][/color:59bf0cc220].
    [*:59bf0cc220]Klik op de knop [b:59bf0cc220]Quick Scan[/b:59bf0cc220][/color:59bf0cc220].
    [*:59bf0cc220]Verander de instellingen van OTL niet, tenzij ik hiervoor specifiek instructies geef.
    [*:59bf0cc220]De scan zal niet heel erg lang duren.
    [list:59bf0cc220][*:59bf0cc220]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. [b:59bf0cc220]OTL.Txt[/b:59bf0cc220] en [b:59bf0cc220]

    Extras.txt[/b:59bf0cc220].
    [*:59bf0cc220]Deze logbestanden zijn opgeslagen in dezelfde locatie als OTL.
    [*:59bf0cc220]Kopieer vervolgens de inhoud van zowel OTL.txt alsook Extras.txt en plak die gegevens in je volgende

    bericht.[/list:u:59bf0cc220][/list:u:59bf0cc220]
  • [b:21514724ec]OTL[/b:21514724ec]

    OTL logfile created on: 24-3-2012 15:34:56 - Run 1
    OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Familie\Downloads
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    2,99 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,48% Memory free
    5,98 Gb Paging File | 5,04 Gb Available in Paging File | 84,32% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 910,41 Gb Total Space | 875,34 Gb Free Space | 96,15% Space Free | Partition Type: NTFS
    Drive D: | 20,00 Gb Total Space | 9,53 Gb Free Space | 47,66% Space Free | Partition Type: NTFS

    Computer Name: FAMILIE-PC | User Name: Familie | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:21514724ec]

    PRC - [2012-03-24 15:25:42 | 000,593,920 | —- | M] (OldTimer Tools) – C:\Users\Familie\Downloads\OTL.com
    PRC - [2012-03-07 01:15:17 | 004,241,512 | —- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2012-03-07 01:15:14 | 000,044,768 | —- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2011-02-26 06:33:07 | 002,614,784 | —- | M] (Microsoft Corporation) – C:\Windows\explorer.exe
    PRC - [2009-10-02 13:26:12 | 000,013,336 | —- | M] (Intel Corporation) – C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2009-10-02 13:26:10 | 000,284,696 | —- | M] (Intel Corporation) – C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2009-07-14 02:14:42 | 000,049,152 | —- | M] (Microsoft Corporation) – C:\Windows\System32\taskhost.exe
    PRC - [2007-06-05 12:20:32 | 000,177,704 | —- | M] () – C:\Windows\System32\PSIService.exe


    ========== Modules (No Company Name) ==========[/color:21514724ec]

    MOD - [2012-03-21 19:16:21 | 003,325,952 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
    MOD - [2012-03-21 19:14:51 | 000,771,584 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
    MOD - [2012-03-21 19:14:38 | 012,431,360 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
    MOD - [2012-03-21 19:14:33 | 001,586,688 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
    MOD - [2012-03-21 19:14:24 | 005,452,800 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
    MOD - [2012-03-21 19:14:22 | 000,971,264 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
    MOD - [2012-03-21 19:14:20 | 007,952,384 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
    MOD - [2012-03-21 19:14:16 | 011,490,304 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
    MOD - [2009-07-14 09:26:52 | 000,303,104 | —- | M] () – C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll


    ========== Win32 Services (SafeList) ==========[/color:21514724ec]

    SRV - [2012-03-18 22:39:15 | 001,343,400 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\Wat\WatAdminSvc.exe – (WatAdminSvc)
    SRV - [2012-03-07 01:15:14 | 000,044,768 | —- | M] (AVAST Software) [Auto | Running] – C:\Program Files\AVAST Software\Avast\AvastSvc.exe – (avast! Antivirus)
    SRV - [2009-10-02 13:26:12 | 000,013,336 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe – (IAStorDataMgrSvc) Intel(R)
    SRV - [2009-07-14 02:16:13 | 000,025,088 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\System32\sensrsvc.dll – (SensrSvc)
    SRV - [2009-07-14 02:15:41 | 000,680,960 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV - [2007-06-05 12:20:32 | 000,177,704 | —- | M] () [Auto | Running] – C:\Windows\System32\PSIService.exe – (ProtexisLicensing)


    ========== Driver Services (SafeList) ==========[/color:21514724ec]

    DRV - File not found [Kernel | On_Demand | Stopped] – system32\drivers
    vhda32v.sys – (NVHDA)
    DRV - [2012-03-07 01:03:51 | 000,612,184 | —- | M] (AVAST Software) [File_System | System | Running] – C:\Windows\System32\drivers\aswSnx.sys – (aswSnx)
    DRV - [2012-03-07 01:03:38 | 000,337,880 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\System32\drivers\aswSP.sys – (aswSP)
    DRV - [2012-03-07 01:02:14 | 000,044,376 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\System32\drivers\aswRdr2.sys – (aswRdr)
    DRV - [2012-03-07 01:01:53 | 000,053,848 | —- | M] (AVAST Software) [Kernel | System | Running] – C:\Windows\System32\drivers\aswTdi.sys – (aswTdi)
    DRV - [2012-03-07 01:01:48 | 000,057,688 | —- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\System32\drivers\aswMonFlt.sys – (aswMonFlt)
    DRV - [2012-03-07 01:01:30 | 000,020,696 | —- | M] (AVAST Software) [File_System | Auto | Running] – C:\Windows\System32\drivers\aswFsBlk.sys – (aswFsBlk)
    DRV - [2009-11-21 03:34:54 | 011,515,752 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers
    vlddmkm.sys – (nvlddmkm)
    DRV - [2009-09-22 14:34:44 | 000,579,072 | —- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\Windows\System32\drivers\RTL8192su.sys – (RTL8192su)
    DRV - [2006-11-30 14:18:18 | 000,027,416 | —- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\System32\drivers\x10ufx2.sys – (XUIF)


    ========== Standard Registry (SafeList) ==========[/color:21514724ec]


    ========== Internet Explorer ==========[/color:21514724ec]

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com/ [binary data]
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://medion.msn.com/ [binary data]
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com/
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\..\SearchScopes\{2312CEA5-0E57-4992-83F6-E988C4D57BB8}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
    IE - HKU\S-1-5-21-3931507060-3206263003-2857493643-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========[/color:21514724ec]

    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director
    p32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4: C:\Program Files\Microsoft\Office Live
    pOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-18 16:54:13 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-18 16:28:08 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2012-03-18 16:28:15 | 000,000,000 | —D | M] (No name found) – C:\Users\Familie\AppData\Roaming\mozilla\Extensions
    [2012-03-18 16:28:08 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions
    [2012-03-18 16:54:13 | 000,000,000 | —D | M] (avast! WebRep) – C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
    [2012-03-13 05:38:06 | 000,097,208 | —- | M] (Mozilla Foundation) – C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012-03-13 05:46:58 | 000,002,252 | —- | M] () – C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012-03-13 05:55:45 | 000,001,892 | —- | M] () – C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
    [2012-03-13 05:55:45 | 000,004,558 | —- | M] () – C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
    [2012-03-13 05:55:45 | 000,001,049 | —- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml

    O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | —- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9 - Extra Button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http:/
    over.ebay.com
    over/1/1346-72745-17534-1/4 File not found
    O9 - Extra 'Tools' menuitem : eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http:/
    over.ebay.com
    over/1/1346-72745-17534-1/4 File not found
    O13 - gopher Prefix: missing
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} http://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 188.142.0.6 188.142.0.22
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{609D7C22-C87E-4F93-85E5-E1D5C4B0A843}: DhcpNameServer = 188.142.0.6 188.142.0.22
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0EAFAA6-F456-47E9-A0DB-79B6787A55B7}: DhcpNameServer = 188.142.0.6 188.142.0.22
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | —- | M] () - C:\autoexec.bat – [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O37 - HKLM\…com [@ = comfile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========[/color:21514724ec]

    [2012-03-24 15:28:54 | 000,000,000 | —D | C] – C:\Windows\LastGood
    [2012-03-24 15:26:37 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Adobe
    [2012-03-20 23:04:48 | 000,000,000 | -HSD | C] – C:\Config.Msi
    [2012-03-19 16:58:07 | 000,000,000 | —D | C] – C:\Windows\Minidump
    [2012-03-19 16:45:07 | 000,000,000 | —D | C] – C:\Windows\System32\Wat
    [2012-03-18 22:43:33 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    [2012-03-18 16:55:01 | 000,337,880 | —- | C] (AVAST Software) – C:\Windows\System32\drivers\aswSP.sys
    [2012-03-18 16:55:01 | 000,020,696 | —- | C] (AVAST Software) – C:\Windows\System32\drivers\aswFsBlk.sys
    [2012-03-18 16:55:01 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
    [2012-03-18 16:55:00 | 000,612,184 | —- | C] (AVAST Software) – C:\Windows\System32\drivers\aswSnx.sys
    [2012-03-18 16:55:00 | 000,057,688 | —- | C] (AVAST Software) – C:\Windows\System32\drivers\aswMonFlt.sys
    [2012-03-18 16:55:00 | 000,053,848 | —- | C] (AVAST Software) – C:\Windows\System32\drivers\aswTdi.sys
    [2012-03-18 16:55:00 | 000,044,376 | —- | C] (AVAST Software) – C:\Windows\System32\drivers\aswRdr2.sys
    [2012-03-18 16:54:07 | 000,041,184 | —- | C] (AVAST Software) – C:\Windows\avastSS.scr
    [2012-03-18 16:54:01 | 000,201,352 | —- | C] (AVAST Software) – C:\Windows\System32\aswBoot.exe
    [2012-03-18 16:53:53 | 000,000,000 | —D | C] – C:\ProgramData\AVAST Software
    [2012-03-18 16:53:53 | 000,000,000 | —D | C] – C:\Program Files\AVAST Software
    [2012-03-18 16:45:33 | 000,000,000 | —D | C] – C:\Program Files\Microsoft Visual Studio
    [2012-03-18 16:43:38 | 000,000,000 | —D | C] – C:\Program Files\Microsoft Visual Studio 8
    [2012-03-18 16:43:21 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Microsoft Help
    [2012-03-18 16:28:11 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Roaming\Mozilla
    [2012-03-18 16:28:11 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Mozilla
    [2012-03-18 16:28:06 | 000,000,000 | —D | C] – C:\Program Files\Mozilla Firefox
    [2012-03-18 16:26:12 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Roaming\Macromedia
    [2012-03-18 16:25:27 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Roaming\Adobe
    [2012-03-18 16:24:43 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Seven Zip
    [2012-03-18 16:22:59 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Diagnostics
    [2012-03-18 16:21:36 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Roaming\Intel Corporation
    [2012-03-18 16:21:28 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Power2Go
    [2012-03-18 16:21:21 | 000,000,000 | R–D | C] – C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2012-03-18 16:21:21 | 000,000,000 | R–D | C] – C:\Users\Familie\Searches
    [2012-03-18 16:21:21 | 000,000,000 | R–D | C] – C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2012-03-18 16:21:21 | 000,000,000 | -H-D | C] – C:\Users\Familie\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
    [2012-03-18 16:21:14 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Roaming\Identities
    [2012-03-18 16:21:13 | 000,000,000 | R–D | C] – C:\Users\Familie\Contacts
    [2012-03-18 16:21:12 | 000,000,000 | -HSD | C] – C:\$RECYCLE.BIN
    [2012-03-18 16:21:07 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\VirtualStore
    [2012-03-18 16:21:06 | 000,000,000 | –SD | C] – C:\Users\Familie\AppData\Roaming\Microsoft
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Videos
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Saved Games
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Pictures
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Music
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Links
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Favorites
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Downloads
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Documents
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\Desktop
    [2012-03-18 16:21:06 | 000,000,000 | R–D | C] – C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\AppData\Local\Temporary Internet Files
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Sjablonen
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\SendTo
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Recent
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Netwerkprinteromgeving
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\NetHood
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Documents\Mijn video's
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Documents\Mijn muziek
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Mijn documenten
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Documents\Mijn afbeeldingen
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Menu Start
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Local Settings
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\AppData\Local\Geschiedenis
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Cookies
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\Application Data
    [2012-03-18 16:21:06 | 000,000,000 | -HSD | C] – C:\Users\Familie\AppData\Local\Application Data
    [2012-03-18 16:21:06 | 000,000,000 | -H-D | C] – C:\Users\Familie\AppData
    [2012-03-18 16:21:06 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Temp
    [2012-03-18 16:21:06 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Local\Microsoft
    [2012-03-18 16:21:06 | 000,000,000 | —D | C] – C:\Users\Familie\AppData\Roaming\Media Center Programs
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\ProgramData\Sjablonen
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\Recovery
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\Users\Public\Documents\Mijn video's
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\Users\Public\Documents\Mijn muziek
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\Users\Public\Documents\Mijn afbeeldingen
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\ProgramData\Menu Start
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\ProgramData\Favorieten
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\Documents and Settings
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\ProgramData\Documenten
    [2012-03-18 16:20:47 | 000,000,000 | -HSD | C] – C:\ProgramData\Bureaublad
    [2012-03-18 16:19:41 | 000,000,000 | —D | C] – C:\Windows\SoftwareDistribution

    ========== Files - Modified Within 30 Days ==========[/color:21514724ec]

    [2012-03-24 15:34:08 | 000,010,096 | -H– | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012-03-24 15:34:08 | 000,010,096 | -H– | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012-03-24 15:28:03 | 000,701,326 | —- | M] () – C:\Windows\System32\perfh013.dat
    [2012-03-24 15:28:03 | 000,615,810 | —- | M] () – C:\Windows\System32\perfh009.dat
    [2012-03-24 15:28:03 | 000,133,358 | —- | M] () – C:\Windows\System32\perfc013.dat
    [2012-03-24 15:28:03 | 000,106,190 | —- | M] () – C:\Windows\System32\perfc009.dat
    [2012-03-24 15:23:34 | 000,001,403 | —- | M] () – C:\Users\Familie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012-03-24 15:23:10 | 000,067,584 | –S- | M] () – C:\Windows\bootstat.dat
    [2012-03-24 15:23:02 | 2408,927,232 | -HS- | M] () – C:\hiberfil.sys
    [2012-03-19 16:57:52 | 530,230,889 | —- | M] () – C:\Windows\MEMORY.DMP
    [2012-03-19 16:47:42 | 000,416,448 | —- | M] () – C:\Windows\System32\FNTCACHE.DAT
    [2012-03-18 22:42:36 | 000,072,822 | —- | M] () – C:\Windows\System32\ieuinit.inf
    [2012-03-18 16:55:00 | 000,002,577 | —- | M] () – C:\Windows\System32\config.nt
    [2012-03-18 16:28:09 | 000,001,096 | —- | M] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012-03-18 16:18:41 | 000,046,406 | —- | M] () – C:\Windows\System32\license.rtf
    [2012-03-07 01:15:19 | 000,041,184 | —- | M] (AVAST Software) – C:\Windows\avastSS.scr
    [2012-03-07 01:15:14 | 000,201,352 | —- | M] (AVAST Software) – C:\Windows\System32\aswBoot.exe
    [2012-03-07 01:03:51 | 000,612,184 | —- | M] (AVAST Software) – C:\Windows\System32\drivers\aswSnx.sys
    [2012-03-07 01:03:38 | 000,337,880 | —- | M] (AVAST Software) – C:\Windows\System32\drivers\aswSP.sys
    [2012-03-07 01:02:14 | 000,044,376 | —- | M] (AVAST Software) – C:\Windows\System32\drivers\aswRdr2.sys
    [2012-03-07 01:01:53 | 000,053,848 | —- | M] (AVAST Software) – C:\Windows\System32\drivers\aswTdi.sys
    [2012-03-07 01:01:48 | 000,057,688 | —- | M] (AVAST Software) – C:\Windows\System32\drivers\aswMonFlt.sys
    [2012-03-07 01:01:30 | 000,020,696 | —- | M] (AVAST Software) – C:\Windows\System32\drivers\aswFsBlk.sys

    ========== Files Created - No Company Name ==========[/color:21514724ec]

    [2012-03-19 16:57:52 | 530,230,889 | —- | C] () – C:\Windows\MEMORY.DMP
    [2012-03-18 22:42:36 | 000,072,822 | —- | C] () – C:\Windows\System32\ieuinit.inf
    [2012-03-18 16:28:09 | 000,001,108 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2012-03-18 16:28:09 | 000,001,096 | —- | C] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012-03-18 16:25:36 | 000,001,403 | —- | C] () – C:\Users\Familie\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012-03-18 16:21:22 | 000,001,409 | —- | C] () – C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    [2012-03-18 16:21:06 | 000,000,290 | —- | C] () – C:\Users\Familie\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
    [2012-03-18 16:21:06 | 000,000,272 | —- | C] () – C:\Users\Familie\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
    [2012-03-18 16:12:53 | 2408,927,232 | -HS- | C] () – C:\hiberfil.sys

    ========== LOP Check ==========[/color:21514724ec]

    [2012-03-18 16:35:10 | 000,000,000 | —D | M] – C:\Users\Gerrit\AppData\Roaming\BullGuard
    [2009-07-14 05:53:46 | 000,014,178 | —- | M] () – C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========[/color:21514724ec]



    < End of report >

    _____________________________________________________________

    [b:21514724ec]OTL extra[/b:21514724ec]

    OTL Extras logfile created on: 24-3-2012 15:34:56 - Run 1
    OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Familie\Downloads
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    2,99 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,48% Memory free
    5,98 Gb Paging File | 5,04 Gb Available in Paging File | 84,32% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 910,41 Gb Total Space | 875,34 Gb Free Space | 96,15% Space Free | Partition Type: NTFS
    Drive D: | 20,00 Gb Total Space | 9,53 Gb Free Space | 47,66% Space Free | Partition Type: NTFS

    Computer Name: FAMILIE-PC | User Name: Familie | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:21514724ec]


    ========== File Associations ==========[/color:21514724ec]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] – C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] – C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-3931507060-3206263003-2857493643-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] – C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========[/color:21514724ec]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    hlpfile [open] – %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========[/color:21514724ec]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type – File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========[/color:21514724ec]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========[/color:21514724ec]


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:21514724ec]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
    "{10F5387D-1728-423A-A578-B00982CF2646}" = Windows Live Messenger
    "{11005483-57F9-400C-BF9F-CBC47540705A}" = Windows Live Photo Gallery
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
    "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
    "{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail
    "{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}" = Windows Live Call
    "{35CA031C-D3CD-4A28-8D9B-C71466C4F045}" = Windows Live Writer
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{5158F1F5-FA1B-4D49-B546-55A5004B89BD}" = Microsoft Works
    "{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}" = Windows Live Essentials
    "{62012DD0-5B43-464C-BC62-68DE5B1B73DE}" = Windows Live Movie Maker
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
    "{90120000-0015-0413-0000-0000000FF1CE}_PROPLUS_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
    "{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
    "{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
    "{90120000-0019-0413-0000-0000000FF1CE}_PROPLUS_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
    "{90120000-001A-0413-0000-0000000FF1CE}_PROPLUS_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
    "{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-0413-0000-0000000FF1CE}" = Compatibiliteitspakket voor het 2007 Microsoft Office system
    "{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
    "{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
    "{90120000-0044-0413-0000-0000000FF1CE}_PROPLUS_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
    "{90120000-006E-0413-0000-0000000FF1CE}_HOMESTUDENTR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0413-0000-0000000FF1CE}_PROPLUS_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
    "{90120000-00A1-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{95120000-00AF-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Dutch)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
    "{AC76BA86-7AD7-1043-7B44-A93000000001}" = Adobe Reader 9.3 - Nederlands
    "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
    "{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{CD19EDD9-1632-4002-9212-7478E4BA0423}" = Windows Live Sync
    "{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{E51109E7-3818-4BC2-B3FD-A59AC2378A2B}" = Windows Live Toolbar
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "avast" = avast! Free Antivirus
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
    "Mozilla Firefox 11.0 (x86 nl)" = Mozilla Firefox 11.0 (x86 nl)
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "NVIDIA Drivers" = NVIDIA Drivers
    "PROPLUS" = Microsoft Office Professional Plus 2007
    "WinLiveSuite_Wave3" = Windows Live Essentials

    ========== Last 10 Event Log Errors ==========[/color:21514724ec]

    [ Application Events ]
    Error - 18-3-2012 12:52:11 | Computer Name = Familie-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Het uitpakken van een basislijst uit het CAB-bestand voor automatische
    updates is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    met de fout: Een benodigd certificaat valt niet binnen de geldigheidsduur als gekeken
    wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand.
    .

    Error - 18-3-2012 12:52:12 | Computer Name = Familie-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Het uitpakken van een basislijst uit het CAB-bestand voor automatische
    updates is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    met de fout: Een benodigd certificaat valt niet binnen de geldigheidsduur als gekeken
    wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand.
    .

    Error - 18-3-2012 12:52:21 | Computer Name = Familie-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Het uitpakken van een basislijst uit het CAB-bestand voor automatische
    updates is mislukt op <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    met de fout: Een benodigd certificaat valt niet binnen de geldigheidsduur als gekeken
    wordt naar de huidige systeemklok of de tijdstempel in het ondertekende bestand.
    .

    Error - 18-3-2012 18:00:11 | Computer Name = Familie-PC | Source = MsiInstaller | ID = 11935
    Description =

    Error - 19-3-2012 12:59:20 | Computer Name = Familie-PC | Source = SideBySide | ID = 16842811
    Description = Kan activeringscontext voor 'c:\program files\microsoft\search enhancement
    pack\search helper\sepsearchhelperie.dll' niet maken. Fout in manifest of beleidsbestand
    'c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll'
    op regel 2. Ongeldige XML-syntaxis.

    Error - 19-3-2012 13:11:21 | Computer Name = Familie-PC | Source = MsiInstaller | ID = 11935
    Description =

    Error - 20-3-2012 17:07:13 | Computer Name = Familie-PC | Source = SideBySide | ID = 16842811
    Description = Kan activeringscontext voor 'c:\program files\microsoft\search enhancement
    pack\search helper\sepsearchhelperie.dll' niet maken. Fout in manifest of beleidsbestand
    'c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll'
    op regel 2. Ongeldige XML-syntaxis.

    Error - 20-3-2012 18:11:33 | Computer Name = Familie-PC | Source = .NET Runtime Optimization Service | ID = 1101
    Description =

    Error - 21-3-2012 14:27:08 | Computer Name = Familie-PC | Source = SideBySide | ID = 16842811
    Description = Kan activeringscontext voor 'c:\program files\microsoft\search enhancement
    pack\search helper\sepsearchhelperie.dll' niet maken. Fout in manifest of beleidsbestand
    'c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll'
    op regel 2. Ongeldige XML-syntaxis.

    Error - 23-3-2012 16:56:05 | Computer Name = Familie-PC | Source = SideBySide | ID = 16842811
    Description = Kan activeringscontext voor 'c:\program files\microsoft\search enhancement
    pack\search helper\sepsearchhelperie.dll' niet maken. Fout in manifest of beleidsbestand
    'c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll'
    op regel 2. Ongeldige XML-syntaxis.

    [ OSession Events ]
    Error - 18-3-2012 17:02:53 | Computer Name = Familie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
    12.0.6415.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 723
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 18-3-2012 11:20:09 | Computer Name = Familie-PC | Source = Service Control Manager | ID = 7022
    Description = De BullGuard Firewall Service-service is bij het starten vastgelopen.

    Error - 18-3-2012 11:20:11 | Computer Name = Familie-PC | Source = Service Control Manager | ID = 7022
    Description = De BullGuard Email Monitoring Service-service is bij het starten vastgelopen.

    Error - 18-3-2012 18:01:06 | Computer Name = Familie-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installatiefout: de volgende update kan niet worden geïnstalleerd,
    foutcode 0x80070643: Beveiligingsupdate voor herdistribueerbaar pakket Microsoft
    Visual C++ 2008 Service Pack 1 (KB2538243).

    Error - 19-3-2012 11:48:07 | Computer Name = Familie-PC | Source = Service Control Manager | ID = 7023
    Description = De Windows Modules Installer-service is gestopt met de volgende foutcode:
    %%16405.

    Error - 19-3-2012 11:50:39 | Computer Name = Familie-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installatiefout: de volgende update kan niet worden geïnstalleerd,
    foutcode 0x80242016: KB2632503: Update voor Windows 7.

    Error - 19-3-2012 11:50:39 | Computer Name = Familie-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installatiefout: de volgende update kan niet worden geïnstalleerd,
    foutcode 0x80242016: KB2598845: Update voor de compatibiliteitsweergavelijst in
    Internet Explorer 8 voor Windows 7.

    Error - 19-3-2012 11:50:39 | Computer Name = Familie-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installatiefout: de volgende update kan niet worden geïnstalleerd,
    foutcode 0x80242016: Beveiligingsupdate voor Internet Explorer 8 voor Windows 7
    (KB2544521).

    Error - 19-3-2012 11:58:10 | Computer Name = Familie-PC | Source = EventLog | ID = 6008
    Description = De vorige afsluiting van het systeem om 16:55:55 op ?19-?3-?2012 is
    onverwacht gebeurd.

    Error - 19-3-2012 11:58:10 | Computer Name = Familie-PC | Source = BugCheck | ID = 1001
    Description =

    Error - 19-3-2012 13:11:22 | Computer Name = Familie-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installatiefout: de volgende update kan niet worden geïnstalleerd,
    foutcode 0x80070643: Beveiligingsupdate voor herdistribueerbaar pakket Microsoft
    Visual C++ 2008 Service Pack 1 (KB2538243).


    < End of report >
  • Hou oud is deze computer inmiddels?

    En er schijnt ook in deze Windows een probleem met de tijdsinstellingen te zijn. Waardoor updates mislukken.
    Controleer daarom ook de tijdsinstellingen.
  • De computer is inmiddels ongeveer 3 jaar oud.
    Naar mijn idee lijken de tijdsinstellingen te kloppen; maar ik weet niet precies waar ik naar moet kijken behalve tijd/tijdzones etc. :S
  • Je hebt de tijd in de systray rechtsonder staan.
    Klik daar met rechts op en kies voor Verandering van tijd en datum.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.