Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

File missing regels en ezRecover.exe verwijderen

Abraham54
14 antwoorden
  • Graag advies over het volgende
    Ik heb een nieuwe HP PC, met voorgeinstalleerde windows software. Buiten de essentiele software staat er een hoop rommel op (bloatware?) die ik zo veel mogelijk heb proberen te verwijderen.
    Twee vragen.
    1) in bijgevoegd hijjack log zie ik een hoop regels met file missing. Kan ik die verwijderen?
    2) ik probeer de regel
    O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    te verwijderen en dat lukt niet. Suggesties?
    Dank,
    Maarten

    Log:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 13:07:16, on 24-6-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16446)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
    C:\Users\Martine\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/8
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/8
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/8
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: HP Support Assistant Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (file missing)
    O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
    O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 8111 bytes
  • Je hebt HijackThis in een 64-bit Windows gebruikt.
    En het is nog steeds zo, dat HijackThis niet goed met 64-bit Windows-systemen overweg kan - vandaar die missing files.
    Dus zet het verwijderen daarvan maar uit je hoofd.

    Waarom verwijder je dat [b:c535c4772d]EasyBits For Kids[/b:c535c4772d] niet gewoon?
    In Windows 7 zit zelf back-upsoftware.
  • Dank voor je snelle reactie.
    Het eerste punt is duidelijk. dank.
    Ik heb EasyBits For Kids via het deinstalleren van programma's vewijderd en de file kan ik ook niet meer vinden op mijn systeem.
    De sleutel is kennelijk blijven hangen.
  • Doe dan het volgende:

    [b:17c6615404]Welk programma[/b:17c6615404]: [b:17c6615404]OTL.com[/b:17c6615404][/color:17c6615404]
    [b:17c6615404]Waarvoor/waarom[/b:17c6615404]: multifunktioneel tool - analyse en fix
    [b:17c6615404]Moeilijkheidsgraad[/b:17c6615404]: geen.
    [b:17c6615404]Download[/b:17c6615404]: [b:17c6615404]OTL[/color:17c6615404][/b:17c6615404] en plaats het bestand op het bureaublad.

    [b:17c6615404]OTL.com[/color:17c6615404] gebruiken[/b:17c6615404]:
    [list:17c6615404][*:17c6615404] [b:17c6615404]Sluit nu eerst alle nog openstaande programmavensters![/color:17c6615404][/b:17c6615404]
    [list:17c6615404][*:17c6615404]Dubblklik op [img:17c6615404]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:17c6615404]
    [/list:u:17c6615404][/list:u:17c6615404]
    [list:17c6615404][*:17c6615404]Zet een vinkje bij [b:17c6615404]Scan All Users[/b:17c6615404][/color:17c6615404].
    [*:17c6615404]Klik op [img:17c6615404]http://www.imgdumper.nl/uploads5/4f9112fd1172c/4f9112fd11340-OTL-3.png[/img:17c6615404].
    [*:17c6615404]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
    [*:17c6615404]De scan zal niet heel erg lang duren.
    [list:17c6615404][*:17c6615404]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:17c6615404]OTL.Txt[/b:17c6615404] en [b:17c6615404]Extras.txt[/b:17c6615404].
    [*:17c6615404]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:17c6615404]
    [*:17c6615404][b:17c6615404]Notabene:[/b:17c6615404][/color:17c6615404] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:17c6615404]
  • Scan heeft gelopen.
    extra.txt in volgende post

    OLT.txt
    [list:a6f4b77f95]
    OTL logfile created on: 24-6-2012 14:08:16 - Run 1
    OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Martine\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    5,95 Gb Total Physical Memory | 4,56 Gb Available Physical Memory | 76,66% Memory free
    11,90 Gb Paging File | 10,48 Gb Available in Paging File | 88,12% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 440,66 Gb Total Space | 393,84 Gb Free Space | 89,37% Space Free | Partition Type: NTFS
    Drive D: | 20,93 Gb Total Space | 2,23 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
    Drive E: | 3,96 Gb Total Space | 3,95 Gb Free Space | 99,72% Space Free | Partition Type: FAT32

    Computer Name: PPC-MARTINE-2 | User Name: Martine | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:a6f4b77f95]

    PRC - [2012-06-24 14:07:00 | 000,596,992 | —- | M] (OldTimer Tools) – C:\Users\Martine\Desktop\OTL.com
    PRC - [2011-11-10 14:03:44 | 000,243,360 | —- | M] (Adobe Systems, Inc.) – C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
    PRC - [2011-06-06 13:55:28 | 000,064,952 | —- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011-04-30 01:32:54 | 000,013,592 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2011-02-24 01:10:24 | 000,212,944 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
    PRC - [2011-02-01 23:41:24 | 002,656,280 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2011-02-01 23:41:20 | 000,326,168 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2010-11-08 17:40:10 | 001,839,776 | —- | M] (Symantec Corporation) – C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    PRC - [2010-11-08 17:39:46 | 000,050,544 | —- | M] (Symantec Corporation) – C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
    PRC - [2010-08-10 21:44:14 | 000,115,560 | —- | M] (Symantec Corporation) – C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
    PRC - [2010-08-10 21:43:42 | 000,108,392 | —- | M] (Symantec Corporation) – C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe
    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe
    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe
    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe
    PRC - [2010-03-18 13:16:28 | 000,130,384 | —- | M] (Microsoft Corporation) – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


    ========== Modules (No Company Name) ==========[/color:a6f4b77f95]


    ========== Win32 Services (SafeList) ==========[/color:a6f4b77f95]

    SRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-09-08 15:42:28 | 000,305,152 | —- | M] (IDT, Inc.) [Auto | Running] – C:\Program Files\IDT\WDM\stacsv64.exe – (STacSV)
    SRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-08-18 08:12:52 | 000,204,288 | —- | M] (AMD) [Auto | Running] – C:\Windows\SysNative\atiesrxx.exe – (AMD External Events Utility)
    SRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-02-16 23:47:28 | 000,682,040 | —- | M] (Hewlett-Packard) [On_Demand | Stopped] – C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe – (HPAuto)
    SRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-10-11 03:48:14 | 000,346,168 | —- | M] (Hewlett-Packard Company) [Auto | Running] – C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe – (HPClientSvc)
    SRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-07-14 03:41:27 | 001,011,712 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV - [2011-09-01 07:11:00 | 002,425,960 | —- | M] (Realsil Microelectronics Inc.) [Auto | Running] – C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe – (IconMan_R)
    SRV - [2011-06-06 13:55:28 | 000,064,952 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
    SRV - [2011-04-30 01:32:54 | 000,013,592 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe – (IAStorDataMgrSvc) Intel(R)
    SRV - [2011-02-24 01:10:24 | 000,212,944 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe – (jhi_service) Intel(R)
    SRV - [2011-02-01 23:41:24 | 002,656,280 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe – (UNS) Intel(R)
    SRV - [2011-02-01 23:41:20 | 000,326,168 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe – (LMS) Intel(R)
    SRV - [2010-11-17 20:43:06 | 000,428,912 | —- | M] (Symantec Corporation) [Disabled | Stopped] – C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE – (SNAC)
    SRV - [2010-11-12 07:14:04 | 003,249,768 | —- | M] (Symantec Corporation) [Auto | Running] – C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe – (SmcService)
    SRV - [2010-11-08 17:40:10 | 001,839,776 | —- | M] (Symantec Corporation) [Auto | Running] – C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe – (Symantec AntiVirus)
    SRV - [2010-09-07 16:05:51 | 003,093,880 | —- | M] (Symantec Corporation) [On_Demand | Stopped] – C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE – (LiveUpdate)
    SRV - [2010-08-10 21:43:42 | 000,108,392 | —- | M] (Symantec Corporation) [Auto | Running] – C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe – (ccSetMgr)
    SRV - [2010-08-10 21:43:42 | 000,108,392 | —- | M] (Symantec Corporation) [Auto | Running] – C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe – (ccEvtMgr)
    SRV - [2010-03-18 13:16:28 | 000,130,384 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe – (clr_optimization_v4.0.30319_32)
    SRV - [2009-06-10 23:23:09 | 000,066,384 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========[/color:a6f4b77f95]

    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2012-06-23 15:41:54 | 000,173,616 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS – (SymEvent)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2012-03-01 08:46:16 | 000,023,408 | —- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\Windows\SysNative\drivers\fs_rec.sys – (Fs_Rec)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-11-10 22:39:42 | 000,107,904 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-11-10 22:39:42 | 000,027,008 | —- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-10-14 04:37:44 | 000,396,848 | —- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\SynTP.sys – (SynTP)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-09-08 15:42:28 | 000,535,040 | —- | M] (IDT, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\stwrt64.sys – (STHDA)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-09-02 21:46:00 | 000,339,048 | —- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\RtsPStor.sys – (RSPCIESTOR)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-08-24 07:57:24 | 000,565,352 | —- | M] (Realtek ) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Rt64win7.sys – (RTL8167)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-08-18 11:40:56 | 009,981,952 | —- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\atikmdag.sys – (amdkmdag)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-08-18 07:34:48 | 000,310,272 | —- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\atikmpag.sys – (amdkmdap)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-08-09 18:32:02 | 012,289,472 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\igdpmd64.sys – (intelkmd)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-07-19 11:19:16 | 001,492,992 | —- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers
    etr28x.sys – (netr28x)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-07-04 15:36:12 | 000,225,328 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\wpshelper.sys – (WpsHelper)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2011-04-26 12:07:36 | 000,557,848 | —- | M] (Intel Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\iaStor.sys – (iaStor)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-11-21 05:24:33 | 000,059,392 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (TsUsbFlt)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-11-21 05:23:47 | 000,109,056 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\sdbus.sys – (sdbus)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-11-21 05:23:47 | 000,078,720 | —- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-11-21 05:23:47 | 000,031,232 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbGD.sys – (TsUsbGD)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-11-12 07:14:04 | 000,053,808 | —- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\WPSDRVnt.sys – (WPS)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-10-20 02:34:26 | 000,056,344 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\HECIx64.sys – (MEIx64) Intel(R)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-10-15 11:28:16 | 000,317,440 | —- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\IntcDAud.sys – (IntcDAud) Intel(R)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-09-17 13:10:32 | 000,482,352 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\srtspl64.sys – (SRTSPL)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-09-17 13:10:32 | 000,449,072 | —- | M] (Symantec Corporation) [File_System | System | Running] – C:\Windows\SysNative\drivers\srtsp64.sys – (SRTSP)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-09-17 13:10:32 | 000,032,304 | —- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\srtspx64.sys – (SRTSPX)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2010-08-16 17:39:38 | 000,064,048 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\Teefer2.sys – (Teefer2)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-07-14 03:52:20 | 000,194,128 | —- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-07-14 03:48:04 | 000,065,600 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2.sys – (LSI_SAS2)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-07-14 03:45:55 | 000,024,656 | —- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 23:01:11 | 001,485,312 | —- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\VSTDPV6.SYS – (SrvHsfV92)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 23:01:11 | 000,740,864 | —- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\VSTCNXT6.SYS – (SrvHsfWinac)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 23:01:11 | 000,292,864 | —- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\VSTAZL6.SYS – (SrvHsfHDA)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 22:35:35 | 000,408,960 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers
    vm62x64.sys – (NVENETFD)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 22:34:38 | 001,311,232 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\BCMWL664.SYS – (BCM43XX)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 22:34:33 | 003,286,016 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 22:34:28 | 000,468,480 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 22:34:23 | 000,270,848 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\b57nd60a.sys – (b57nd60a)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2009-06-10 22:31:59 | 000,031,232 | —- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hcw85cir.sys – (hcw85cir)
    DRV:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - [2008-03-20 12:34:12 | 000,028,672 | —- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\aabed2.sys – (e.dentifier2)
    DRV - [2012-06-18 12:30:34 | 002,068,600 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\ProgramData\Symantec\Definitions\VirusDefs\20120622.033\EX64.SYS – (NAVEX15)
    DRV - [2012-06-18 12:30:34 | 000,484,512 | —- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys – (eeCtrl)
    DRV - [2012-06-18 12:30:34 | 000,138,912 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys – (EraserUtilRebootDrv)
    DRV - [2012-06-18 12:30:34 | 000,120,440 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\ProgramData\Symantec\Definitions\VirusDefs\20120622.033\ENG64.SYS – (NAVENG)
    DRV - [2010-09-17 13:10:32 | 000,482,352 | —- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\srtspl64.sys – (SRTSPL)
    DRV - [2010-09-17 13:10:32 | 000,449,072 | —- | M] (Symantec Corporation) [File_System | System | Running] – C:\Windows\SysWOW64\drivers\srtsp64.sys – (SRTSP)
    DRV - [2010-09-17 13:10:32 | 000,032,304 | —- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\SysWOW64\drivers\srtspx64.sys – (SRTSPX)
    DRV - [2009-07-14 03:19:10 | 000,019,008 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\wimmount.sys – (WIMMount)


    ========== Standard Registry (SafeList) ==========[/color:a6f4b77f95]


    ========== Internet Explorer ==========[/color:a6f4b77f95]

    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/8
    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/8
    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..\SearchScopes\{D864C420-C2E5-4E13-A640-470E21315846}: "URL" = http://www.amazon.co.uk/s
    ef=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/8
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCON/8
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
    IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE - HKLM\..\SearchScopes\{D864C420-C2E5-4E13-A640-470E21315846}: "URL" = http://www.amazon.co.uk/s
    ef=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/8
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\SearchScopes,DefaultScope = {E7330FA7-BB72-4890-8FD6-4A5159B64040}
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\SearchScopes\{D864C420-C2E5-4E13-A640-470E21315846}: "URL" = http://www.amazon.co.uk/s
    ef=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\SearchScopes\{E7330FA7-BB72-4890-8FD6-4A5159B64040}: "URL" = http://www.google.nl/search?hl=nl&q={searchTerms}
    IE - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========[/color:a6f4b77f95]

    FF:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@ABNAMRO/BECON,version=1.00: C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla
    pBECON.dll (ABN AMRO)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director
    p32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)



    O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | —- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O3 - HKU\S-1-5-21-2018428006-1732214073-1989755489-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O4:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe File not found
    O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O13[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65814503-7226-4941-855B-1EA51A927027}: DhcpNameServer = 212.54.40.25 212.54.35.25
    O18:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - Protocol\Handler\cdo - No CLSID value found
    O18:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - Protocol\Handler\msdaipp - No CLSID value found
    O18:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - Protocol\Handler\mso-offdap - No CLSID value found
    O18:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O20:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..comfile [open] – "%1" %*
    O35:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\..exefile [open] – "%1" %*
    O35 - HKLM\..comfile [open] – "%1" %*
    O35 - HKLM\..exefile [open] – "%1" %*
    O37:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\…com [@ = comfile] – "%1" %*
    O37:[b:a6f4b77f95]64bit:[/b:a6f4b77f95] - HKLM\…exe [@ = exefile] – "%1" %*
    O37 - HKLM\…com [@ = comfile] – "%1" %*
    O37 - HKLM\…exe [@ = exefile] – "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========[/color:a6f4b77f95]

    [2012-06-24 14:06:46 | 000,596,992 | —- | C] (OldTimer Tools) – C:\Users\Martine\Desktop\OTL.com
    [2012-06-24 13:48:49 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Adobe
    [2012-06-24 13:28:25 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Sonos,_Inc
    [2012-06-24 13:24:07 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
    [2012-06-24 13:24:05 | 000,000,000 | —D | C] – C:\Program Files (x86)\Sonos
    [2012-06-24 13:22:42 | 000,000,000 | —D | C] – C:\ProgramData\Sonos,_Inc
    [2012-06-24 13:22:14 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Downloaded Installations
    [2012-06-24 13:17:53 | 000,000,000 | —D | C] – C:\Program Files (x86)\Microsoft.NET
    [2012-06-24 13:16:04 | 000,000,000 | —D | C] – C:\c6244e64667a1c025fe4b996a31a80
    [2012-06-23 21:18:02 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\WindowsUpdate
    [2012-06-23 21:16:59 | 000,000,000 | —D | C] – C:\Windows\SysWow64\Wat
    [2012-06-23 21:16:58 | 000,000,000 | —D | C] – C:\Windows\SysNative\Wat
    [2012-06-23 21:09:03 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABN AMRO e.dentifier2
    [2012-06-23 21:09:03 | 000,000,000 | —D | C] – C:\Program Files (x86)\ABN AMRO e.dentifier2
    [2012-06-23 21:08:30 | 000,000,000 | —D | C] – C:\ProgramData\{6CDCEBFA-D5FA-4ED0-A11F-AC1F8BD76DF2}
    [2012-06-23 19:13:01 | 000,000,000 | —D | C] – C:\Users\Martine\Documents\samsung
    [2012-06-23 19:13:01 | 000,000,000 | —D | C] – C:\Users\Martine\Documents\Re-integratie
    [2012-06-23 19:12:59 | 000,000,000 | —D | C] – C:\Users\Martine\Documents\My Data Sources
    [2012-06-23 19:11:13 | 000,000,000 | —D | C] – C:\Users\Martine\Documents\Asus - documenten
    [2012-06-23 18:56:25 | 000,000,000 | —D | C] – C:\Users\Martine\Documents\Kenwood
    [2012-06-23 16:29:14 | 000,000,000 | —D | C] – C:\Program Files (x86)\MSECache
    [2012-06-23 16:25:55 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
    [2012-06-23 16:25:54 | 000,000,000 | —D | C] – C:\Program Files (x86)\Microsoft ActiveSync
    [2012-06-23 16:25:42 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Designer
    [2012-06-23 16:25:02 | 000,000,000 | —D | C] – C:\Windows\ShellNew
    [2012-06-23 16:24:52 | 000,000,000 | —D | C] – C:\Program Files (x86)\Microsoft Office
    [2012-06-23 16:19:06 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2012-06-23 16:19:05 | 000,000,000 | —D | C] – C:\Program Files\CCleaner
    [2012-06-23 15:43:02 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Symantec
    [2012-06-23 15:42:59 | 000,225,328 | —- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\wpshelper.sys
    [2012-06-23 15:41:47 | 000,173,616 | —- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2012-06-23 15:41:19 | 000,000,000 | —D | C] – C:\Program Files\Common Files\Symantec Shared
    [2012-06-23 15:41:19 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Symantec Shared
    [2012-06-23 15:41:19 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
    [2012-06-23 15:41:19 | 000,000,000 | —D | C] – C:\ProgramData\Symantec
    [2012-06-23 15:41:19 | 000,000,000 | —D | C] – C:\Program Files (x86)\Symantec
    [2012-06-23 15:33:30 | 000,000,000 | —D | C] – C:\SEP 64 - 11.0.6200.754 (RU6MP2) EN
    [2012-06-23 15:23:08 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\Symantec
    [2012-06-23 15:08:27 | 000,000,000 | —D | C] – C:\ProgramData\CyberLink
    [2012-06-23 15:08:09 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\CyberLink
    [2012-06-23 15:08:09 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\CyberLink
    [2012-06-23 14:56:43 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\ATI
    [2012-06-23 14:56:43 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\ATI
    [2012-06-23 14:56:34 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\Macromedia
    [2012-06-23 14:56:25 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\Adobe
    [2012-06-23 14:53:01 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\Synaptics
    [2012-06-23 14:52:46 | 000,000,000 | R–D | C] – C:\Users\Martine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2012-06-23 14:52:46 | 000,000,000 | R–D | C] – C:\Users\Martine\Searches
    [2012-06-23 14:52:46 | 000,000,000 | R–D | C] – C:\Users\Martine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2012-06-23 14:52:45 | 000,000,000 | -H-D | C] – C:\Users\Martine\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
    [2012-06-23 14:52:38 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\Identities
    [2012-06-23 14:52:36 | 000,000,000 | R–D | C] – C:\Users\Martine\Contacts
    [2012-06-23 13:51:14 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\Hewlett-Packard
    [2012-06-23 13:50:24 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\hpqlog
    [2012-06-23 13:50:19 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Hewlett-Packard
    [2012-06-23 13:49:12 | 000,000,000 | R–D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
    [2012-06-23 13:49:12 | 000,000,000 | R–D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
    [2012-06-23 13:49:06 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\RemEngine
    [2012-06-23 13:49:01 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Hewlett-Packard_Company
    [2012-06-23 13:47:46 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\VirtualStore
    [2012-06-23 13:47:14 | 000,000,000 | -HSD | C] – C:\Users\Martine\AppData\Local\Temporary Internet Files
    [2012-06-23 13:47:14 | 000,000,000 | -HSD | C] – C:\Users\Martine\Sjablonen
    [2012-06-23 13:47:14 | 000,000,000 | -HSD | C] – C:\Users\Martine\Menu Start
    [2012-06-23 13:47:14 | 000,000,000 | -HSD | C] – C:\Users\Martine\Local Settings
    [2012-06-23 13:47:14 | 000,000,000 | -HSD | C] – C:\Users\Martine\AppData\Local\Geschiedenis
    [2012-06-23 13:47:14 | 000,000,000 | -HSD | C] – C:\Users\Martine\AppData\Local\Application Data
    [2012-06-23 13:47:13 | 000,000,000 | –SD | C] – C:\Users\Martine\AppData\Roaming\Microsoft
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Videos
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Saved Games
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Pictures
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Music
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Links
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Favorites
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Downloads
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Documents
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\Desktop
    [2012-06-23 13:47:13 | 000,000,000 | R–D | C] – C:\Users\Martine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\SendTo
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Recent
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Netwerkprinteromgeving
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\NetHood
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Documents\Mijn video's
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Documents\Mijn muziek
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Mijn documenten
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Documents\Mijn afbeeldingen
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Cookies
    [2012-06-23 13:47:13 | 000,000,000 | -HSD | C] – C:\Users\Martine\Application Data
    [2012-06-23 13:47:13 | 000,000,000 | -H-D | C] – C:\Users\Martine\AppData
    [2012-06-23 13:47:13 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Temp
    [2012-06-23 13:47:13 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Local\Microsoft
    [2012-06-23 13:47:13 | 000,000,000 | —D | C] – C:\Users\Martine\AppData\Roaming\Media Center Programs
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\ProgramData\Sjablonen
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\Users\Public\Documents\Mijn video's
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\Users\Public\Documents\Mijn muziek
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\Users\Public\Documents\Mijn afbeeldingen
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\ProgramData\Menu Start
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\ProgramData\Favorieten
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\ProgramData\Documenten
    [2012-06-23 13:46:54 | 000,000,000 | -HSD | C] – C:\ProgramData\Bureaublad

    ========== Files - Modified Within 30 Days ==========[/color:a6f4b77f95]

    [2012-06-24 14:07:00 | 000,596,992 | —- | M] (OldTimer Tools) – C:\Users\Martine\Desktop\OTL.com
    [2012-06-24 13:29:28 | 000,031,856 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012-06-24 13:29:28 | 000,031,856 | -H– | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012-06-24 13:24:07 | 000,001,913 | —- | M] () – C:\Users\Public\Desktop\Sonos.lnk
    [2012-06-24 13:21:21 | 000,067,584 | –S- | M] () – C:\Windows\bootstat.dat
    [2012-06-24 13:21:10 | 495,865,855 | -HS- | M] () – C:\hiberfil.sys
    [2012-06-24 13:20:24 | 001,565,726 | —- | M] () – C:\Windows\SysWow64\PerfStringBackup.INI
    [2012-06-24 13:20:24 | 000,701,564 | —- | M] () – C:\Windows\SysNative\perfh013.dat
    [2012-06-24 13:20:24 | 000,616,008 | —- | M] () – C:\Windows\SysNative\perfh009.dat
    [2012-06-24 13:20:24 | 000,133,564 | —- | M] () – C:\Windows\SysNative\perfc013.dat
    [2012-06-24 13:20:24 | 000,106,388 | —- | M] () – C:\Windows\SysNative\perfc009.dat
    [2012-06-24 13:18:30 | 001,559,100 | —- | M] () – C:\Windows\SysNative\PerfStringBackup.INI
    [2012-06-23 21:46:25 | 000,001,097 | —- | M] () – C:\Users\Martine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
    [2012-06-23 21:13:32 | 000,284,120 | —- | M] () – C:\Windows\SysNative\FNTCACHE.DAT
    [2012-06-23 18:51:15 | 000,024,463 | —- | M] () – C:\Users\Martine\AppData\Roaming\Comma Separated Values (Windows).ADR
    [2012-06-23 17:35:07 | 000,021,839 | —- | M] () – C:\Users\Martine\AppData\Roaming\Comma Separated Values (DOS).ADR
    [2012-06-23 17:18:22 | 000,000,000 | -H– | M] () – C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2012-06-23 16:26:40 | 000,000,376 | —- | M] () – C:\Windows\ODBC.INI
    [2012-06-23 16:25:56 | 000,001,959 | —- | M] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
    [2012-06-23 15:41:54 | 000,173,616 | —- | M] (Symantec Corporation) – C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2012-06-23 15:41:54 | 000,007,440 | —- | M] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2012-06-23 15:41:54 | 000,000,855 | —- | M] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2012-06-23 14:55:50 | 000,001,429 | —- | M] () – C:\Users\Martine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012-06-23 13:45:27 | 000,169,693 | —- | M] () – C:\Windows\SysWow64\license.rtf
    [2012-06-23 13:45:27 | 000,169,693 | —- | M] () – C:\Windows\SysNative\license.rtf

    ========== Files Created - No Company Name ==========[/color:a6f4b77f95]

    [2012-06-24 13:24:07 | 000,001,913 | —- | C] () – C:\Users\Public\Desktop\Sonos.lnk
    [2012-06-24 13:20:24 | 001,565,726 | —- | C] () – C:\Windows\SysWow64\PerfStringBackup.INI
    [2012-06-23 19:15:04 | 000,095,383 | —- | C] () – C:\Users\Martine\Documents\samsungmr-2.csv
    [2012-06-23 19:15:04 | 000,095,383 | —- | C] () – C:\Users\Martine\Documents\samsungmr.csv
    [2012-06-23 19:15:00 | 002,533,278 | —- | C] () – C:\Users\Martine\Documents\Grundfos-alfa2.pdf
    [2012-06-23 19:14:59 | 000,006,432 | —- | C] () – C:\Users\Martine\Documents\contact-mr-02.csv
    [2012-06-23 19:14:58 | 000,013,162 | —- | C] () – C:\Users\Martine\Documents\contact-mr-01.csv
    [2012-06-23 19:14:58 | 000,006,141 | —- | C] () – C:\Users\Martine\Documents\Beurre Blanc.pdf
    [2012-06-23 17:35:07 | 000,021,839 | —- | C] () – C:\Users\Martine\AppData\Roaming\Comma Separated Values (DOS).ADR
    [2012-06-23 17:18:22 | 000,000,000 | -H– | C] () – C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2012-06-23 17:02:32 | 000,024,463 | —- | C] () – C:\Users\Martine\AppData\Roaming\Comma Separated Values (Windows).ADR
    [2012-06-23 16:31:39 | 000,001,097 | —- | C] () – C:\Users\Martine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
    [2012-06-23 16:26:39 | 000,000,376 | —- | C] () – C:\Windows\ODBC.INI
    [2012-06-23 16:25:56 | 000,002,673 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
    [2012-06-23 16:25:56 | 000,002,655 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
    [2012-06-23 16:25:56 | 000,002,625 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
    [2012-06-23 16:25:56 | 000,001,959 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
    [2012-06-23 16:25:55 | 000,002,657 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
    [2012-06-23 16:25:55 | 000,002,611 | —- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
    [2012-06-23 15:41:47 | 000,007,440 | —- | C] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2012-06-23 15:41:47 | 000,000,855 | —- | C] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2012-06-23 14:55:50 | 000,001,429 | —- | C] () – C:\Users\Martine\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012-06-23 14:52:57 | 000,001,401 | —- | C] () – C:\Users\Martine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
    [2012-06-23 14:52:54 | 000,001,435 | —- | C] () – C:\Users\Martine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    [2012-06-23 13:47:13 | 000,000,290 | —- | C] () – C:\Users\Martine\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
    [2012-06-23 13:47:13 | 000,000,272 | —- | C] () – C:\Users\Martine\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
    [2011-12-12 02:39:13 | 000,000,000 | —- | C] () – C:\Windows\ativpsrm.bin
    [2011-12-12 02:35:44 | 000,014,119 | —- | C] () – C:\Windows\SysWow64\RaCoInst.dat
    [2011-12-12 02:32:14 | 000,003,929 | —- | C] () – C:\Windows\SysWow64\atipblup.dat
    [2011-12-12 02:27:30 | 000,000,056 | -H– | C] () – C:\Windows\SysWow64\ezsidmv.dat
    [2011-11-10 14:26:42 | 000,000,068 | —- | C] () – C:\Windows\SysWow64\ezdigsgn.dat
    [2011-08-17 23:43:18 | 000,053,760 | —- | C] () – C:\Windows\SysWow64\OVDecode.dll
    [2011-08-09 18:30:04 | 000,145,804 | —- | C] () – C:\Windows\SysWow64\igcompkrng600.bin
    [2011-08-09 18:30:02 | 000,963,116 | —- | C] () – C:\Windows\SysWow64\igkrng600.bin
    [2011-08-09 18:30:02 | 000,216,000 | —- | C] () – C:\Windows\SysWow64\igfcg600m.bin
    [2011-08-09 18:23:26 | 000,056,832 | —- | C] () – C:\Windows\SysWow64\igdde32.dll
    [2011-08-09 17:58:38 | 013,903,872 | —- | C] () – C:\Windows\SysWow64\ig4icd32.dll
    [2011-03-17 23:51:46 | 000,003,929 | —- | C] () – C:\Windows\SysWow64\atipblag.dat

    ========== LOP Check ==========[/color:a6f4b77f95]

    [2012-06-23 14:53:01 | 000,000,000 | —D | M] – C:\Users\Martine\AppData\Roaming\Synaptics
    [2009-07-14 07:08:49 | 000,007,076 | —- | M] () – C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========[/color:a6f4b77f95]



    < End of report >
    [/list:u:a6f4b77f95]
  • extra.txt

    OTL Extras logfile created on: 24-6-2012 14:08:16 - Run 1
    OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Martine\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    5,95 Gb Total Physical Memory | 4,56 Gb Available Physical Memory | 76,66% Memory free
    11,90 Gb Paging File | 10,48 Gb Available in Paging File | 88,12% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 440,66 Gb Total Space | 393,84 Gb Free Space | 89,37% Space Free | Partition Type: NTFS
    Drive D: | 20,93 Gb Total Space | 2,23 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
    Drive E: | 3,96 Gb Total Space | 3,95 Gb Free Space | 99,72% Space Free | Partition Type: FAT32

    Computer Name: PPC-MARTINE-2 | User Name: Martine | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:2bdc8b2ce3]


    ========== File Associations ==========[/color:2bdc8b2ce3]

    [b:2bdc8b2ce3]64bit:[/b:2bdc8b2ce3] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] – C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] – C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    ========== Shell Spawning ==========[/color:2bdc8b2ce3]

    [b:2bdc8b2ce3]64bit:[/b:2bdc8b2ce3] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] – "%1" /S
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========[/color:2bdc8b2ce3]

    [b:2bdc8b2ce3]64bit:[/b:2bdc8b2ce3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [b:2bdc8b2ce3]64bit:[/b:2bdc8b2ce3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [b:2bdc8b2ce3]64bit:[/b:2bdc8b2ce3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [b:2bdc8b2ce3]64bit:[/b:2bdc8b2ce3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========[/color:2bdc8b2ce3]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========[/color:2bdc8b2ce3]


    ========== Vista Active Open Ports Exception List ==========[/color:2bdc8b2ce3]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{003A8A7B-AD24-4457-995C-450FFFB76A17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{1A240FE5-A0CE-45DA-B5A5-D9664554D63F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{30C0FC5F-917E-4DE8-A30F-26E7B8EFC9C1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{409F6548-187E-43DE-A616-5911F45C4B20}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{451C171F-8634-40DC-9801-E52797549D09}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{48305BFD-CDFD-421A-B5EF-7D587291A5B9}" = rport=139 | protocol=6 | dir=out | app=system |
    "{5158E23E-8935-486D-A1D2-63C27A54E066}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{59C82FB3-684A-40D8-BAC9-F87B01FABA41}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{5CCA0BA0-E25C-4516-84A4-09162910114A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{648CEC9A-9A0B-4689-803E-840E8297BB88}" = lport=139 | protocol=6 | dir=in | app=system |
    "{737B70BD-DBB1-4DE1-B7C4-371B94213A02}" = rport=138 | protocol=17 | dir=out | app=system |
    "{771855B5-D759-4BAE-9798-392B3AAE982D}" = lport=137 | protocol=17 | dir=in | app=system |
    "{7FF8837C-1FFE-4D7B-BA9C-66412F1ED926}" = lport=445 | protocol=6 | dir=in | app=system |
    "{85DC3B24-53D1-4AE5-9673-7EC2AF268E9C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{88C6A476-C52D-4946-8CB2-71CDF8D30B54}" = rport=445 | protocol=6 | dir=out | app=system |
    "{94E7F732-C01B-4794-9FEA-BBBDAB63D730}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{9E2B2688-EDE5-4F83-95A8-586602DE6F14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{B3F9823B-F202-4BF5-8FC5-3712AD51ACF1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{CC5FBB05-940A-475F-9335-C25387680006}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{DD9C80D6-33AB-463B-9AB2-9DA1EAF9B12B}" = rport=137 | protocol=17 | dir=out | app=system |
    "{E6794342-B412-4F23-83A4-63F33CBBCE9A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F2C70974-4221-4DA2-BFFF-49457FD9DC07}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{FFA7D07E-4E16-4399-983C-06A7D167B794}" = lport=138 | protocol=17 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========[/color:2bdc8b2ce3]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0008FF4D-2E37-401E-B7C9-2BF58FECB4E1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\symantec shared\ccapp.exe |
    "{0594542E-8BF9-47E1-8DDF-C0925CD3906F}" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\snac64.exe |
    "{0BCB03A7-4A3A-4D40-82C9-12FFD48814CB}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
    "{240FB0D8-B52F-4FEA-B8E4-DF41DFF55CDC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{24E7CFDA-5E97-4E6F-85D2-0DC782F2E029}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{469FE8EF-F186-43D8-8DC7-DAACAE8A7E4B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{4F81ACD4-C276-4BD1-BF0F-3862B466E4F7}" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\smc.exe |
    "{58C57E8B-25E5-48F2-8295-C312839199CC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{59046378-5428-4B52-B134-8BB7F7FC0A34}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{59C0E721-CFA9-4518-B82C-59D2C1054DEF}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
    "{72143F6E-DCDD-4F88-BCEA-AF15F8370F5D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\symantec shared\ccapp.exe |
    "{7D342AC8-3B65-49CD-A8C0-52FB71C41C02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{850504A6-0DB3-42DE-9763-EC5E12481401}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{8D2475DF-0FDF-441B-8514-08052E63F8F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{8D5AD7DE-16F5-4298-8C59-ECE99F28948A}" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\snac64.exe |
    "{94E43095-26C4-4B8B-AD86-9B8F4F2DF035}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{9867C5E0-1587-4E74-A8CA-77AFD667895F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{9BE60823-91E2-45EB-9897-5E60ECD26D1B}" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\symantec endpoint protection\smc.exe |
    "{A7CD6BE9-3905-439B-9B6B-E7125A2D407D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B8E0691F-BB0C-421D-9ED2-35EBA764E6AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C7DC2C88-D1C6-4170-8EB8-94700BA1ED45}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{CF8C6783-D3C3-47EE-A52F-7ED40E700BC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{E14A53FF-2593-4252-B49B-F3E0FACD6488}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{EB1FD3A7-1531-45DF-8DA6-A82C819A3E81}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{EC70C5A9-CAFC-4D73-9EE2-ECA70DDB0C60}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{EE8B1A24-DC1C-484F-BB15-789515765392}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{F25E4203-6B81-4CB5-92B9-3B213CC722EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{FF8C34CE-B347-4298-809C-9104C0793B43}" = protocol=6 | dir=out | app=system |
    "TCP Query User{57181FEF-B631-459F-9A34-0C07EFE546B3}C:\program files (x86)\sonos\sonos.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |
    "UDP Query User{6AD64DC7-D13D-4556-B254-97E4E3C9E4DF}C:\program files (x86)\sonos\sonos.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sonos\sonos.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:2bdc8b2ce3]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{70F55D70-7E5F-6291-4924-2F7640F19BFE}" = AMD Catalyst Install Manager
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B1FB7D5C-20CE-4CB6-8F39-306EFDA8290C}" = Symantec Endpoint Protection
    "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
    "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
    "{D38D01CC-7008-508F-0745-04947C2988CA}" = ccc-utility64
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "CCleaner" = CCleaner
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "SynTPDeinstKey" = Synaptics TouchPad Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00F736A7-2915-B907-6852-C22AE26B0AE3}" = CCC Help Turkish
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{08523528-BA2F-43BB-87E3-252C081872B9}" = Catalyst Control Center - Branding
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0B58D833-75F4-C090-8EE9-90B4258AFCCE}" = CCC Help Spanish
    "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
    "{185F28C6-DD49-EC7C-0C45-86FF8E5F889E}" = CCC Help Chinese Standard
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{28EBE3D6-E19E-A379-1A57-3C943EA42ED1}" = CCC Help Korean
    "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
    "{2FAB38EA-03C9-0EBE-FC11-A2D410BDA043}" = CCC Help Thai
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
    "{372EEF0E-E0BB-5A83-B6D2-240565EA49D4}" = CCC Help Hungarian
    "{3AF1E9A8-F0F3-EFBF-490E-86EF65D17423}" = CCC Help Finnish
    "{3B79139F-B32F-90BD-55A5-3D90A6103280}" = CCC Help Polish
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
    "{422CB2BA-2A49-B156-D96C-5B1971DBFF2C}" = PX Profile Update
    "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
    "{55BF7E3E-F00A-4A3D-BB76-09228B35FFD6}" = ABN AMRO e.dentifier2 software
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{634C2D45-213A-83EB-13E2-A52BA1A563CF}" = CCC Help Norwegian
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{66B28B87-A380-6FAC-1B02-28811A20720E}" = Catalyst Control Center Localization All
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{76C3F186-207F-F256-DB4D-5DD6788D9B0F}" = CCC Help French
    "{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}" = Sonos Controller
    "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{83C62C1C-16E2-1C98-1285-224747627805}" = CCC Help Russian
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter
    "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{93C93773-67C9-A470-62AF-89147327F231}" = Catalyst Control Center Graphics Previews Common
    "{94105D6D-AD67-9461-91EE-15769FCA1D5F}" = Catalyst Control Center
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A16FBC35-85FA-8ECF-7F50-08E44240EFB0}" = CCC Help Italian
    "{A5786C70-F4E7-D626-F198-6E4F3F2C9B6C}" = CCC Help English
    "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
    "{A6C800F5-2520-4470-B095-DED0356B6081}" = CCC Help Dutch
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI
    "{B4B7A244-F67D-360B-F729-103EE74C7716}" = CCC Help Czech
    "{B7179DC8-238F-61BB-235E-3A2B7327341C}" = CCC Help Chinese Traditional
    "{BD192D48-A54C-A20B-A564-C1AF97B3F2D2}" = CCC Help Portuguese
    "{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
    "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
    "{C4A26385-AFBF-21B3-86E6-46CE855C23B7}" = Catalyst Control Center Profiles Mobile
    "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
    "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
    "{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
    "{DBFD2AA1-B1F5-4891-894E-F3E03B390922}" = HP Software Framework
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E2EE7F79-D8DD-A17E-863B-11993E01B2F0}" = CCC Help Swedish
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{E44578C7-4667-4124-8BC2-1161BCA54978}" = HP Power Manager
    "{E85BDDDE-75BE-A6C3-0794-C6D33C370E1F}" = CCC Help German
    "{E8DD3F2F-B625-7829-5E55-5B3126132F7D}" = CCC Help Danish
    "{E91C251F-F6B6-780E-D964-0C12DF734AA9}" = CCC Help Japanese
    "{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
    "{EB74204A-799E-86B1-8243-C9480060C180}" = CCC Help Greek
    "{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{FD4FF3E2-53A1-590A-AFFF-6106104B97CF}" = Catalyst Control Center InstallProxy
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
    "WinLiveSuite" = Windows Live Essentials

    ========== Last 20 Event Log Errors ==========[/color:2bdc8b2ce3]

    [ Application Events ]
    Error - 23-6-2012 10:17:13 | Computer Name = PPC-Martine-2 | Source = WinMgmt | ID = 10
    Description =

    Error - 23-6-2012 10:29:38 | Computer Name = PPC-Martine-2 | Source = MsiInstaller | ID = 10005
    Description =

    Error - 23-6-2012 10:34:12 | Computer Name = PPC-Martine-2 | Source = MsiInstaller | ID = 10005
    Description =

    Error - 23-6-2012 15:13:57 | Computer Name = PPC-Martine-2 | Source = WinMgmt | ID = 10
    Description =

    Error - 23-6-2012 15:40:27 | Computer Name = PPC-Martine-2 | Source = WinMgmt | ID = 10
    Description =

    Error - 23-6-2012 15:59:39 | Computer Name = PPC-Martine-2 | Source = WinMgmt | ID = 10
    Description =

    Error - 24-6-2012 7:00:49 | Computer Name = PPC-Martine-2 | Source = Microsoft-Windows-RestartManager | ID = 10007
    Description = Kan toepassing of service 'HPWMISVC' niet opnieuw starten.

    Error - 24-6-2012 7:06:44 | Computer Name = PPC-Martine-2 | Source = WinMgmt | ID = 10
    Description =

    Error - 24-6-2012 7:20:07 | Computer Name = PPC-Martine-2 | Source = Application Hang | ID = 1002
    Description = Het programma SonosDesktopController38.exe, versie 16.0.0.400 reageert
    niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over
    het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel
    Onderhoudscentrum in het Configuratiescherm. Proces-id: e60 Starttijd: 01cd51fab39a824e

    Eindtijd:
    16 Toepassingspad: C:\Users\Martine\Downloads\SonosDesktopController38.exe Rapport-id:


    Error - 24-6-2012 7:21:56 | Computer Name = PPC-Martine-2 | Source = WinMgmt | ID = 10
    Description =

    [ HP Software Framework Events ]
    Error - 10-11-2011 8:28:12 | Computer Name = A8PORRRMRJQBI | Source = CaslWmi | ID = 5
    Description = 2011-11-10 13:28:12.596|00000408|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
    occurred in querying WMI for WmiMonitorBrightness: 'Niet ondersteund '

    Error - 10-11-2011 8:28:12 | Computer Name = A8PORRRMRJQBI | Source = CaslWmi | ID = 5
    Description = 2011-11-10 13:28:12.955|00000408|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
    0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

    Error - 23-6-2012 7:50:25 | Computer Name = PPC-Martine-2 | Source = CaslWmi | ID = 5
    Description = 2012-06-23 13:50:25.638|00001364|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
    0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

    Error - 23-6-2012 7:50:26 | Computer Name = PPC-Martine-2 | Source = CaslSmBios | ID = 5
    Description = 2012-06-23 13:50:26.090|00001364|Error |[CaslWmi]CommandDiags::A{hpCasl.enReturnCode(System.DateTime&)}|Error
    attempting to parse year 0, month 0, day 0: Met de parameters voor jaar, maand
    en dag wordt een niet weer te geven DateTime beschreven.

    Error - 23-6-2012 7:50:27 | Computer Name = PPC-Martine-2 | Source = CaslWmi | ID = 5
    Description = 2012-06-23 13:50:27.712|00000844|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
    0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

    [ System Events ]
    Error - 23-6-2012 11:38:18 | Computer Name = PPC-Martine-2 | Source = Disk | ID = 262155
    Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR3.

    Error - 23-6-2012 15:11:34 | Computer Name = PPC-Martine-2 | Source = DCOM | ID = 10010
    Description =

    Error - 23-6-2012 15:13:55 | Computer Name = PPC-Martine-2 | Source = Service Control Manager | ID = 7023
    Description = De Windows Modules Installer-service is gestopt met de volgende foutcode:
    %%16405.

    Error - 23-6-2012 15:15:40 | Computer Name = PPC-Martine-2 | Source = Service Control Manager | ID = 7000
    Description = De HP Support Assistant Service-service kan vanwege de volgende fout
    niet worden gestart: %%2

    Error - 23-6-2012 15:42:22 | Computer Name = PPC-Martine-2 | Source = Service Control Manager | ID = 7000
    Description = De HP Support Assistant Service-service kan vanwege de volgende fout
    niet worden gestart: %%2

    Error - 23-6-2012 16:41:26 | Computer Name = PPC-Martine-2 | Source = Service Control Manager | ID = 7011
    Description = Time-out (30000 seconden) tijdens het wachten op een reactie op een
    transactie van deze service: HPWMISVC.

    Error - 23-6-2012 16:42:12 | Computer Name = PPC-Martine-2 | Source = Service Control Manager | ID = 7000
    Description = De HP Support Assistant Service-service kan vanwege de volgende fout
    niet worden gestart: %%2

    Error - 24-6-2012 5:45:25 | Computer Name = PPC-Martine-2 | Source = SCardSvr | ID = 610
    Description =

    Error - 24-6-2012 7:08:43 | Computer Name = PPC-Martine-2 | Source = Service Control Manager | ID = 7000
    Description = De HP Support Assistant Service-service kan vanwege de volgende fout
    niet worden gestart: %%2

    Error - 24-6-2012 7:23:54 | Computer Name = PPC-Martine-2 | Source = Service Control Manager | ID = 7000
    Description = De HP Support Assistant Service-service kan vanwege de volgende fout
    niet worden gestart: %%2


    < End of report >
  • Laat weten of onderstaande fix gewerkt heeft,

    [b:f0cca11a49]Sluit voordat OTL[/color:f0cca11a49] de fix laat doen, eerst alle andere openstaande vensters![/b:f0cca11a49]

    [list:f0cca11a49][*:f0cca11a49]Dubblklik op [img:f0cca11a49]http://www.imgdumper.nl/uploads5/4f91108799372/4f91108798ba0-OTL-1.png[/img:f0cca11a49]
    [*:f0cca11a49]Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het kader onder [img:f0cca11a49]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:f0cca11a49]

    [b:f0cca11a49]
    :OTL

    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe File not found

    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe
    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe
    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe
    PRC - [2010-04-23 13:00:00 | 000,514,232 | —- | M] (EasyBits Software AS) – C:\Windows\SysWOW64\ezSharedSvcHost.exe


    :Services


    :Reg


    :Files
    ipconfig /flushdns /c

    C:\Windows\SysWOW64\ezSharedSvcHost.exe

    :Commands
    [purity]
    [emptytemp]
    [emptyjava]
    [emptyflash]
    [createrestorepoint]
    [reboot][/color:f0cca11a49][/b:f0cca11a49]


    [*:f0cca11a49]Klik daarna bovenaan op [img:f0cca11a49]http://www.imgdumper.nl/uploads5/4f911cee9de47/4f911cee9da59-OTL-4.png[/img:f0cca11a49]
    [*:f0cca11a49]Laat het programma ongestoord zijn werk doen.
    [*:f0cca11a49][b:f0cca11a49]OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.[/b:f0cca11a49][/color:f0cca11a49]
    [*:f0cca11a49]Klik op [b:f0cca11a49]OK[/b:f0cca11a49]
    [*:f0cca11a49]Na het opnieuw opstarten wordt enkel een nieuw log geopend.
    [*:f0cca11a49]Post via kopiëren en plakken de inhoud van dat OTL-scanlog.[/list:u:f0cca11a49]
  • Alles succesvol uit kunnen voeren.
    Heb even met MSCONFIG gekeken en de sleutel is inderdaad verdwenen.
    Het gevraagde log.

    All processes killed
    ========== OTL ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Easybits Recovery deleted successfully.
    Process ezSharedSvcHost.exe killed successfully!
    No active process named ezSharedSvcHost.exe was found!
    No active process named ezSharedSvcHost.exe was found!
    No active process named ezSharedSvcHost.exe was found!
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    < ipconfig /flushdns /c >[/color:9940f4e4a2]
    Windows IP-configuratie
    De DNS-omzettingscache is leeggemaakt.
    C:\Users\Martine\Desktop\cmd.bat deleted successfully.
    C:\Users\Martine\Desktop\cmd.txt deleted successfully.
    C:\Windows\SysWOW64\ezSharedSvcHost.exe moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Martine
    ->Temp folder emptied: 251325923 bytes
    ->Temporary Internet Files folder emptied: 87516223 bytes
    ->Flash cache emptied: 913 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 394804 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 11671848 bytes

    Total Files Cleaned = 335,00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default

    User: Default User

    User: Martine

    User: Public

    Total Java Files Cleaned = 0,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Martine
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0,00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.53.0 log created on 06242012_153827

    Files\Folders moved on Reboot…
    C:\Users\Martine\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files…
    File C:\Users\Martine\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

    Registry entries deleted on Reboot…
  • Wat de rest betrof ziet het log er verder goed uit,
    Jouw Windows is ook ontdaan van behoorlijk wat rommel.

    Rest mij de vraag waarom er een bedrijfsantivusprogramma gebruikt wordt?
  • Dank voor je hulp.
    Met betrekking tot de bedrijfsantivirus, wij kunnen het Office pakket en anti virus software gebruiken als onderdeel van de licentieovereenkomst.
  • In je de PC privé gebruikt is een antivirus voor bedrijven defacto minder beveiligend dan een voor privé bedoelde antivirus!

    En we moeten nog opruimen,maar doe eerst het volgende: een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:d677d6ab40]Security Check[/color:d677d6ab40][/b:d677d6ab40].
    [list:d677d6ab40][*:d677d6ab40] Klik/dubbelklik op [b:d677d6ab40]SecurityCheck.exe[/b:d677d6ab40] en let op de instrukties in het zwarte venster.
    [*:d677d6ab40] Een Kladblok document genaamd [b:d677d6ab40]checkup.txt[/b:d677d6ab40] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:d677d6ab40] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:d677d6ab40]
    Post de inhoud van [b:d677d6ab40]checkup.txt [/b:d677d6ab40]in je volgende post.
  • Sorry voor de late reactie.
    Dacht dat we klaar waren…. :)

    De gevraagde informatie.

    Results of screen317's Security Check version 0.99.42
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:98be5d6f06][u:98be5d6f06]``````````````Antivirus/Firewall Check:``````````````[/b:98be5d6f06][/u:98be5d6f06]
    Symantec Endpoint Protection
    [size=1:98be5d6f06]WMI entry may not exist for antivirus; attempting automatic update.[/size:98be5d6f06]
    [b:98be5d6f06][u:98be5d6f06]`````````Anti-malware/Other Utilities Check:`````````[/b:98be5d6f06][/u:98be5d6f06]
    Adobe Flash Player 10 [b:98be5d6f06]Flash Player out of Date![/b:98be5d6f06][/color:98be5d6f06]
    Adobe Reader X (10.1.0)
    [b:98be5d6f06][u:98be5d6f06]````````Process Check: objlist.exe by Laurent````````[/b:98be5d6f06][/u:98be5d6f06]
    Norton ccSvcHst.exe
    [b:98be5d6f06][u:98be5d6f06]`````````````````System Health check`````````````````[/b:98be5d6f06][/u:98be5d6f06]
    Total Fragmentation on Drive C: 6%
    [b:98be5d6f06][u:98be5d6f06]````````````````````End of Log``````````````````````[/b:98be5d6f06][/u:98be5d6f06]

    EDIT.
    Het moet niet gekker worden. Ik zie dat de flash player out of date is!. Koop een PPC in juni 2012 en er staat nog een flash versie van 2011 op……. :evil:

    Heb een update uitgevoerd.
    Nieuwe log.
    Results of screen317's Security Check version 0.99.42
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:98be5d6f06][u:98be5d6f06]``````````````Antivirus/Firewall Check:``````````````[/b:98be5d6f06][/u:98be5d6f06]
    Symantec Endpoint Protection
    [size=1:98be5d6f06]WMI entry may not exist for antivirus; attempting automatic update.[/size:98be5d6f06]
    [b:98be5d6f06][u:98be5d6f06]`````````Anti-malware/Other Utilities Check:`````````[/b:98be5d6f06][/u:98be5d6f06]
    Adobe Reader X (10.1.0)
    [b:98be5d6f06][u:98be5d6f06]````````Process Check: objlist.exe by Laurent````````[/b:98be5d6f06][/u:98be5d6f06]
    Norton ccSvcHst.exe
    [b:98be5d6f06][u:98be5d6f06]`````````````````System Health check`````````````````[/b:98be5d6f06][/u:98be5d6f06]
    Total Fragmentation on Drive C: 6%
    [b:98be5d6f06][u:98be5d6f06]````````````````````End of Log``````````````````````[/b:98be5d6f06][/u:98be5d6f06]
  • Is IE9 jouw webbrowser oof gebruik je standaard bijv. Chrome?

    En de Adobe Reader moet ook nodig ge-updated worden!

    [b:7eb49fa7cf]Adobe Reader updaten:[/b:7eb49fa7cf]

    dat doe je door in de menubalk van Adobe Reader op de knop [b:7eb49fa7cf]Help[/b:7eb49fa7cf] te klikken
    en vervolgens in het uitklapmenu op [b:7eb49fa7cf]Controleren op updates…[/b:7eb49fa7cf] te klikken.

    De updater zal dan aktief worden, let op meldingen.
    Is er een update beschikbaar, geef akkoord en wacht verdere meldingen in de systray af.

    N.B. - zorg er wel voor dat Adobe Reader afgesloten is indien de update wordt geïnstalleerd.
  • Hallo, dank voor je tips.
    Ik heb adobe geupdated.
    Ik gebruik standaard ie9. Heb nooit zo nagedacht over een alternatief.
    Is Chrome beter?
    Het log
    Results of screen317's Security Check version 0.99.42
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:55ff23018e][u:55ff23018e]``````````````Antivirus/Firewall Check:``````````````[/b:55ff23018e][/u:55ff23018e]
    [b:55ff23018e]Windows Security Center service is not running! This report may not be accurate![/b:55ff23018e][/color:55ff23018e]
    Symantec Endpoint Protection
    [size=1:55ff23018e]WMI entry may not exist for antivirus; attempting automatic update.[/size:55ff23018e]
    [b:55ff23018e][u:55ff23018e]`````````Anti-malware/Other Utilities Check:`````````[/b:55ff23018e][/u:55ff23018e]
    Adobe Reader X (10.1.3)
    [b:55ff23018e][u:55ff23018e]````````Process Check: objlist.exe by Laurent````````[/b:55ff23018e][/u:55ff23018e]
    Norton ccSvcHst.exe
    [b:55ff23018e][u:55ff23018e]`````````````````System Health check`````````````````[/b:55ff23018e][/u:55ff23018e]
    Total Fragmentation on Drive C: 6%
    [b:55ff23018e][u:55ff23018e]````````````````````End of Log``````````````````````[/b:55ff23018e][/u:55ff23018e]

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.