Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TrojanDownloader:Java/OpenStream.AX

Started by Sander93USA , May 16 2011 01:00 PM

  • Please log in to reply

#1
Sander93USA
Posted 16 May 2011 - 01:00 PM

Sander93USA

    New Member

  • Member
  • Pip
  • 1 posts
Could some please help me get rid of this trojan (TrojanDownloader:Java/OpenStream.AX)? I use Microsoft Security Essentials (MSE) on Windows 7 and it claims to have removed the trojan six times already just today. When I check out the history in MSE, the first time the trojan popped up was yesterday at 2am. I have downloaded the latest definitions updates and tried scanning my entire PC several times but that didn't help. I first noticed something was wrong when Windows Back-Up couldn't complete, giving error code 0x81000037. "Windows Backup failed while trying to read from the shadow copy on one of the volumes being backed up. Please check in the event logs for any relevant errors." My documents and photos etc. are on my D-drive, my Windows-install is on C and back-up is on G. Please help me. I would really appreciate it.

OTL logfile created on: 16-5-2011 20:49:45 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sander\Downloads\New Files
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 34,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,33 Gb Total Space | 28,62 Gb Free Space | 37,49% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 254,41 Gb Free Space | 54,62% Space Free | Partition Type: NTFS
Drive G: | 186,31 Gb Total Space | 54,73 Gb Free Space | 29,38% Space Free | Partition Type: NTFS

Computer Name: SANDER-PC | User Name: Sander | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-05-16 20:48:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sander\Downloads\New Files\OTL.exe
PRC - [2011-05-16 17:34:46 | 005,242,768 | ---- | M] (Spotify Ltd) -- C:\Program Files\Spotify\spotify.exe
PRC - [2011-05-01 09:09:30 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Sander\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-12-28 16:01:56 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Sander\Program Files\DNA\btdna.exe
PRC - [2010-12-27 16:04:22 | 001,044,648 | ---- | M] () -- C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
PRC - [2010-11-30 14:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010-11-11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010-11-09 22:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010-10-29 01:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010-10-16 13:42:12 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010-10-16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010-03-16 03:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2009-12-09 23:12:50 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\SITECOM\300N X2 USB Wireless LAN Utility\RtWLan.exe
PRC - [2009-12-07 14:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files\SITECOM\300N X2 USB Wireless LAN Utility\RtlService.exe
PRC - [2009-04-07 10:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe


========== Modules (SafeList) ==========

MOD - [2011-05-16 20:48:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Sander\Downloads\New Files\OTL.exe
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011-01-24 14:53:42 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-12-28 15:35:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-11-11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010-11-11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010-10-28 12:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010-10-16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009-12-07 14:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\SITECOM\300N X2 USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-04-07 10:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Running] -- -- (MpKsl7f22e9b6)
DRV - [2011-05-16 19:02:44 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5971703A-47F2-47F4-9DDE-18D2304702E7}\MpKsl45bde0cd.sys -- (MpKsl45bde0cd)
DRV - [2011-02-23 08:27:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-11-25 07:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-10-24 22:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010-10-24 22:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010-08-24 19:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010-08-24 19:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010-08-24 19:30:40 | 000,040,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2010-08-24 19:30:40 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2009-04-07 10:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008-07-22 08:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005-10-20 16:00:04 | 000,243,328 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT2500.sys -- (RT2500)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook....home.php?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A 70 49 07 7A E5 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Sander\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Verzenden naar OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-05-16 10:23:27 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{9ABC5B62-EB59-4CCB-A965-9106C8BBCEEF}
[2011-05-15 11:39:03 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{BBF327D8-5BFF-4FD7-A765-A713EA9214A8}
[2011-05-14 23:29:59 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{BAADD6FC-66E1-42E2-9939-20FE6BB7D2A5}
[2011-05-14 19:42:05 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
[2011-05-14 11:29:35 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{B684228C-871D-4639-B495-DB67CBA7C63D}
[2011-05-13 11:43:08 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{0895711B-BFE5-441E-8986-A403A3C9FF96}
[2011-05-12 11:57:52 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{1C8A02CD-92E2-4B7B-9689-39380607B48B}
[2011-05-11 23:53:06 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{FDB338A2-C0D8-4605-9661-9E34472461B4}
[2011-05-11 10:57:22 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{BC62ECC1-3BFE-4823-AD2B-E896DCA8BBC0}
[2011-05-10 11:41:48 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{D5AC2F9C-93B6-4554-A815-AD0B071FCA0A}
[2011-05-09 23:41:24 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{826D2B55-7A6A-4190-8DB9-1143555B2EA3}
[2011-05-09 20:38:21 | 000,000,000 | ---D | C] -- C:\Users\Sander\Documents\Any Video Converter
[2011-05-09 20:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011-05-09 20:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2011-05-09 17:19:05 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Roaming\Youtube Downloader HD
[2011-05-09 11:40:51 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{FAB643EF-64F2-4DBB-B113-EA9B06C0C028}
[2011-05-08 23:04:09 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{7397320F-F2B5-498D-A80B-210F6947DCD9}
[2011-05-08 10:30:56 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{50472F83-E65A-4B38-B294-D0C1B9CB552F}
[2011-05-07 11:54:37 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{C5623D1A-D43E-4BB8-8334-A593F1D4FB61}
[2011-05-06 11:49:46 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{A13FC1DE-6C31-4ECC-8C23-7840E182B8D7}
[2011-05-05 11:34:54 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{3EB6C7A6-EFD7-44E6-B4E7-13A5FE08F2FC}
[2011-05-04 23:34:19 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{829D1A5A-2C9C-4CA8-B380-336A1CF8795E}
[2011-05-04 11:33:42 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{FA63CDC5-2104-4ADB-9A3B-1A568A314605}
[2011-05-03 22:55:33 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{8972021C-0212-4331-A4A0-65D0223DBA03}
[2011-05-03 07:22:31 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{E74ED15E-9968-436F-A29F-85976EF3FC73}
[2011-05-02 13:26:40 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{D25B0EC5-96DC-4D4C-A22C-DB9F4B586EE9}
[2011-05-02 01:26:05 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{B3555EFB-4283-42E0-A09B-6A505943CDC9}
[2011-05-01 13:25:30 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{8F985F22-FA24-446D-9904-FF4B8AC49745}
[2011-05-01 00:14:39 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{3C469157-1989-4061-857D-568ED9DC0713}
[2011-04-30 11:39:18 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{609BCAD8-D754-424E-BCB1-4DB88A27F55A}
[2011-04-29 09:15:46 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{FD2B16CB-AAC5-4777-969E-29A60635DD47}
[2011-04-28 14:30:19 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{5A0F9B84-0E60-49CA-ACE3-6AC78DB48AA3}
[2011-04-27 10:55:26 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{25D8A255-7FE9-4DEA-AE33-46F9B3E0B0B9}
[2011-04-25 18:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2011-04-25 18:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2011-04-25 10:29:06 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{1F3AED83-B7FA-4B43-9C3D-64E0773D8EF5}
[2011-04-24 22:14:46 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{FCD12B59-E636-47B3-B896-00F45BF7773E}
[2011-04-24 10:14:23 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{7E9A9663-5083-4219-9119-D096E0FD9112}
[2011-04-23 12:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011-04-23 12:09:39 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{5ECF2A2D-A2A1-4DE5-ACB3-A1CD3044F8FC}
[2011-04-22 23:25:14 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{FF6B4749-013F-45FF-983C-DDC88E48AC21}
[2011-04-22 10:30:39 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{BFB06B76-7A42-48D7-98BD-BEA133D28BE8}
[2011-04-21 22:30:15 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{FCEDAEE4-3366-46D2-A60E-532141EF87FF}
[2011-04-21 13:43:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
[2011-04-21 13:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2011-04-21 10:03:39 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{0061C443-0938-4620-A571-E513D56A0261}
[2011-04-20 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011-04-20 22:27:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2011-04-20 22:22:41 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Roaming\DAEMON Tools Lite
[2011-04-20 22:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011-04-20 10:58:02 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{9AB7F842-0B92-4658-B087-B594EA643904}
[2011-04-19 22:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011-04-19 22:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011-04-19 22:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011-04-19 22:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011-04-19 22:43:46 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{F24D3BA6-53F8-4608-B7C0-7FCA300C0721}
[2011-04-19 09:59:12 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{8319CD65-2863-44EB-83A6-BA4064922753}
[2011-04-18 13:51:22 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{18AE1B25-5B82-4866-B291-23A9D36B01B5}
[2011-04-18 00:21:42 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{5A4BA7CD-FF15-4348-B6C6-677B9240F2AF}
[2011-04-17 12:21:18 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{4425DA62-0692-4DC4-9EAD-6FB4AE979498}
[2011-04-16 23:55:09 | 000,000,000 | ---D | C] -- C:\Users\Sander\AppData\Local\{F70B313C-68C4-4A94-8267-7D2BA6C812FC}

========== Files - Modified Within 30 Days ==========

[2011-05-16 20:51:59 | 000,025,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-05-16 20:51:59 | 000,025,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-05-16 20:14:02 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551768832-1296520629-391810001-1000UA.job
[2011-05-16 18:40:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-05-16 18:40:47 | 2616,745,984 | -HS- | M] () -- C:\hiberfil.sys
[2011-05-16 09:14:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3551768832-1296520629-391810001-1000Core.job
[2011-05-12 12:29:11 | 000,617,910 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-05-12 12:29:11 | 000,107,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-04-21 13:51:07 | 000,001,414 | ---- | M] () -- C:\Users\Sander\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011-04-21 13:47:54 | 000,409,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-04-21 13:41:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

========== Files Created - No Company Name ==========

[2011-04-21 13:41:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011-03-11 01:48:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-02-20 18:24:30 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010-12-29 14:40:30 | 000,004,608 | ---- | C] () -- C:\Users\Sander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-28 15:02:25 | 000,001,155 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2010-12-28 13:43:51 | 000,007,597 | ---- | C] () -- C:\Users\Sander\AppData\Local\Resmon.ResmonCfg
[2010-12-28 13:03:42 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010-12-28 13:03:42 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 06:33:53 | 000,409,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 04:05:48 | 000,617,910 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 04:05:48 | 000,107,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007-10-25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

========== LOP Check ==========

[2010-12-28 13:25:03 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\AnvSoft
[2011-01-28 22:00:25 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\Audacity
[2011-05-14 22:45:54 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\BitTorrent
[2011-04-20 22:33:21 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\DAEMON Tools Lite
[2010-12-28 12:09:11 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\DisplayFusion
[2011-05-16 20:51:47 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\DNA
[2010-12-29 23:09:59 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\Leadertech
[2010-12-28 21:15:44 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\Mp3tag
[2010-12-28 13:03:06 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\Samsung
[2011-05-16 19:09:40 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\Spotify
[2011-05-09 17:31:27 | 000,000,000 | ---D | M] -- C:\Users\Sander\AppData\Roaming\Youtube Downloader HD
[2009-07-14 06:53:46 | 000,008,954 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 16-5-2011 20:49:45 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Sander\Downloads\New Files
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 34,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 76,33 Gb Total Space | 28,62 Gb Free Space | 37,49% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 254,41 Gb Free Space | 54,62% Space Free | Partition Type: NTFS
Drive G: | 186,31 Gb Total Space | 54,73 Gb Free Space | 29,38% Space Free | Partition Type: NTFS

Computer Name: SANDER-PC | User Name: Sander | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DDC3BED-CC68-44AA-B435-D727B620CA5B}" = Linksys Wireless-G PCI Adapter
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AB36A6C-27A8-4CB1-89A1-9D05F3F16625}" = Mobile Mouse Server
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7C4C5B40-43E1-4890-AD50-E1E8F8446D5F}" = Microsoft Antimalware Service NL-NL Language Pack
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client NL-NL Language Pack
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
"{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
"{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
"{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
"{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
"{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
"{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010
"{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
"{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
"{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96056420-DDF3-46A7-AA8D-BC2D1AE5290B}" = Microsoft IntelliType Pro 8.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = Sitecom 300N X2 USB Wireless LAN Driver and Utility
"{A39FD4D2-002C-49F9-A13D-C15BC435D92E}" = Microsoft Antimalware Service NL-NL Language Pack
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1043-7B44-A94000000001}" = Adobe Reader 9.4.4 - Nederlands
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Any Video Converter_is1" = Any Video Converter 3.2.3
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 3.2.0
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"Microsoft Security Client" = Microsoft Security Essentials
"Mp3tag" = Mp3tag v2.47b
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.92
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"sp6" = Logitech SetPoint 6.20
"Spotify" = Spotify
"Veetle TV" = Veetle TV 0.9.18
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"Google Chrome SxS" = Google Chrome Canary

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14-5-2011 14:01:30 | Computer Name = Sander-PC | Source = Chrome | ID = 1
Description =

Error - 14-5-2011 20:14:36 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

Error - 15-5-2011 20:11:15 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

Error - 16-5-2011 11:37:47 | Computer Name = Sander-PC | Source = Chrome | ID = 1
Description =

Error - 16-5-2011 11:44:28 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

Error - 16-5-2011 12:03:04 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

Error - 16-5-2011 12:36:41 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

Error - 16-5-2011 13:00:23 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

Error - 16-5-2011 14:38:32 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

Error - 16-5-2011 14:54:53 | Computer Name = Sander-PC | Source = Windows Backup | ID = 4104
Description =

[ System Events ]
Error - 16-5-2011 14:47:17 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:47:18 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:47:22 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:47:24 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:47:25 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:47:27 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:49:02 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:49:03 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:49:05 | Computer Name = Sander-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk2\DR2, has a bad block.

Error - 16-5-2011 14:50:19 | Computer Name = Sander-PC | Source = VDS Basic Provider | ID = 33554433
Description =


< End of report >

Edited by Sander93USA, 16 May 2011 - 01:01 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP