Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cannot connect to internet


  • Please log in to reply

#1
Boffo

Boffo

    New Member

  • Member
  • Pip
  • 1 posts
Hello Geeks

Could you help me out with my problem. I have the laptop of a friends son which was pretty messed up (laptop and son) to summarise the status what I have done:
It had multiple antivirus programmes installed, Norton and Avira, and a fake anti-virus, (win something or other) which malwarebytes seems to have gotten rid of. Both antivirus programmes have been removed, the Norton removal tool run, and avast installed.
It also had babylon and sweetIM type infections that a combination of adwcleaner and junkware removal tool have hopefully dealt with, and several P2P programmes. Not all of the P2P programmes are gone yet but they are not in use.
Windows was hopelessly out of date, SP1 and Sp2 have now been installed.

There were 2 registry cleaners installed + java. I have removed these + some other programs to create some disc space.

The only real noticeable problem that remains is the Laptop will not connect to the internet via wifi, it will connect with a cable.
I get an unidentified network local access only message and every fix I can find on google, including the Fix-It and minitoolbox, does not resolve the problem.

Maybe there are some norton leftovers or still some infections? I am at a loss!
Would you please look through the logs to see if they show anything or give some advise. I think the registry must be broken.

Edit

I have fixed the wifi problem. It turns out it was just a driver problem; the driver from the manufacturers website was out of date, I found a more recent one from Levono, installed it and bingo!
Sorry if I have wasted anyones time when they could have been helping someone else.

Boffo.
OTL logfile created on: 20-5-2013 0:04:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wesley\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,49 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 42,03% Memory free
3,23 Gb Paging File | 2,28 Gb Available in Paging File | 70,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42,28 Gb Total Space | 7,41 Gb Free Space | 17,54% Space Free | Partition Type: NTFS
Drive D: | 22,49 Gb Total Space | 12,94 Gb Free Space | 57,53% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_WESLEY | User Name: Wesley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-05-20 00:03:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wesley\Downloads\OTL.exe
PRC - [2013-05-17 23:19:40 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Wesley\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013-04-09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013-04-02 03:01:48 | 000,240,264 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.EXE
PRC - [2009-04-10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007-07-06 05:06:00 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-02-13 07:26:50 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2006-11-24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe


========== Modules (No Company Name) ==========

MOD - [2013-05-18 11:47:51 | 013,136,776 | ---- | M] () -- C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
MOD - [2013-04-09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013-04-09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013-04-09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Windows\system32\wbengine.exe -- (wbengine)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Planner voor Automatische LiveUpdate)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus®
SRV - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013-04-02 03:01:48 | 000,240,264 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013-04-02 03:01:48 | 000,193,672 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.233.0\BBSvc.EXE -- (BBSvc)
SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-02-13 07:26:50 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2006-11-24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Wesley\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013-05-09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013-05-09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013-05-09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013-05-09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013-05-09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013-05-09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013-05-09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013-05-09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013-03-07 13:37:06 | 000,015,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2013-03-07 13:36:54 | 000,010,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2008-01-11 15:24:24 | 000,100,608 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2008-01-11 15:24:24 | 000,100,608 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2008-01-11 15:24:24 | 000,100,608 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2007-07-30 22:13:10 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007-06-14 04:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007-01-30 07:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006-12-07 19:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006-11-02 15:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2005-08-17 08:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005-08-17 08:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005-08-17 08:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 75 57 9F 6E 87 54 CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {F9C7757C-F587-4F6E-83D2-F01AA34E3DDB}
IE - HKCU\..\SearchScopes\{F9C7757C-F587-4F6E-83D2-F01AA34E3DDB}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)


[2009-12-26 20:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\mozilla\Extensions
[2009-12-26 20:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\mozilla\Extensions\[email protected]
[2009-04-16 20:00:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\mozilla\Extensions\[email protected]
[2013-03-02 21:18:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wesley\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions
[2013-03-02 21:18:51 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Wesley\AppData\Roaming\mozilla\firefox\profiles\0\extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Google Documenten = C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Zoeken = C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013-05-17 23:13:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - D:\Program Files\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll File not found
O3 - HKLM\..\Toolbar: (InternetDownloadToolBar) - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - D:\Program Files\E-Zsoft\YouTubeDownloader\IDTB.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" File not found
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D94FA8B-B979-422A-8151-E61D0CD54941}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBC04654-D397-4C92-86D2-DDA0C283142F}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBC04654-D397-4C92-86D2-DDA0C283142F}: NameServer = 8.8.8.8,8.8.4.4
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Wesley\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Wesley\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-05-19 22:15:12 | 000,743,424 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys
[2013-05-19 22:15:12 | 000,743,424 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys
[2013-05-19 21:25:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator
[2013-05-19 21:25:34 | 000,000,000 | ---D | C] -- C:\Users\Wesley\AppData\Roaming\Easeware
[2013-05-19 21:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
[2013-05-19 21:07:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\nn-NO
[2013-05-19 21:07:41 | 000,397,312 | ---- | C] (Atheros) -- C:\Windows\System32\athihvs.dll
[2013-05-19 21:07:41 | 000,061,440 | ---- | C] (Atheros) -- C:\Windows\System32\athihvui.dll
[2013-05-19 21:07:11 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros
[2013-05-19 16:13:49 | 000,000,000 | ---D | C] -- C:\SWSetup
[2013-05-19 15:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
[2013-05-19 14:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 7.8
[2013-05-19 14:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\MiniTool Partition Wizard Home Edition 7.8
[2013-05-19 13:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2013-05-19 13:21:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2013-05-19 03:15:33 | 000,000,000 | ---D | C] -- C:\Users\Wesley\AppData\Local\Windows Live
[2013-05-18 23:48:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2013-05-18 23:48:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2013-05-18 23:48:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2013-05-18 23:40:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013-05-18 22:59:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013-05-18 20:20:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013-05-18 15:41:19 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013-05-18 01:59:16 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2013-05-17 23:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013-05-17 23:36:25 | 000,368,944 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013-05-17 23:36:25 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013-05-17 23:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013-05-17 23:36:23 | 000,049,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013-05-17 23:36:22 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013-05-17 23:36:20 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013-05-17 23:36:18 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013-05-17 23:36:17 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013-05-17 23:35:03 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-05-17 23:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013-05-17 23:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013-05-17 23:16:52 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-05-17 23:16:52 | 000,000,000 | ---D | C] -- C:\Users\Wesley\AppData\Local\temp
[2013-05-17 22:58:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013-05-17 20:53:03 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2013-05-17 20:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013-05-17 20:05:36 | 000,000,000 | ---D | C] -- C:\OEM
[2013-05-17 20:05:04 | 000,000,000 | ---D | C] -- C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acer
[2013-05-16 23:48:27 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013-05-16 23:10:44 | 000,000,000 | ---D | C] -- C:\Users\Wesley\AppData\Roaming\Malwarebytes
[2013-05-16 23:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-05-16 22:51:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2013-05-16 22:51:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013-05-16 22:31:46 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

========== Files - Modified Within 30 Days ==========

[2013-05-19 23:51:01 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-19 23:51:01 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-19 23:29:01 | 000,677,188 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2013-05-19 23:29:00 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-05-19 23:29:00 | 000,130,186 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2013-05-19 23:29:00 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-05-19 23:23:39 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-05-19 23:23:39 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-05-19 23:23:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-05-19 23:03:38 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2013-05-19 21:25:35 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\DriverNavigator.lnk
[2013-05-19 14:07:09 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2013-05-19 13:32:22 | 000,000,947 | ---- | M] () -- C:\Users\Wesley\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013-05-19 13:28:23 | 000,348,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-05-19 13:20:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2013-05-19 13:20:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2013-05-19 13:17:45 | 000,000,870 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013-05-19 02:25:11 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2013-05-19 02:25:11 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2013-05-19 02:24:54 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013-05-18 23:46:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2013-05-18 23:46:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013-05-18 21:18:51 | 000,002,473 | ---- | M] () -- C:\Users\Wesley\Desktop\Microsoft Office Word 2003.lnk
[2013-05-18 14:23:03 | 000,131,072 | ---- | M] () -- C:\Windows\SPInstall.etl
[2013-05-18 02:16:10 | 000,001,999 | ---- | M] () -- C:\Users\Wesley\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-05-18 01:38:27 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2013-05-18 01:38:21 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2013-05-17 23:38:09 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-05-17 23:36:26 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-05-17 23:36:18 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013-05-17 23:13:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013-05-17 22:03:50 | 000,000,000 | ---- | M] () -- C:\Users\Wesley\ipconfig
[2013-05-17 21:52:18 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013-05-17 21:52:18 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2013-05-16 23:04:38 | 000,000,097 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013-05-16 22:46:33 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013-05-09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013-05-09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013-05-09 10:59:10 | 000,174,664 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013-05-09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013-05-09 10:59:10 | 000,049,376 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013-05-09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013-05-09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2013-05-09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013-05-09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013-05-09 10:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

========== Files Created - No Company Name ==========

[2013-05-19 22:15:13 | 000,092,917 | ---- | C] () -- C:\Windows\System32\netathr.inf
[2013-05-19 22:15:13 | 000,030,696 | ---- | C] () -- C:\Windows\System32\athrext.cat
[2013-05-19 22:15:13 | 000,024,576 | ---- | C] () -- C:\Windows\System32\PressCancel.exe
[2013-05-19 22:15:13 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\Desktop_.ini
[2013-05-19 21:25:39 | 000,000,438 | ---- | C] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2013-05-19 21:25:35 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\DriverNavigator.lnk
[2013-05-19 14:07:32 | 002,888,384 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2013-05-19 14:07:31 | 000,015,576 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2013-05-19 14:07:13 | 000,010,200 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2013-05-19 14:07:09 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2013-05-19 13:20:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2013-05-19 13:20:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2013-05-19 02:24:54 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013-05-19 02:03:36 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013-05-19 02:03:36 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013-05-19 01:57:38 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2013-05-19 01:57:38 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2013-05-19 01:57:38 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2013-05-18 23:46:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2013-05-18 23:46:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013-05-18 23:06:58 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2013-05-18 23:06:52 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2013-05-18 23:06:52 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2013-05-18 23:06:29 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2013-05-18 23:06:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2013-05-18 23:06:19 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2013-05-18 23:04:54 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2013-05-18 23:04:46 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013-05-18 23:03:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013-05-18 23:03:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013-05-18 23:03:39 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2013-05-18 23:03:37 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2013-05-18 23:03:29 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013-05-18 13:51:56 | 000,131,072 | ---- | C] () -- C:\Windows\SPInstall.etl
[2013-05-18 02:16:10 | 000,000,953 | ---- | C] () -- C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013-05-18 01:00:57 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2013-05-18 01:00:53 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2013-05-18 01:00:46 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2013-05-17 23:38:09 | 000,001,999 | ---- | C] () -- C:\Users\Wesley\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013-05-17 23:38:09 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-05-17 23:36:42 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-17 23:36:38 | 000,001,040 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-17 23:36:26 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013-05-17 23:36:19 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013-05-17 23:36:19 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013-05-17 22:59:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-05-17 22:03:50 | 000,000,000 | ---- | C] () -- C:\Users\Wesley\ipconfig
[2013-05-16 23:04:23 | 000,000,097 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013-05-16 21:28:35 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013-05-16 21:28:35 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2009-08-03 11:49:04 | 000,139,152 | ---- | C] () -- C:\Users\Wesley\AppData\Roaming\PnkBstrK.sys
[2009-01-10 23:38:33 | 000,000,680 | ---- | C] () -- C:\Users\Wesley\AppData\Local\d3d9caps.dat
[2008-05-16 14:26:49 | 000,002,763 | ---- | C] () -- C:\Users\Wesley\READ.html
[2008-03-02 13:57:29 | 000,017,920 | ---- | C] () -- C:\Users\Wesley\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006-11-02 14:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008-05-16 14:58:38 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\Anvil Studio
[2013-05-19 21:25:34 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\Easeware
[2010-01-13 17:06:16 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\EPSON
[2012-01-02 00:23:03 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\FrostWire
[2009-12-28 22:24:05 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\IMVU
[2009-12-26 20:45:24 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\IMVUClient
[2012-08-23 15:12:37 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\MixVibes
[2013-05-16 20:35:11 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\Nico Mak Computing
[2010-11-13 14:08:36 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\SynthMaker
[2009-01-06 21:00:24 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\TAC
[2013-05-17 00:34:11 | 000,000,000 | ---D | M] -- C:\Users\Wesley\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:3E7393FC
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:D8E70C5D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:677C1289
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:417F5F46

< End of report >


OTL Extras logfile created on: 20-5-2013 0:04:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wesley\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,49 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 42,03% Memory free
3,23 Gb Paging File | 2,28 Gb Available in Paging File | 70,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 42,28 Gb Total Space | 7,41 Gb Free Space | 17,54% Space Free | Partition Type: NTFS
Drive D: | 22,49 Gb Total Space | 12,94 Gb Free Space | 57,53% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_WESLEY | User Name: Wesley | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OtsMedia.Surf] -- "C:\OtsLabs\OTSPLAY.EXE" "%1" /play /surf
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C3F37D-A8F6-46E0-B202-E46ABE8E88AF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{137D36A6-1666-439A-B89E-DD877467633F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A57B5D7-B77D-452D-A089-1B07941B3AE0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{263826F0-C4FE-48CF-8C42-F0EFEBF2A957}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A12BCED-1D1F-458F-97E0-AAA5B27321DD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3160DAF0-C8B6-4516-AC1B-8334E4572973}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{34E47905-4AB3-4197-85D7-EB6E6D7B5859}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4B121013-D4D3-44F1-8A40-8DF8243FD609}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{519FA5B1-4C87-49FF-8448-BF92C1B52753}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{61B7BEAD-20F6-417C-ABCF-21C76461D54B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C3AE30C-E2C5-447A-8D47-3B4CE120675E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{857256C5-8A87-407C-A9A2-FABB2B89AD6C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9430C236-FAA3-4AB3-8A08-D6E443821F64}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A6AA167F-3F0E-46F3-AF89-976E6D9A4BFE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C907B231-E917-425F-8FF0-A608A0921DC4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DE8F8429-4350-42FF-802B-55E174745A2A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5E26063-7006-4B06-A0AC-6FC86B1F4E26}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1807FE59-6022-41F2-B43A-C60A43833382}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C73D291-ECD0-4F7E-854E-159CA86EFA78}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{323EB9EC-9065-4176-A3AA-4273EAF04786}" = protocol=6 | dir=in | app=c:\users\wesley\appdata\local\temp\7zsdc79.tmp\symnrt.exe |
"{41DC64C0-CE9C-4EAD-8F0E-328572047E08}" = protocol=6 | dir=in | app=c:\users\wesley\appdata\local\temp\7zs7742.tmp\symnrt.exe |
"{4B15B716-0EBA-4C68-AA15-1B8716C4B28E}" = protocol=6 | dir=out | app=system |
"{59B03344-83E3-4D18-8194-C7EDF0691B4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5E220EC6-0064-40E9-B135-CDCE91534CE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{61763F21-5FB4-4AD1-B375-9C15AC454221}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68B01C8E-967E-4D3F-85A6-1E88B8BA2DF1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{76C103C5-56B1-4E19-ACE9-651E0652953C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A6B8244-214F-491B-9C1B-68EAAD27CD20}" = protocol=17 | dir=in | app=c:\users\wesley\appdata\local\temp\7zsdc79.tmp\symnrt.exe |
"{7EB9F2B2-4DE3-41E4-94CB-CA7AA22F127E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85CA6347-75C8-4B04-8C97-B1370C0E2F32}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{8614488D-A897-4666-B43E-6EE4AB153A05}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BB09EC5F-B756-4E84-B096-0F36748DCB7E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C03A5DEE-8FD6-4774-BE19-9C68DA560BDC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC4B98E0-9768-49AA-9C0A-E1A73C13AEAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCF77E6A-0684-4049-AB92-9EE9228199CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E0EEAAC7-3B72-46CA-BA4A-8514B6562D3A}" = protocol=17 | dir=in | app=c:\users\wesley\appdata\local\temp\7zs7742.tmp\symnrt.exe |
"TCP Query User{23069A11-66AE-4B7C-A0CB-19B57A3EDF05}D:\program files\bittorrent.exe" = protocol=6 | dir=in | app=d:\program files\bittorrent.exe |
"TCP Query User{A1902FF5-47A4-4470-884D-15DF8F1A7BC5}D:\program files\frostwire 5\frostwire.exe" = protocol=6 | dir=in | app=d:\program files\frostwire 5\frostwire.exe |
"TCP Query User{BCB9F627-45AC-4FD9-BE3F-8F3114C254BC}D:\program files\frostwire 5\frostwire.exe" = protocol=6 | dir=in | app=d:\program files\frostwire 5\frostwire.exe |
"TCP Query User{F9F5BD0F-5EB2-4637-BF66-F260BCB30449}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"UDP Query User{000612CA-FA98-4B67-B4A7-744A96C3742D}D:\program files\frostwire 5\frostwire.exe" = protocol=17 | dir=in | app=d:\program files\frostwire 5\frostwire.exe |
"UDP Query User{3F26EEA8-6F1E-4366-8F92-BB4767C10BE1}C:\program files\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"UDP Query User{56069ECC-72C4-4A5E-AA01-3551DFAE819B}D:\program files\frostwire 5\frostwire.exe" = protocol=17 | dir=in | app=d:\program files\frostwire 5\frostwire.exe |
"UDP Query User{BA1164DE-0238-49E3-AB8F-57CAB3F45BBC}D:\program files\bittorrent.exe" = protocol=17 | dir=in | app=d:\program files\bittorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.8
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{15D66C69-0C1F-48B9-B6AA-FFA64F772995}" = EPN werkboek-i Getal en Ruimte/1 havo vwo
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1BD6AE96-4742-4498-9D03-9451C7E5A214}" = Windows Live aanmeldhulp
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live - Hulpprogramma voor uploaden
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros for Acer Driver v7.3.1.73_Foxconn Installation Program
"{2869F5EA-93C3-48E5-80DF-DB696BC84A91}" = Windows Live Mail
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32061277-9F45-4C3B-8299-D106D5A502ED}" = Windows Live Movie Maker
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}" = Windows Live Photo Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72199E33-4F2A-4B7F-8E25-95DDDD50A678}" = Acer System Information
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_HOMESTUDENTR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Hi Online
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A2A0A82F-025F-458d-A0CD-9BB2320804B5}" = Microsoft Works
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{CC38A00D-7EED-46CE-9281-D1D97B81F22A}" = Windows Live Messenger
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}" = Windows Live Sync
"{E461E45A-2B48-42FA-90E1-6F36D85DF101}" = Bing Bar
"{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}" = Windows Live Essentials
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC2B7127-DE13-4E0C-8137-A3658B7FDE54}" = Samsung PC Studio
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Shockwave Player" = Adobe Shockwave Player
"ASIO4ALL" = ASIO4ALL
"AsUninst.exe" = Anvil Studio
"avast" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"DriverNavigator_is1" = DriverNavigator 3.3.0
"EPSON BX300F Series" = EPSON BX300F Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"EPSON Stylus Office BX300F_TX300F Gebruikershandleiding" = EPSON Stylus Office BX300F_TX300F Handboek
"FL Studio 10" = FL Studio 10
"FL Studio 9" = FL Studio 9
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"Hardcore" = Hardcore
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IL Download Manager" = IL Download Manager
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"LManager" = Launch Manager
"LogonStudio Vista" = LogonStudio Vista
"Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
"MixVibes Cross - Discover DJ 1.3.2" = Cross - Discover DJ 1.3.2
"OtsTurntables Free" = OtsTurntables Free 1.00.047
"PoiZone" = PoiZone
"Pro-Rally LE" = Pro-Rally LE
"RadioPlayer_is1" = RadioPlayer
"Sakura" = Sakura
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Sawer" = Sawer
"TAC Engine_is1" = TAC Engine v2.1-11
"Toxic Biohazard" = Toxic Biohazard
"Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19-5-2013 14:51:51 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19-5-2013 14:52:56 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19-5-2013 14:56:40 | Computer Name = PC_van_Wesley | Source = VSS | ID = 8194
Description = Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren
van een query voor de IVssWriterCallback-interface. hr = 0x80070005. Dit wordt vaak
veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.


Bewerking:

Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}

Naam van schrijver: System Writer Instantie-id van schrijver: {aac326dd-3e54-44b2-8fe0-52485edaa5fd}

Error - 19-5-2013 14:56:41 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19-5-2013 15:07:52 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19-5-2013 16:14:49 | Computer Name = PC_van_Wesley | Source = VSS | ID = 8194
Description = Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren
van een query voor de IVssWriterCallback-interface. hr = 0x80070005. Dit wordt vaak
veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.


Bewerking:

Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}

Naam van schrijver: System Writer Instantie-id van schrijver: {9d9f57c8-953b-4515-ab91-541aaa8f63b2}

Error - 19-5-2013 16:14:56 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19-5-2013 16:16:17 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19-5-2013 16:19:46 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 19-5-2013 17:20:34 | Computer Name = PC_van_Wesley | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ System Events ]
Error - 19-5-2013 10:51:46 | Computer Name = PC_van_Wesley | Source = BROWSER | ID = 8032
Description = De Browser-service heeft te vaak de reservelijst op transport \Device\NetBT_Tcpip_{C5F5CC1F-2166-4B9E-AD41-4A91077E305C}
niet kunnen ophalen. De reservebrowser is gestopt.

Error - 19-5-2013 14:48:00 | Computer Name = PC_van_Wesley | Source = BROWSER | ID = 8032
Description = De Browser-service heeft te vaak de reservelijst op transport \Device\NetBT_Tcpip_{C5F5CC1F-2166-4B9E-AD41-4A91077E305C}
niet kunnen ophalen. De reservebrowser is gestopt.

Error - 19-5-2013 15:00:40 | Computer Name = PC_van_Wesley | Source = LSM | ID = 1048
Description = Kan Terminal Services niet starten. Statuscode: De configuratiegegevens
voor dit product zijn beschadigd. Neem contact op met het ondersteunend personeel.
.

Error - 19-5-2013 15:00:57 | Computer Name = PC_van_Wesley | Source = Service Control Manager | ID = 7000
Description =

Error - 19-5-2013 15:15:33 | Computer Name = PC_van_Wesley | Source = LSM | ID = 1048
Description = Kan Terminal Services niet starten. Statuscode: De configuratiegegevens
voor dit product zijn beschadigd. Neem contact op met het ondersteunend personeel.
.

Error - 19-5-2013 15:16:01 | Computer Name = PC_van_Wesley | Source = Service Control Manager | ID = 7000
Description =

Error - 19-5-2013 17:03:50 | Computer Name = PC_van_Wesley | Source = LSM | ID = 1048
Description = Kan Terminal Services niet starten. Statuscode: De configuratiegegevens
voor dit product zijn beschadigd. Neem contact op met het ondersteunend personeel.
.

Error - 19-5-2013 17:03:51 | Computer Name = PC_van_Wesley | Source = Service Control Manager | ID = 7000
Description =

Error - 19-5-2013 17:24:51 | Computer Name = PC_van_Wesley | Source = LSM | ID = 1048
Description = Kan Terminal Services niet starten. Statuscode: De configuratiegegevens
voor dit product zijn beschadigd. Neem contact op met het ondersteunend personeel.
.

Error - 19-5-2013 17:24:55 | Computer Name = PC_van_Wesley | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Edited by Boffo, 22 May 2013 - 03:37 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP