Bartche

Toen ik Avira probeerde te installeren vroeg IE of ik hiervoor AVG 8.0 wou openen. Beetje vreemd aangezien ik deze al op verschillende manieren had geprobeerd te verwijderen. Net op mijn verschillende schijven gaan kijken en inderdaad, er bestond nog een map AVG 8.0 in de Program Files (x86) op de C-schijf. Deze verwijderd net zoals de AVG-bin's die ook weer waren opgedoken. Amateuristisch als de aanpak is, voor het moment lijkt het probleem opgelost te zijn: ik kan bestanden downloaden in Chrome en ook IE downloadt weer zonder problemen... Heel erg bedankt dus voor de moeite; ik zal deze topic op opgelost zetten (hopende dat het permanent blijft werken) met vriendelijke groet, Bart

Chrome nogmaals verwijderd en nu ook het mapje in de appdata. Avast ook nogmaals verwijderd en CCleaner na beiden nog een keer laten draaien. Daarna ook nog eens de zoek.exe, de adwcleaner en combofix laten draaien, maar zonder resultaat: de nieuwe chrome geeft nog steeds de ' mislukt - Virus gedetecteerd ' melding... Ik zal ondertussen Avira eens installeren, misschien dat die iets op pikt. groeten,

Nieuwste versie van Avast erover geinstalleerd; dat ging zonder problemen, maar de foutmelding bleef bestaan. Toen installatie ongedaan gemaakt en met CCleaner het register opgeruimd; nog altijd een foutmelding. Nu net Chrome ook nog eens verwijderd (met Ccleaner erachter aan door het register), maar helaas, nog geen beterschap... Is het tijd om de windows-CD's weer boven te halen?

Nog altijd hetzelfde ben ik bang...

==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, Silent Runners - Adware? Disinfect, don't reformat! Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} DAEMON Tools Lite = "C:\Systeem\DAEMON Tools Lite\DTLite.exe" -autorun [DT Soft Ltd] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [Realtek Semiconductor] MSC = "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [MS] itype = "C:\Program Files\Microsoft IntelliType Pro\itype.exe" [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} AsioThk32Reg = REGSVR32.EXE /S CTASIO.DLL CTHelper = CTHELPER.EXE [Creative Technology Ltd] Adobe Reader Speed Launcher = "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [Adobe Systems Incorporated] SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [sun Microsystems, Inc.] BrStsWnd = "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun [brother] avast = "F:\Systeem\Avast\avastUI.exe" /nogui [AVAST Software] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\(Default) = (no title provided) -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE64.dll [AVAST Software] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = Java Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Oracle Corporation] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub -> {HKLM...CLSID} = Adobe PDF Link Helper \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = Adobe PDF Link Helper \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated] {326E768D-4182-46FD-9C16-1449A49795F4}\(Default) = Increase performance and video formats for your HTML5 <video> -> {HKLM...CLSID} = DivX Plus Web Player HTML5 <video> \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = DivX Plus Web Player HTML5 <video> \InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX, LLC] {593DDEC6-7468-4cdd-90E1-42DADAA222E9}\(Default) = Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites -> {HKLM...CLSID} = DivX HiQ \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = DivX HiQ \InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX, LLC] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = Java Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Oracle Corporation] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE.dll [AVAST Software] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {9FDDE16B-836F-4806-AB1F-1455CBEFF289}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Windows Live Messenger Companion Helper \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [MS] {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO -> {HKLM...CLSID} = Skype Browser Helper \InProcServer32\(Default) = [file not found] -> {HKLM...Wow...CLSID} = Skype Browser Helper \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] DropboxExt4\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.] HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM...CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation] {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\MSOHEVI.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {09A47860-11B0-4DA5-AFA5-26D86198A780} = EPP -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS] {ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} = IntelliType Pro Key Settings Control Panel Property Page -> {HKLM...CLSID} = IntelliType Pro Key Settings Property Page \InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplkey.dll [MS] {111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} = IntelliType Pro Scrolling Control Panel Property Page -> {HKLM...CLSID} = IntelliType Pro Scrolling Property Page \InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplwhl.dll [MS] {97FA8AA2-EE77-4FF2-9449-424D8924EF21} = IntelliType Pro Zooming Control Panel Property Page -> {HKLM...CLSID} = IntelliType Pro Zooming Property Page \InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplzm.dll [MS] {1825D0FA-5B0C-4e20-A929-3EFD15B6DF71} = IntelliType Pro Touchpad Control Property Page -> {HKLM...CLSID} = IntelliType Pro Touchpad Control Property Page \InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcpltp.dll [MS] {A2569D1F-4E06-43EC-9825-0088B471BE47} = IntelliType Pro Wireless Control Panel Property Page -> {HKLM...CLSID} = IntelliType Pro Wireless Control Panel Property Page \InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplwir.dll [MS] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {00020d75-0000-0000-c000-000000000046} = Microsoft Office Outlook Desktop Icon Handler -> {HKLM...Wow...CLSID} = Microsoft Office Outlook \InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\MLSHEXT.DLL [MS] {640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices -> {HKLM...Wow...CLSID} = Portable Media Devices \InProcServer32\(Default) = C:\Windows\system32\audiodev.dll [file not found] {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} = NeroCoverEd Live Icons -> {HKLM...Wow...CLSID} = NeroCoverEdLiveIcons Class \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] {1CA6BBC9-E9FA-4021-822B-075DF1837B63} = NeroDigitalIconHandler -> {HKLM...Wow...CLSID} = NeroDigitalIconHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG] {846083A4-BFC6-4447-985C-6578B466A7D7} = NeroDigitalPropSheetHandler -> {HKLM...Wow...CLSID} = NeroDigitalPropSheetHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG] {C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} = NeroDigitalColumnHandler -> {HKLM...Wow...CLSID} = NeroDigitalColumnHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG] {4FBFFA8D-F390-471a-AE46-FEB93623AD63} = NeroDigitalInfoHandler -> {HKLM...Wow...CLSID} = NeroDigitalInfoHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG] {EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} = NeroDigitalThumbnailHandler -> {HKLM...Wow...CLSID} = NeroDigitalThumbnailHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG] {00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided) -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Editor Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler -> {HKLM...Wow...CLSID} = Outlook File Icon Extension \InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\OLKFSTUB.DLL [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll [MS] {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945} -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS] HKCU\Software\Classes\*\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software] Cover Designer\(Default) = {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} -> {HKLM...Wow...CLSID} = NeroCoverEdContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\Wow6432Node\*\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software] Cover Designer\(Default) = {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} -> {HKLM...Wow...CLSID} = NeroCoverEdContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] HKLM\SOFTWARE\Classes\Wow6432Node\AllFilesystemObjects\shellex\ContextMenuHandlers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\ContextMenuHandlers\ EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] HKLM\SOFTWARE\Classes\Wow6432Node\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B}\(Default) = NeroDigitalExt.NeroDigitalColumnHandler -> {HKLM...Wow...CLSID} = NeroDigitalColumnHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ColumnHandlers\ {C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B}\(Default) = NeroDigitalExt.NeroDigitalColumnHandler -> {HKLM...Wow...CLSID} = NeroDigitalColumnHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software] MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3} -> {HKLM...CLSID} = MBAMShlExt Class \InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- - - - Updated - - - Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoDrives = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ DisableRegistryTools = (REG_DWORD) dword:0x00000000 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ Wallpaper = C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Bart De Laat\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\Windows\system32\Bubbles.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ MSLivePhotoAcqHWEventHandler\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 ProgID = Microsoft.LivePhotoAcqHWEventHandler HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqHWEventHandler\CLSID\(Default) = {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F} -> {HKLM...CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [MS] MSLivePhotoAcquireDropHandler\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.LivePhotoAcqDTShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSLiveVideoCameraArrivalCaptureWizard\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 ProgID = WLXAutoPlayMgr.WLXHWEventHandler InitCmdLine = WLXVideoAcquireWizard HKLM\SOFTWARE\Classes\WLXAutoPlayMgr.WLXHWEventHandler\CLSID\(Default) = {9B5C97F6-B3A5-4A6D-8B03-993EC7291A22} -> {HKLM...CLSID} = WLXWEventHandler Class \LocalServer32\(Default) = "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe" [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /deviceVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSRipCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.RipCD InvokeVerb = Rip HKLM\SOFTWARE\Classes\WMP.RipCD\shell\Rip\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /RipAudioCD "%L" [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] MSWMPBurnDataDVDArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnDVD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnDVD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /TaskVDWrite /Device:"%L" [MS] NeroAutoPlay9DVDVideoToNeroDigital\ Provider = Nero Recode InvokeProgID = Nero.AutoPlay8 InvokeVerb = DVDVideoToNeroDigital_PlayDVDMovieOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\DVDVideoToNeroDigital_PlayDVDMovieOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe /New:ReAuthorNeroDigital [Nero AG] NeroAutoPlay9LaunchNeroStartSmart\ Provider = Nero StartSmart InvokeProgID = Nero.AutoPlay8 InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG] NeroAutoPlay9PlayAudioCD\ Provider = Nero ShowTime InvokeProgID = Nero.AutoPlay8 InvokeVerb = PlayAudioCD_PlayMusicFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero ShowTime\ShowTime.exe /Play %L [Nero AG] NeroAutoPlay9PlayDVD\ Provider = Nero ShowTime InvokeProgID = Nero.AutoPlay8 InvokeVerb = PlayDVD_PlayVideoFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero ShowTime\ShowTime.exe /Play %L [Nero AG] NeroAutoPlay9TranscodeVideo\ Provider = Nero Recode InvokeProgID = Nero.AutoPlay8 InvokeVerb = TranscodeVideo_PlayDVDMovieOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe /New:CopyDVDVideo [Nero AG] NeroAutoPlay9VideoCapture\ Provider = Nero Vision ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "C:\Program Files (x86)\Nero\Nero 9\Nero Vision\NeroVision.exe" /New:VideoCapture HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] NeroAutoPlay9ViewPhotos\ Provider = Nero PhotoSnap Viewer InvokeProgID = Nero.AutoPlay8 InvokeVerb = ViewPhotos_ShowPicturesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe / [Nero AG] Windows Sidebar Gadgets: {++} ------------------------ C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows Sidebar\Settings.ini %PROGRAMFILES%\windows sidebar\gadgets\Clock.gadget %PROGRAMFILES%\windows sidebar\gadgets\RSSFeeds.Gadget "C:%5CProgram%20Files%5CWindows%20Sidebar%5CShared%20Gadgets%5CaswSidebar.gadget" Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] Microsoft_Hardware_Launch_IType_exe -> (HIDDEN!) launches: C:\Program Files\Microsoft IntelliType Pro\IType.exe [MS] User_Feed_Synchronization-{33A3981A-5A77-48A8-AE69-14DB8EBE9771} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS] {1E4FD3CE-91AE-4FEC-87E4-65167C0C0E7E} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Bart De Laat\Desktop\MyLab_Desk_Setup\Setup.exe" -d "C:\Users\Bart De Laat\Desktop\MyLab_Desk_Setup" [MS] {20BFCCCF-DBAB-4B31-ABE5-EB85513C5284} -> launches: C:\Program Files (x86)\Skype\\Phone\Skype.exe [skype Technologies S.A.] {34174CD2-9054-478C-BBE6-3B1344EEBAAE} -> launches: C:\Windows\system32\pcalua.exe -a M:\Downloads\daemon411-lite-x86.exe -d M:\Downloads [MS] {39770C49-2774-46DD-ACA1-C1C88DAF1831} -> launches: C:\Windows\system32\pcalua.exe -a M:\Memoire\MyLab_Desk_Setup\bin\Esaote.Biolab.Install.Console.exe -d M:\Memoire\MyLab_Desk_Setup\bin [MS] {6149A077-537A-42F7-8E9A-6B6C732EE033} -> launches: C:\Windows\system32\pcalua.exe -a H:\Setup.exe -d H:\ [MS] {8209880A-6A37-4A32-A4B9-EA190A5FA716} -> launches: C:\Windows\system32\pcalua.exe -a M:\Memoire\MyLab_Desk_Setup\bin\Setup.exe -d M:\Memoire\MyLab_Desk_Setup\bin [MS] {9D47EC1F-58B5-457A-B8F3-625B0B6BE094} -> launches: C:\Windows\system32\pcalua.exe -a "H:\Pc-EKg 2.02\Install.exe" -d "H:\Pc-EKg 2.02" [MS] {A21EBABC-6594-451F-87C5-DA7A132D4F5C} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Bart De Laat\Downloads\Intel Chipset Driver 7.2.2.1006\Chipset\Setup.exe" -d "C:\Users\Bart De Laat\Downloads\Intel Chipset Driver 7.2.2.1006\Chipset" [MS] C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware Microsoft Antimalware Scheduled Scan -> launches: C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask-Roam -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] OptinNotification -> launches: %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -i [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) -gc [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] TMM -> launches: {35EF4182-F900-4632-B072-8639E4478A61} -> {HKLM...CLSID} = Transient Multi-Monitor Manager \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS] -> {HKLM...Wow...CLSID} = Transient Multi-Monitor Manager \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI LPRemove -> launches: %windir%\system32\lpremove.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection NAPStatus UI -> launches: {f09878a1-4652-4292-aa63-8c7d4fd7648f} -> {HKLM...CLSID} = Nap ITask Handler Implementation \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS] -> {HKLM...Wow...CLSID} = Nap ITask Handler Implementation \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RACAgent -> (HIDDEN!) launches: %windir%\system32\RacAgent.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell CrawlStartPages -> launches: {51653423-e62d-4ff7-894a-dabb2b8e21e2} -> {HKLM...CLSID} = CrawlStartPages Task Handler \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] -> {HKLM...Wow...CLSID} = CrawlStartPages Task Handler \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] WSHReset -> (HIDDEN!) launches: %systemroot%\system32\netsh.exe interface tcp set heuristic wsh=default [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wired GatherWiredInfo -> launches: %windir%\system32\gatherWiredInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Wireless GatherWirelessInfo -> launches: %windir%\system32\gatherWirelessInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-646492008-2405596893-3632786542-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {318A227B-5E9F-45BD-8999-7F8F10CA4CF5} = (no title provided) -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE64.dll [AVAST Software] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\ {8E5E2654-AD2D-48BF-AC2D-D17F00898D06} = (no title provided) -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE.dll [AVAST Software] Explorer Bars HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {0000036B-C524-4050-81A0-243669A86B9F}\ ButtonText = @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 CLSIDExtension = {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} -> {HKLM...Wow...CLSID} = Windows Live Messenger Companion Command Bar Button \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [MS] {219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\ ButtonText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 MenuText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC} -> {HKLM...Wow...CLSID} = BlogThisToolbarButton Class \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [MS] {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ ButtonText = Skype Click to Call MenuText = Skype Click to Call CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -> {HKLM...Wow...CLSID} = Skype Browser Helper \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ ButtonText = Research BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -> {HKLM...Wow...CLSID} = &Onderzoeken \InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ avast! Antivirus, avast! Antivirus, "F:\Systeem\Avast\AvastSvc.exe" [AVAST Software] Cisco AnyConnect VPN Agent, vpnagent, "C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe" [Cisco Systems, Inc.] Creative Audio Service, CTAudSvcService, C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [Creative Technology Ltd] Microsoft .NET Framework NGEN v4.0.30319_X64, clr_optimization_v4.0.30319_64, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [MS] Microsoft .NET Framework NGEN v4.0.30319_X86, clr_optimization_v4.0.30319_32, C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [MS] Microsoft Antimalware Service, MsMpSvc, "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [MS] NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation] NVIDIA Stereoscopic 3D Driver Service, Stereo Service, "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [NVIDIA Corporation] NVIDIA Update Service Daemon, nvUpdatusService, "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [NVIDIA Corporation] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <<!>> MsMpSvc, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <<!>> MsMpSvc, Service ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Low\Content.IE5 emptied successfully C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\BARTDE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on vr 17/05/2013 at 11:48:43,89 ====================== In drie delen, omdat de server het er anders moeilijk mee had. Hopelijk is er iets dat meer duidelijkheid geeft. nogmaals bedankt,

Bedankt voor het snelle antwoorden Wabbit! Het volgende logje was het resultaat: Zoek.exe Version 4.0.0.2 Updated 15-May-2013 Tool run by Bart De Laat on vr 17/05/2013 at 11:39:22,44. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k rpcss C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe F:\Systeem\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\SysWOW64\CtHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe F:\Systeem\Avast\AvastUI.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\mobsync.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\SysWOW64\conime.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Bart De Laat\Desktop\zoek.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Aare AVI to VCD/DVD/SVCD/MPEG Converter Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader X (10.0.1) - Nederlands Adobe SVG Viewer 6.0 Advertising Center Apple Application Support Apple Software Update avast Free Antivirus BitComet 1.29 Brother HL-2150N BS.Player FREE BSPlayer CCleaner Cisco AnyConnect VPN Client Cool & Quiet Creative Audio-console Creative Software AutoUpdate D3DX10 DAEMON Tools Lite DeltaSoft JV 2.1.2 DivX Setup DolbyFiles Dolphin Futures XPS Viewer version 1.0.0 Driver Sweeper 2.1.0 Driver Wizard DriverMax 5 Dropbox Enter The Matrix ezNZB v3.1.0 GameSpy Arcade Gapminder Desktop Google Chrome Google Update Helper Grand Theft Auto IV Grand Theft Auto Vice City Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) IBM SPSS Statistics 19 ImagXpress Japanese Fonts Support For Adobe Reader X Java 7 Update 21 (64-bit) Java 7 Update 9 Java Auto Updater Java 6 Update 31 Junk Mail filter update Malwarebytes Anti-Malware versie 1.75.0.1300 Mendeley Desktop 1.6 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Antimalware Service NL-NL Language Pack Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft IntelliType Pro 7.1 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Security Client Microsoft Security Client NL-NL Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Windows Media Video 9 VCM MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero Disc Copy Gadget Nero Disc Copy Gadget Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero PhotoSnap Nero PhotoSnap Help Nero Recode Nero Recode Help Nero ShowTime Nero StartSmart Nero StartSmart Help Nero StartSmart OEM Nero Vision Nero Vision Help NeroExpress neroxml NVIDIA-configuratiescherm 311.06 NVIDIA 3D Vision controllerstuurprogramma 285.62 NVIDIA 3D Vision stuurprogramma 311.06 NVIDIA Display Control Panel NVIDIA Grafisch stuurprogramma 311.06 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.11.0621 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OpenAL PokerStars.be PVSonyDll QuickTime R for Windows 3.0.0 Real Alternative 2.0.2 Realtek Ethernet Controller Driver For Windows Vista and Later Realtek High Definition Audio Driver Rockstar Games Social Club RStudio SABnzbd 0.6.10 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Segoe UI Serious Sam: The Second Encounter Skype Click to Call SkypeT 6.0 SuperNZB v4.0.5 Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Ubisoft Game Launcher Unreal Tournament G.O.T.Y. Edition Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VC80CRTRedist - 8.0.50727.4053 Visual Studio 2010 x64 Redistributables WiFi Station Winamp Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR archiver ==== Deleting Files \ Folders ====================== "C:\ProgramData\ezsidmv.dat" deleted "C:\Users\Bart De Laat\51FB15F4AD2743BCAD4BDD0354FB6BBD.TMP" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-05-17 06:43:30 4781167AF20A314D55F5F431F97CBFE1 125 ----a-w- C:\Windows\DeleteOnReboot.bat 2013-05-16 09:46:27 E9C8673674ECF840EE59ED805DBE9966 41664 ----a-w- C:\Windows\avastSS.scr 2013-05-02 09:06:58 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe 2013-05-02 09:06:58 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe 2013-05-02 09:06:58 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe 2013-05-02 09:06:58 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe 2013-05-02 09:06:58 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe ====== C:\Users\BARTDE~1\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-05-16 09:46:47 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\config.nt 2013-05-15 07:19:57 CA5522E83040C39C64BCF9FE06FD1647 1638912 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-05-15 07:19:57 54FB7169B25B52DEE60B29E51518E4F4 6013440 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-05-15 07:19:42 1BE5928B75E79F1E87895651C1312740 11111424 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-05-15 07:19:39 F6888B03E3EE0E82EEEB71E9D1FDE26C 1212928 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-05-15 07:19:38 C1F1B4A2D3348FD770874C278D3221E7 630272 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-05-15 07:19:38 BAF8040BBD5736952A8A3839E073B031 916480 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-05-15 07:19:38 033155718EAB75FF5F4C01D8F7933CE9 1469440 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-05-15 07:19:37 8CD18B9A2D3BD1F4F7AC21BEF148EDAB 611840 ----a-w- C:\Windows\SysWOW64\mstime.dll 2013-05-15 07:19:37 7355129B71888396E4FC0DCEE14407F8 2004992 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-05-15 07:19:37 2D573FDF50FDE5E451E48F3C55A1CDB8 385024 ----a-w- C:\Windows\SysWOW64\html.iec 2013-05-15 07:19:37 29EA0CE598C1F7BEC50D49829E684413 387584 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2013-05-15 07:19:36 FF95B060A8ED61BE2BC5B5C74A98C6F5 43520 ----a-w- C:\Windows\SysWOW64\licmgr10.dll 2013-05-15 07:19:36 EA1BB31417CB6263CA1F4DD067CF77C6 105984 ----a-w- C:\Windows\SysWOW64\url.dll 2013-05-15 07:19:36 E9A8DA53A81B4635DCF792B53447A03C 71680 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-05-15 07:19:36 E4FE14F37789D4DB66B61E5CE2380687 164352 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-05-15 07:19:36 D76E079AE08050A6D395457A4F5BBB16 25600 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-05-15 07:19:36 C5DA34BA09D46B3ED8666FBB54D8D162 55808 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-05-15 07:19:36 B812AAE042810E78F9CE03655EC05AAE 67072 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-05-15 07:19:36 AB149D3DA31F33E85B70D803C4B7625C 206848 ----a-w- C:\Windows\SysWOW64\occache.dll 2013-05-15 07:19:36 9DD178C44ADD0825AD3137430AE1E171 13312 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-05-15 07:19:36 66FF8438E716F69210D680C56449869E 184320 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2013-05-15 07:19:36 4F8FFF533F6F65A1BDA8A5E1E452AD0B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-05-15 07:19:36 469640833B04976DA276F425A0E2250C 174080 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe 2013-05-15 07:19:36 4685A9AA406786F27F78626536749B4F 133632 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-05-15 07:19:36 13C7DE0BBFAF05EA7A35CCED86532D04 55296 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-05-16 12:57:01 B098D08899B4A4B057EF2209B34A488B 381576 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2013-05-16 09:46:47 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2013-05-15 07:19:58 F023180AE9D268585EF8CADDA3FC0785 9333248 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-05-15 07:19:57 D9314BDA2DB6180A0609C56DD26BC2F3 1638912 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-05-15 07:19:51 570DAA0D122E136209823FA8C042EF65 2774016 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-05-15 07:19:43 8B3B7B7D7E903740137D70C36C35D9AE 12508160 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-05-15 07:19:41 DAD83F761377C736E599C2E25F9B2FF6 1147392 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-05-15 07:19:40 DA72C1CC15F2CE9AA5921E639D36C7AB 742912 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-05-15 07:19:40 85970AF07E0089D8EF372D32C0CC3BD4 1489408 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-05-15 07:19:40 377173C59416F9153EA732CBC310A2B2 459776 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2013-05-15 07:19:40 0EFD9504AE4F5CDDF92D2DDE9CAF4D08 2356736 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-05-15 07:19:39 EED34B262EEE408C3BBA22055CD403D3 243712 ----a-w- C:\Windows\Sysnative\occache.dll 2013-05-15 07:19:39 E1BD71E08D81803954762C5CB1A44DD4 252416 ----a-w- C:\Windows\Sysnative\iepeers.dll 2013-05-15 07:19:39 C43215E8A84AD81B93EB6A1140310C70 98304 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-05-15 07:19:39 A72567AB733FD1F81E4B619C63D784D4 1062912 ----a-w- C:\Windows\Sysnative\mstime.dll 2013-05-15 07:19:39 7D8A31E1CEBCE69407806F3BCFA47447 77312 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-05-15 07:19:39 7280F72FE74700E15736B836147C540B 31744 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-05-15 07:19:39 70D394C2C9E4E4F738E667BB87BBAADF 72192 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-05-15 07:19:39 6AE971240EA9CBE1F833321284D87BF7 219136 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-05-15 07:19:38 92AA03AAF004C64B11885E01FC8EF57E 1538560 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-05-15 07:19:38 8BF72A557C640B313D79D500BEBE2F30 479232 ----a-w- C:\Windows\Sysnative\html.iec 2013-05-15 07:19:38 2AD0CB0ECCAC4726FA9672C1E3FE063C 56832 ----a-w- C:\Windows\Sysnative\licmgr10.dll 2013-05-15 07:19:38 0BAAD832A41C6FA5073FC2881F4D02CA 71680 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll 2013-05-15 07:19:37 748B4E825A5B1E1D77C093970870C2BC 162816 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-05-15 07:19:37 22B1091B4A62582128DCACEA7085E849 108032 ----a-w- C:\Windows\Sysnative\url.dll 2013-05-15 07:19:36 974798D2DCE273F67053699D302B7DD0 12288 ----a-w- C:\Windows\Sysnative\msfeedssync.exe 2013-05-15 07:19:36 4976E0F3C33B303B7B7EFAE1AB282902 132096 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-05-15 07:19:36 2563DF414EBC506F11E301F6E719D8E9 70656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-05-15 07:19:04 6D798629B0A33D33E0BFED45BC438E1E 47104 ----a-w- C:\Windows\Sysnative\cdd.dll ====== C:\Windows\Sysnative\drivers ===== 2013-05-17 06:53:02 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-05-16 09:46:51 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys 2013-05-16 09:46:50 00E5253353717D3CA12A0F5A6F9991EC 378432 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys 2013-05-16 09:46:49 9A9565BB92EE412B77B7416DD1D32F0B 59144 ----a-w- C:\Windows\Sysnative\drivers\aswRdr.sys 2013-05-16 09:46:49 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys 2013-05-16 09:46:49 10ED1CAB84AA65983C41A11F60294C9B 1025808 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys 2013-05-16 09:46:48 6359B99C955DB9F40B653159A0EED261 189936 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2013-05-16 09:46:48 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2013-05-16 09:46:47 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2013-05-15 07:19:05 F3932288EEECD776FF1F9F653AD878F3 901496 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== 2013-05-16 09:46:47 E56E3AE18A8CAEDE58D7BF0DFA2A4039 308 ---ha-w- C:\Windows\Tasks\avast! Emergency Update.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\Program Files (x86) ===== 2013-05-02 11:19:38 -------- d-----w- C:\Program Files (x86)\Google ======= C: ===== 2013-05-17 06:43:22 50F8474CFBCD72E3C9657DA1578B19A1 1185 ----a-w- C:\AdwCleaner[s1].txt 2013-05-17 06:42:08 66AD3271A290A09CBE37FD05567B53AA 1097 ----a-w- C:\AdwCleaner[R1].txt ====== C:\Users\Bart De Laat\AppData\Roaming ====== 2013-05-17 07:42:19 -------- d-----w- C:\users\UpdatusUser\AppData\Local\temp 2013-05-17 07:42:19 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-05-17 07:42:19 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-05-17 07:42:19 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-05-17 07:42:19 -------- d-----w- C:\users\Bart De Laat\AppData\Local\temp 2013-05-16 12:59:08 17C4B3841AB5218E0EDF8C3761D6B67E 102672 ----a-w- C:\users\Bart De Laat\AppData\Local\GDIPFONTCACHEV1.DAT 2013-05-16 09:46:44 2CFA34581CE9C5EBAC4401BBAA601B15 11614 ----a-w- C:\users\Bart De Laat\AppData\Local\dd_vcredistUI09E1.txt 2013-05-16 09:46:44 02351269F757795F8A208E4E3DFF0804 1870 ----a-w- C:\users\Bart De Laat\AppData\Local\dd_vcredistMSI09E1.txt 2013-05-08 20:09:07 -------- d-----w- C:\users\Bart De Laat\AppData\Roaming\Windows Live Writer 2013-05-08 20:09:07 -------- d-----w- C:\users\Bart De Laat\AppData\Local\Windows Live Writer 2013-05-01 19:15:31 -------- d-----w- C:\users\Bart De Laat\AppData\Roaming\RStudio 2013-05-01 13:15:52 -------- d-----w- C:\users\Bart De Laat\AppData\Local\RStudio-Desktop ====== C:\Users\Bart De Laat ====== 2013-05-16 09:46:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus 2013-05-02 11:20:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2013-05-02 09:15:24 -------- d-----w- C:\Users\Public\AppData ====== C: exe-files == 2013-05-17 06:51:53 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Low\Content.IE5\3308904T\mbam-setup-1.75.0.1300[1].exe 2013-05-17 06:43:52 6ED4302372464A4CF4865603C04D03AB 632031 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{D2259F55-CA87-6D6F-5B90-918D8D751CFC}-adwcleaner.exe 2013-05-17 06:41:30 0A90C8A3F94564E7EAF541981EAFA52A 632031 ----a-w- C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Low\Content.IE5\QUT4IO21\adwcleaner[1].exe 2013-05-16 09:46:47 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\System32\aswBoot.exe 2013-05-15 07:19:40 971B739292B5B225A99FA20E26997ABB 660632 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-05-15 07:19:40 6CDB93988713FB94BEEB16823E5232AD 638104 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-05-15 07:19:37 748B4E825A5B1E1D77C093970870C2BC 162816 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-05-15 07:19:36 9DD178C44ADD0825AD3137430AE1E171 13312 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-05-15 07:19:36 974798D2DCE273F67053699D302B7DD0 12288 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-05-15 07:19:36 469640833B04976DA276F425A0E2250C 174080 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe 2013-05-15 07:19:36 4685A9AA406786F27F78626536749B4F 133632 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-05-15 07:19:36 2563DF414EBC506F11E301F6E719D8E9 70656 ----a-w- C:\Windows\System32\ie4uinit.exe === C: other files == 2013-05-17 06:53:02 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-05-17 06:43:30 4781167AF20A314D55F5F431F97CBFE1 125 ----a-w- C:\Windows\DeleteOnReboot.bat 2013-05-16 09:46:51 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys 2013-05-16 09:46:50 00E5253353717D3CA12A0F5A6F9991EC 378432 ----a-w- C:\Windows\System32\drivers\aswSP.sys 2013-05-16 09:46:49 9A9565BB92EE412B77B7416DD1D32F0B 59144 ----a-w- C:\Windows\System32\drivers\aswRdr.sys 2013-05-16 09:46:49 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys 2013-05-16 09:46:49 10ED1CAB84AA65983C41A11F60294C9B 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-05-16 09:46:48 6359B99C955DB9F40B653159A0EED261 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-05-16 09:46:48 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-05-16 09:46:47 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-05-15 07:19:51 570DAA0D122E136209823FA8C042EF65 2774016 ----a-w- C:\Windows\System32\win32k.sys 2013-05-15 07:19:05 F3932288EEECD776FF1F9F653AD878F3 901496 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-646492008-2405596893-3632786542-1000\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Systeem\DAEMON Tools Lite\DTLite.exe -autorun" [HKEY_USERS\S-1-5-21-646492008-2405596893-3632786542-1001\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTHelper"="CTHELPER.EXE" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "BrStsWnd"="C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun" "avast"="F:\Systeem\Avast\avastUI.exe /nogui" "AsioThk32Reg"="REGSVR32.EXE /S CTASIO.DLL" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Systeem\DAEMON Tools Lite\DTLite.exe -autorun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CreativeTaskScheduler] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CreativeTaskScheduler" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Creative\\Shared Files\\CTSched.exe\" /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTxfiHlp] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CTxfiHlp" "hkey"="HKLM" "command"="CTXFIHLP.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Lite" "hkey"="HKCU" "command"="\"C:\\Systeem\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DriverMax" "hkey"="HKCU" "command"="\"C:\\Systeem\\DriverMax\\devices.exe\" -agent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax_RESTART] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DriverMax_RESTART" "hkey"="HKCU" "command"="\"C:\\Systeem\\DriverMax\\devices.exe\" -RESTART" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Bart De Laat\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Inspector] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Inspector" "hkey"="HKCU" "command"="C:\\Users\\Bart De Laat\\AppData\\Roaming\\Protector-tgno.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"F:\\systeem\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WiFi Station.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\WiFi Station.lnk" "backup"="C:\\Windows\\pss\\WiFi Station.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\Hercules\\WIFIST~1\\WiFiN.exe -s" "item"="WiFi Station" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BBSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BITCOMET_HELPER_SERVICE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FontCache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FontCache3.0.0.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\fsssvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HerculesWiFi] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Nero BackItUp Scheduler 4.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasAuto] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasMan] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wlidsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\avast\Undertermined Task.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/05/2013 13:19] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/05/2013 13:19] C:\Windows\tasks\User_Feed_Synchronization-{33A3981A-5A77-48A8-AE69-14DB8EBE9771}.job --ah----- C:\Windows\system32\msfeedssync.exe [04/04/2013 08:40] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fnjbmmemklcjgepojigaapkoodmkgbae - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx[08/02/2011 02:17] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/10/2011 11:09] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx[08/02/2011 02:17] Skype Click to Call - Bart De Laat - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Uninstall List x64 ====================== Aare AVI to VCD/DVD/SVCD/MPEG Converter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Aare AVI to VCD/DVD/SVCD/MPEG Converter_is1] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FDB3B167-F4FA-461D-976F-286304A57B2A}] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR] Adobe Flash Player 10 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Reader X (10.0.1) - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AA0000000001}] Adobe SVG Viewer 6.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe SVG Viewer] Advertising Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}] Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\avast] BitComet 1.29 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitComet] Brother HL-2150N [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{712B0273-E51F-4C8D-BC87-C13784D8F960}] BS.Player FREE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf] BSPlayer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Cisco AnyConnect VPN Client [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6005535D-8A83-4108-A757-E1AB9886AECA}] Cool & Quiet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}] Creative Audio-console [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AudioCS] Creative Software AutoUpdate [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Creative Software AutoUpdate] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite] DeltaSoft JV 2.1.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E87B0CF-BC80-4F99-8423-FBE9ABC7B431}] DivX Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DivX Setup.divx.com] DolbyFiles [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}] Dolphin Futures XPS Viewer version 1.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{75480068-162F-4D6B-B38E-76606A4E5320}_is1] Driver Sweeper 2.1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1] Driver Wizard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Wizard_is1] DriverMax 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DMX5_is1] Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox] Enter The Matrix [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CD92DB1-1B3B-4296-9456-93EA6BCAA4C5}] ezNZB v3.1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ezNZB_is1] GameSpy Arcade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade] Gapminder Desktop [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2E4125CE-DDCF-8CF6-5A4E-88735CF284F9}] Gapminder Desktop [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\org.gapminder.desktop.434684C0EEE0B6011903D7CB9F42374B4E5823E7.1] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Grand Theft Auto IV [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579BA58C-F33D-4970-9953-B94B43768AC3}] Grand Theft Auto Vice City [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}] IBM SPSS Statistics 19 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}] ImagXpress [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}] Japanese Fonts Support For Adobe Reader X [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-5760-0000-A00000000003}] Java 7 Update 21 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417021FF}] Java 7 Update 9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217007FF}] Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] Java 6 Update 31 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216031FF}] Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}] Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] Mendeley Desktop 1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mendeley Desktop] Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}] Messenger Companion [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8142D25E-028A-4563-86ED-5755783C8029}] Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}] Microsoft .NET Framework 1.1 Security Update (KB2698023) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\M2698023] Microsoft .NET Framework 1.1 Security Update (KB2742597) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\M2742597] Microsoft .NET Framework 3.5 Language Pack SP1 - nld [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{101738D7-D805-37A9-BB91-1F2C351782BF}] Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}] Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}] Microsoft .NET Framework 4 Client Profile NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4567EA14-6BCA-3EF9-859B-92CE48B1D704}] Microsoft Antimalware Service NL-NL Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}] Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{59E4543A-D49D-4489-B445-473D763C79AF}] Microsoft IntelliType Pro 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}] Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PROPLUS] Microsoft Security Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D954C6C2-544B-4091-A47F-11E77162883E}] Microsoft Security Client NL-NL Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DC911ADF-7B60-40F2-A112-FB1EB6402D07}] Microsoft Security Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Client] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}] Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Windows Media Video 9 VCM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WMV9_VCM] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}] MSXML 4.0 SP2 (KB927978) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}] MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] MSXML 4.0 SP2 Parser and SDK [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{716E0306-8318-4364-8B8F-0CC4E9376BAC}] Nero 9 Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b49d04e7-6249-48b4-963c-5dee3d232071}] Nero BurnRights [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7829DB6F-A066-4E40-8912-CB07887C20BB}] Nero BurnRights Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F6BDD7C5-89ED-4569-9318-469AA9732572}] Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}] Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}] Nero CoverDesigner [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}] Nero CoverDesigner Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}] Nero Disc Copy Gadget [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F1861F30-3419-44DB-B2A1-C274825698B3}] Nero Disc Copy Gadget Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60C731FB-C951-41CE-AD41-8E54C8594609}] Nero DiscSpeed [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{869200DB-287A-4DC0-B02B-2B6787FBCD4C}] Nero DiscSpeed Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CC019E3F-59D2-4486-8D4B-878105B62A71}] Nero DriveSpeed [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33CF58F5-48D8-4575-83D6-96F574E4D83A}] Nero DriveSpeed Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E5C7D048-F9B4-4219-B323-8BDB01A2563D}] Nero Express Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83202942-84B3-4C50-8622-B8C0AA2D2885}] Nero InfoTool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FBCDFD61-7DCF-4E71-9226-873BA0053139}] Nero InfoTool Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}] Nero Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E8A80433-302B-4FF1-815D-FCC8EAC482FF}] Nero Online Upgrade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}] Nero PhotoSnap [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9E82B934-9A25-445B-B8DF-8012808074AC}] Nero PhotoSnap Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1C00C7C5-E615-4139-B817-7F4003DE68C0}] Nero Recode [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}] Nero Recode Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}] Nero ShowTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{02627EE5-EACA-4742-A9CC-E687631773E4}] Nero ShowTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}] Nero StartSmart [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7748AC8C-18E3-43BB-959B-088FAEA16FB2}] Nero StartSmart Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2348B586-C9AE-46CE-936C-A68E9426E214}] Nero StartSmart OEM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}] Nero Vision [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43E39830-1826-415D-8BAE-86845787B54B}] Nero Vision Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}] NeroExpress [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{595A3116-40BB-4E0F-A2E8-D7951DA56270}] neroxml [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] NVIDIA-configuratiescherm 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA 3D Vision controllerstuurprogramma 285.62 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] NVIDIA 3D Vision stuurprogramma 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] NVIDIA Display Control Panel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Display Control Panel] NVIDIA Grafisch stuurprogramma 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}] NVIDIA PhysX systeemsoftware 9.11.0621 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo] NVIDIA Update 1.11.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update] OpenAL [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OpenAL] PokerStars.be [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.be] PVSonyDll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}] QuickTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E64B098-8018-4256-BA23-C316A43AD9B0}] R for Windows 3.0.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\R for Windows 3.0.0_is1] Real Alternative 2.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RealAlt_is1] Realtek Ethernet Controller Driver For Windows Vista and Later [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Rockstar Games Social Club [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08B3869E-D282-424C-9AFC-870E04A4BA14}] RStudio [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RStudio] SABnzbd 0.6.10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SABnzbd] Segoe UI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}] Serious Sam: The Second Encounter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}] Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}] SkypeT 6.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}] SuperNZB v4.0.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SuperNZB_is1] Ubisoft Game Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{888F1505-C2B3-4FDE-835D-36353EBD4754}] Unreal Tournament G.O.T.Y. Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\UnrealTournament] VC80CRTRedist - 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5EE7D259-D137-4438-9A5F-42F432EC0421}] Visual Studio 2010 x64 Redistributables [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21B133D6-5979-47F0-BE1C-F6A6B304693F}] WiFi Station [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63E03919-6657-4C9A-9E37-D54E1A2E3009}] Winamp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winamp] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A07C35B-8384-4DA4-9A95-442B6C89A073}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}] Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B22C8566-D522-4B40-A7AF-525F5A70D832}] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}] Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D07A61E5-A59C-433C-BCBD-22025FA2287B}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}] Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D588365A-AE39-4F27-BDAE-B4E72C8E900C}] Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C32CE55C-12BA-4951-8797-0967FDEF556F}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F4143A1-9C21-4011-8679-3BC1014C6886}] Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6A563426-3474-41C6-B847-42B39F1485B2}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}] Windows Live Messenger Companion Core [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}] Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BD262D0-B788-4546-A0A5-F4F56EC3834B}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}] Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}] Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C9F05151-95A9-4B9B-B534-1760E2D014A5}] Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}] Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7E017923-16F8-4E32-94EF-0A150BD196FE}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}] Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}] Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{14B441B7-774D-4170-98EA-A13667AE6218}] Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}] WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] ==== HijackThis Entries ====================== R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [brStsWnd] "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun O4 - HKLM\..\Run: [avast] "F:\Systeem\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Systeem\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - F:\Systeem\Avast\AvastSvc.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) ==== Silent Runners ======================

Goedemorgen! Zoals al een aantal mensen voor mij kom ik niet af van de 'Mislukt - Virus gedetecteerd' boodschap, die sinds korte tijd verschijnt bij het downloaden van bestanden. Dit is echter enkel het geval in Google Chrome, terwijl IE nog zonder haperen werkt. Op basis van de eerdere posts voor mij heb ik de volgende programma's al een keer hun gang laten gaan: - HiJackThis - Avast Antivirus - ComboFix - CCleaner - ADWcleaner - AVGremover - Malwarebytes Anti-Malware Dit alles nadat ik zowel AVG als Chrome had verwijderd. (Chrome ondertussen weer geïnstalleerd om te controleren of het probleem verholpen was) Log HiJackThis: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 9:57:51, on 17/05/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19418) Boot mode: Normal Running processes: C:\Systeem\DAEMON Tools Lite\DTLite.exe C:\Windows\SysWOW64\CtHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe F:\Systeem\Avast\AvastUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe F:\Temp\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [brStsWnd] "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun O4 - HKLM\..\Run: [avast] "F:\Systeem\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Systeem\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MI1933~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - F:\Systeem\Avast\AvastSvc.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 9386 bytes Log ComboFix: ComboFix 13-05-16.02 - Bart De Laat 17/05/2013 9:27.3.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.4094.2838 [GMT 2:00] Gestart vanuit: c:\users\Bart De Laat\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: AVG Anti-Virus Free *Disabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82} AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: AVG Anti-Virus Free *Disabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-17 to 2013-05-17 )))))))))))))))))))))))))))))) . . 2013-05-17 07:34 . 2013-05-17 07:38 -------- d-----w- c:\users\Bart De Laat\AppData\Local\temp 2013-05-17 07:34 . 2013-05-17 07:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-05-17 07:34 . 2013-05-17 07:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-17 06:53 . 2013-05-17 06:53 -------- d-----w- c:\users\Bart De Laat\AppData\Roaming\Malwarebytes 2013-05-17 06:53 . 2013-05-17 06:53 -------- d-----w- c:\programdata\Malwarebytes 2013-05-17 06:53 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-05-17 06:43 . 2013-05-17 06:43 125 ----a-w- c:\windows\DeleteOnReboot.bat 2013-05-16 12:35 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E2695296-B6A7-4B2A-8F89-1B08716914CD}\mpengine.dll 2013-05-16 09:46 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2013-05-16 09:46 . 2013-05-09 08:59 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys 2013-05-16 09:46 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-05-16 09:46 . 2013-05-09 08:59 59144 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2013-05-16 09:46 . 2013-05-09 08:59 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-05-16 09:46 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-05-16 09:46 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-05-16 09:46 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-05-16 09:46 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe 2013-05-16 09:46 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr 2013-05-16 09:44 . 2013-05-16 09:46 -------- d-----w- c:\programdata\AVAST Software 2013-05-15 07:23 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-05-08 20:09 . 2013-05-08 20:09 -------- d-----w- c:\users\Bart De Laat\AppData\Local\Windows Live Writer 2013-05-08 20:09 . 2013-05-08 20:09 -------- d-----w- c:\users\Bart De Laat\AppData\Roaming\Windows Live Writer 2013-05-02 11:19 . 2013-05-02 11:20 -------- d-----w- c:\program files (x86)\Google 2013-05-01 19:15 . 2013-05-01 19:15 -------- d-----w- c:\users\Bart De Laat\AppData\Roaming\RStudio 2013-05-01 13:15 . 2013-05-01 19:15 -------- d-----w- c:\users\Bart De Laat\AppData\Local\RStudio-Desktop 2013-04-29 08:39 . 2013-04-29 08:38 311200 ----a-w- c:\windows\system32\javaws.exe 2013-04-29 08:39 . 2013-04-29 08:38 971680 ----a-w- c:\windows\system32\deployJava1.dll 2013-04-29 08:39 . 2013-04-29 08:38 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-04-29 08:39 . 2013-04-29 08:38 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-04-29 08:39 . 2013-04-29 08:38 188832 ----a-w- c:\windows\system32\javaw.exe 2013-04-29 08:39 . 2013-04-29 08:38 188320 ----a-w- c:\windows\system32\java.exe 2013-04-29 08:38 . 2013-04-29 08:38 -------- d-----w- c:\program files\Java 2013-04-29 07:40 . 2013-04-29 07:38 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFABE1AB-CFDD-4AE2-8CF3-B4EDB400890D}\gapaengine.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-16 09:27 . 2006-11-02 12:35 75016696 ----a-w- c:\windows\system32\mrt.exe 2013-05-02 15:29 . 2011-02-18 13:21 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-03-31 11:54 . 2013-03-31 11:54 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll 2013-03-11 13:33 . 2013-04-10 08:31 4691304 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-09 04:16 . 2013-04-10 08:31 85504 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-09 01:48 . 2013-04-10 08:31 75264 ----a-w- c:\windows\system32\smss.exe 2013-03-08 04:18 . 2013-04-10 08:31 451072 ----a-w- c:\windows\system32\winsrv.dll 2013-03-08 04:17 . 2013-04-10 08:31 2425344 ----a-w- c:\windows\system32\mstscax.dll 2013-03-08 03:52 . 2013-04-10 08:31 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll 2013-03-03 19:13 . 2013-04-10 08:31 1513320 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-02-25 22:32 . 2013-02-25 22:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll 2013-02-25 22:32 . 2013-02-25 22:32 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll 2013-02-25 22:32 . 2013-02-25 22:32 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2013-02-25 22:32 . 2013-02-25 22:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll 2013-02-25 22:32 . 2010-07-10 04:38 2826040 ----a-w- c:\windows\system32\nvapi64.dll 2013-02-25 22:32 . 2012-02-16 18:16 1814304 ----a-w- c:\windows\system32\nvdispco64.dll 2013-02-25 22:32 . 2010-07-10 04:38 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll 2013-02-25 22:32 . 2013-02-25 22:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2013-02-25 22:32 . 2013-02-25 22:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll 2013-02-25 22:32 . 2013-02-25 22:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll 2013-02-25 22:32 . 2013-02-25 22:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll 2013-02-25 22:32 . 2013-02-25 22:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll 2013-02-25 22:32 . 2013-02-25 22:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll 2013-02-25 22:32 . 2013-02-25 22:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2013-02-25 22:32 . 2013-02-25 22:32 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll 2013-02-25 22:32 . 2013-02-25 22:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2013-02-25 22:32 . 2013-02-25 22:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll 2013-02-25 22:32 . 2013-02-25 22:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll 2013-02-25 22:32 . 2013-02-25 22:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2013-02-25 22:32 . 2013-02-25 22:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\systeem\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AsioThk32Reg"="CTASIO.DLL" [2010-03-18 47104] "CTHelper"="CTHELPER.EXE" [2010-03-18 19456] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "BrStsWnd"="c:\program files (x86)\Brownie\BrstsW64.exe" [2009-06-11 3695416] "avast"="f:\systeem\Avast\avastUI.exe" [2013-05-09 4858968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-05-02 11:20 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-05-16 c:\windows\Tasks\avast! Emergency Update.job - f:\systeem\Avast\AvastEmUpdate.exe [2013-05-16 08:58] . 2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 11:19] . 2013-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 11:19] . 2013-05-17 c:\windows\Tasks\User_Feed_Synchronization-{33A3981A-5A77-48A8-AE69-14DB8EBE9771}.job - c:\windows\system32\msfeedssync.exe [2013-05-15 06:40] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58 133840 ----a-w- f:\systeem\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 2345848] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MI1933~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.130.2 195.130.131.2 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-646492008-2405596893-3632786542-1000\Software\SecuROM\License information*] "datasecu"=hex:e4,f8,60,28,f5,79,1c,6e,50,28,ba,9a,3e,3b,60,4e,78,c5,f4,69,fe, 10,00,1c,e4,55,df,d4,66,9f,c9,0b,76,58,d3,af,43,c8,e2,f4,76,9e,62,11,99,7b,\ "rkeysecu"=hex:e1,d2,3e,30,ee,65,9b,1c,5d,bb,f1,4f,65,fe,57,d2 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe f:\systeem\Avast\AvastSvc.exe c:\windows\SysWOW64\CtHelper.exe c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe . ************************************************************************** . Voltooingstijd: 2013-05-17 09:42:18 - machine werd herstart ComboFix-quarantined-files.txt 2013-05-17 07:42 ComboFix2.txt 2013-05-02 09:15 . Pre-Run: 5.609.308.160 bytes beschikbaar Post-Run: 4.961.198.080 bytes beschikbaar . - - End Of File - - 2CC0E675E0EB15B2E38F6A8925DC28F5 Log AdwCleaner ([R1]): # AdwCleaner v2.301 - Verslag gemaakt op 17/05/2013 om 08:42:08 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (64 bits) # Gebruiker : Bart De Laat - PC-BART # Opstarten Modus : Normale modus # Gelanceerd vanaf : F:\Temp\adwcleaner.exe # Optie [Zoeken] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Aanwezig : C:\Users\Bart De Laat\AppData\LocalLow\boost_interprocess ***** [Register] ***** Sleutel Aanwezig : HKCU\Software\Conduit Sleutel Aanwezig : HKCU\Software\YahooPartnerToolbar Sleutel Aanwezig : HKLM\Software\Conduit ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.19418 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [969 octets] - [17/05/2013 08:42:08] ########## EOF - C:\AdwCleaner[R1].txt - [1028 octets] ########## Log AdwCleaner ([s1]): # AdwCleaner v2.301 - Verslag gemaakt op 17/05/2013 om 08:43:22 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (64 bits) # Gebruiker : Bart De Laat - PC-BART # Opstarten Modus : Normale modus # Gelanceerd vanaf : F:\Temp\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Verwijdert bij het opstarten : C:\Users\Bart De Laat\AppData\LocalLow\boost_interprocess ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\YahooPartnerToolbar Sleutel Verwijdert : HKLM\Software\Conduit ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.19418 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [1097 octets] - [17/05/2013 08:42:08] AdwCleaner[s1].txt - [1056 octets] - [17/05/2013 08:43:22] ########## EOF - C:\AdwCleaner[s1].txt - [1116 octets] ########## Log Mbam: Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.05.17.03 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 8.0.6001.19418 Bart De Laat :: PC-BART [administrator] Bescherming: Uitgeschakeld 17/05/2013 10:02:20 mbam-log-2013-05-17 (10-02-20).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 239155 Verstreken tijd: 2 minuut/minuten, 32 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) ---------------------------------------------------------------------------------- Misschien ook belangrijk: Sinds de eerste scan van Avast (in de veilige modus) is de computer onstabiel, wat dan leidt tot een blauw scherm. Dit lijkt niet altijd na dezelfde tijd te gebeuren. Alvast heel erg bedankt voor hulp! Bart